Live OneCare Backups
I would like to set up my laptop to back up ONLY on weekdays to my work
network. I seem to be able to do 7 days, but not 5. Can this be adjusted?
James
jlatour2002@msn.com Tag: 1yz.info - Anonymous Proxy Tag: 96045
Decrypting a small byte string w/ CryptDecrypt
I want to encrypt ciphertext with a public key and decrypt it with a private
key. The performance impact is acceptable since I'm dealing with a very
small payload.
I have a curious problem using CryptDecrypt (w/ a public key) against a byte
blob previously encoded with CryptEncrypt (w/ a private key). The key pair
I'm using comes from a call to CryptAcquireCertificatePrivateKey against a
certificate store. I can hex dump the private/public keys so I know they're
present in the key handle. I keep getting a NTE_BAD_KEY error. I notice the
ALG_ID on the key pair is AT_SIGNATURE. I tried force the type to CALG_KEYX
to get it to be AT_KEYEXCHANGE but I get "invalid type error".
Am I hitting an international limitation in the software or do you think i
have a defect in my code??? Tag: 1yz.info - Anonymous Proxy Tag: 96038
Freedom.exe and disabled Internet Explorer and Desktop
I ran a free-trial version of Verizon PC Security Checkup. It id'd 30
instances of spyware. After removing them, I rebooted. I can no longer
bring up the Control Panel, My Computer, Explorer, or any folders on the
desktop. I get a "Fatal Error - Cannot start Freedom, because the
"Resource" directory or one of its sub-directories is missing. Please try
re-installing Freedom." Internet Explorer 7 also hangs, but doesn't generate
the error. (Firefox doesn't appear to be affected.) Verizon tech support has
been polite, but not very helpful. Any suggestions? I run XP on a desktop
HP. Tag: 1yz.info - Anonymous Proxy Tag: 96034
oakley.log
Hi,
the L2TP/IPSec connection to our ISA Server suddenly stopped working (only
PPTP is possible any more). I enabled oakley.log logging to find the error,
but there are some different messages starting with "failed" but no one
results in an error. Finally the connection is ended with "IKE SA deleted
before establishment completed".
I have got:
failed to get chain 80092004
Could not find the peer list entry
Can anybody help me?
Regards,
Dagmar Tag: 1yz.info - Anonymous Proxy Tag: 96025
Credit Card Details
If sensitive information (such as a credit card) has to be saved to a
database then there is a duty of care to protect this information.
If the data is saved in plain text, then there is a concern that a hacker
gaining access to the server will therefore gain access to the credit card
data.
One option is therefore to encrypt it. This means that the data is stored
on the server in an encrypted format. However, at some stage, the software
will legitimately need to decrypt the data in order to use this information.
To achieve this, it has to have access to the key to decrypt the
information. If the software has access to this decryption key then surely
so will any hacker. It would be equivalent to buying a secure safe and
hanging the keys next to it.
There must be a more secure implementation - could someone describe it>
Many thanks
Griff Tag: 1yz.info - Anonymous Proxy Tag: 96018
How to detect antivirus software on a system
I am preparing an installer. Pre-requisite for this installer is to
check if any anti-virus software is installed on the machine. If so
then show a message to the user saying - Detected anti-virus software
in the system. please stop the anti-virus software services and then
proceed with the installation.
Does any one know if there is any Windows API or some registry from
which i can know that some anti-virus software is installed on the
system?
The installer i am preparing will be installed on Win2K3 and Win XP
machine.
Thanks... Tag: 1yz.info - Anonymous Proxy Tag: 96016
Windows 2003 - svchost.exe trying to access the Internet
the IP Addresses that it tries to connect are:
209.221.135.134
209.221.135.136
199.93.55.123
Does anybody know what these IP addresses are? I can't find any info
for these hosts.
Thanks... Tag: 1yz.info - Anonymous Proxy Tag: 96014
Recommendations for use of Policy CA in small PKI solutions
Hi
I am considering updated Pros and Cons about having Policy CA's as a
separate level in the CA hierarchy as opposed to having it in a combined role
together with issuing CA's.
In almost all the PKI cases I have been involved in so far, we only have two
or three levels in the CA hierarchy with or without HSM modules.
Three level CA solution : Offline Root, Offline Policy CA and two issuing CA's
Two level CA solution: Offline Root, Two or more Issuing CA
I am wondering if the use of the Policy CA is overkill in such rather small
designs
- if the Policy CA does not make use of qualified subordination using
policy.inf or cross-certification with other companies CA, could you say that
the use of a policy CA is overkill?
- if the Policy CA is being used with or without qualified subordination
specified in a policy.inf file, would it be ok to have the policy CA online
as part of the domain, even though it would be a standalone sub-CA. This
would make it a lot easier to manage.
- Is it possible at all to have the policy CA being standalone, non-domain
and still be able to use the qualified subordination features? It seems that
the signing of qualified subordination requires v2 templates which are
normally only available on an enterprise OS and Enterprise CA?
We typically restrict which Issuing CAs are able to issue which certificates
based on which CA's the templates are published on and together with
permissions on the templates, this is often enough, when the hierarchy is as
small as mentioned and especially when only a few number of persons
administers the CA's in a given company.
Thanks in advance for any inputs/thoughts on this subjects. Links to white
papers about the use of Policy CA's with pros and cons would be appriciated.
kind regards
Claus
--
Claus Jespersen
WM-data Denmark Tag: 1yz.info - Anonymous Proxy Tag: 96008
Expire or not expire?
Hello,
Help me to solve this dilema. What scenario is more secure?
1. I apply policy to change their passwords every 2 months.
2. I apply policy that passwords are never expired.
In first scenario half of users will store their passwords on stickers and
that confuse me.
Thank for any suggest! Tag: 1yz.info - Anonymous Proxy Tag: 95988
HOTMAIL, ACCESS 2007 SECURITY ISSUE
have a Hotmail email account which I use with MSN EXPLORER as my mail
handler. I have an application written with Access 2007. I have downloaded
the software for viewing and using .snp formatted files from MSN website.
I created several reports in Access 2007 and want to email them to several
people in .snp format. My Browser, or Email Server I cannot tell which or
why "Blocks" .snp formatted files. I cannot find a swithch or Microsoft
doesn't seem to know why their software considers their software "UNSAFE".
Does anyone know how to make this work. It works if you are not using
Hotmail or MSN Webmail. it works with Earthlink to many various email
servers by Not Microsoft's go figure. Tag: 1yz.info - Anonymous Proxy Tag: 95965
Something Not Rigth!
Anti virus scanners that scan software are one thing, but what about virus'
that are flashed into the soft memory or other micro chips within a computer
and hibernate there and execute at any time when the system is rebooted?
Antiviral programs and malware removal programs only scan the physical hard
drive and sometimes (if you have a good malware remol tool) deep scan the
RAM memory for malicious software. What happens when other memory modules
become infected and launch at system startup?
Something to ponder for the holidays...
Season's Best!
Elaine Beauxrauxgard-Weiderhoff Tag: 1yz.info - Anonymous Proxy Tag: 95960
Need for SSL?
I'm having a debate with a co-worker about the need for SSL. The debate
originates from our need to provide external access to our SharePoint 2007
farm. We agree that we need to put the outfacing SharePoint farm in a DMZ to
isolate it from our intranet.
I say that we also need to make SSL part of the solution (using an SSL VPN
or ISA Server box with an SSL cert) if for no other reason than to encrypt
logon credentials.
He says that we can just create a NAT to the SharePoint server and allow
HTTP through port 80 and be done with it because "man-in-the-middle" attacks
are pretty much a thing of the past. He says further that the greater risk
with exposing resources to the Internet these days is from trojans and the
like on external PCs.
All the Microsoft best practices and model topologies for exposing
SharePoint include SSL. What do you think? Am I overstating the need? Tag: 1yz.info - Anonymous Proxy Tag: 95956
AD Startup Script Containing Password
Hello -
I have a batch file that runs a dsmove command that needs authentication of
a user that has control of 2 very small OUs. I happen to be that user, so
the batch file contains my password. I want to run this as a machine startup
script. For testing, I temporarily put this in the respective subfolder of
Sysvol and I removed my password after every testing session. However, I
also changed the permissions to the batch file to:
System - Full
Me - Full
Domain Computers - Full
Enterprise Domain Controllers - Full
I realize a Domain Admin would be able to him/herself access if they wanted
to. Other than that, is there any risk with the above permissions? I don't
see how there could be, but I may be missing something.
By the way, before putting this into production, I will delegate control of
the OUs to a service account and use those credentials in the batch file
instead of mine.
Thanks. Tag: 1yz.info - Anonymous Proxy Tag: 95955
Excel spreadsheet disapear on the network
Hi,
I have a critical excel spreadsheet on my network, a couple of user have the
write access on that file, someone is deleting that file and then the
production is stop.
I had to restore that file 3 times this week.
how can I know who is delete that file, is there an audit that I can do, or
even a third party software that I can use??
thank you for your help it is pretty urgent! Tag: 1yz.info - Anonymous Proxy Tag: 95939
Account Lockout event log only recorded ... sometimes
Hello,
I've got my policy set up on Account Management success and Failure and I
have been getting records in the event log when user accounts lock out (a
644 event) and I still get them, but it seems to be a hit-or-miss thing
recently. If I weren't getting any, I would think the policy wasn't right,
but it's an intermittent issue. I know about the event log bug, and I
archive the logs with a VBscript every night so they don't get too big and
start dropping them, but there is at least one account, and probably more,
that is not recording the event of its locking out, and I need to see those
so I can inform the developer the originating machine name.
Any ideas? Tag: 1yz.info - Anonymous Proxy Tag: 95938
70 GB of Files I can't Find
Hi all,
When I check the individual folder properties on the main hard disk on my
system, I can find 30 GB of data on a fairly new installation of Windows
Vista Ultimate. However, when I check the properties for the disk itself
(with the pie chart), I see 100 GB of data taking up space on a 500 GB hard
disk. I run scans regularly, the antivirus and antimalware software is
updated daily, and I don't go to any internet sites that are considered
hazardous. Does anyone know what might cause the disparity of 70 GB?
Thanks,
MBO Tag: 1yz.info - Anonymous Proxy Tag: 95937
I have TWO iexplore.exe's running -- why?
Hello,
In determining why my system's been acting up (running slow, prohibiting
"backspace" from deleting characters backwards in Excel, e.g.), I discovered
in the Task Manager that there were TWO iexplore.exe's running. After
Googling it, it says one version is a legit process that runs w/ IE.
However, elsewhere it says it could be a Trojan. I can't tell where the
process is running from, from the Task Mgr, or whether I should kill one.
I have multiple IE (version 7) windows running -- do I get an iexplore per
window?
I ran UniBlue Registry Booster, but it [free version] just fixed 15 of my
about 500 registry errors.
Please advise...
Thanks!
Mark H.
--
Science-based nutrition! See TIOEnterprises.net Tag: 1yz.info - Anonymous Proxy Tag: 95929
Cannot input certain keystrokes when leaving PC up over night.
I'm using Windows XP, SP2 and the oddest thing. After leaving the PC up for
awhile I lose the ability to input certain keystrokes into fields. The keys
are THCS to name a few. I am not able to type them into browser fields,
excel fields etc. If I bring up notepad they type fine. I usually end up
rebooting. I've scanned high and low for viruses and trojans, nothing. Has
anyone seen anything this bizarre. Its quite annoying. Tag: 1yz.info - Anonymous Proxy Tag: 95928
Publish CRL with a CNAME
Hello,
I want to publish my CRL on a webiste using a DNS CNAME. I wonder if
it is compatible with protocol that check certificate chain. What do
you think about ?
Regards,
--
P.J.A. Tag: 1yz.info - Anonymous Proxy Tag: 95925
Root CA on a VM
Hello,
I wonder if it a good idea. I want to install my root CA on a Virtual
Machine, and burn virtual hard drive into a DVD. It's more handy for
me than use a dedicated hardware.
What do you think about this way ?
Regards,
--
P.J.A. Tag: 1yz.info - Anonymous Proxy Tag: 95924
Users cannot modifie files with disable option delete subfolders f
SO: sbs windows 2003
one share folder that i want remove possibility of deleting files, I had
disable the security option in special permissions delete subfolders files.
But when the user try to change documents, he cann't save it and generate
temp files.
I f I active this option the user can delete files too
Any idea?
thanks
regards Tag: 1yz.info - Anonymous Proxy Tag: 95919
Users cannot connect from external domain.
- We have users from an external Domain (DomainB) that can no longer connect
to a file share on a server in our Domain (DomainA).
- Both Domains have outgoing external trusts setup to each other, which have
both been validated and are working OK.
- DomainB users logon to their own domain, then connect though a drive
mapping, and enter their DomainB credentials and connect to Server1\fileshare
in our DomainA.
- Server1 at this point gets two identical Security Event Log Audit Failure
events for each attempt as follow â??
- Sourceâ??Security, Category-logon/logoff, EventID-537, user-NT
AUTHORITY\SYSTEM
- Logon Failure:
Reason: An error occurred during logon
User Name: DomainBUser1
Domain: vtx-alt
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: DomainBWorkstation1
Status code: 0xC000005E
Substatus code: 0x0
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 172.2x.4x.1xx
Source Port: 0
- The DomainB\group that has permissions to the share on Server1 can still
be seen on the folders with the correct rights assigned, BUT if an attempt is
made to add the same DomainB\group to another folder on Server1, whilst
DomainB can be seen in the Locations box, it cannot resolve the group and
cannot be added.
- The above has been tested for other file servers in various VLans in
DomainA, and none can resolve or add the DomainB\group.
- 2 Domain Controllers from the same VLan as Server1, however, can resolve
and add DomainB users & groups OK. And when a user from DomainB maps a drive
and connects to a test share to which the DomainB\group has permissions to on
these Domain Controllers, they can do so with their DomainB credentials, and
all works as expected.
- The two DCâ??s are in the same VLan as Server1, and they have the same DNS
etc settings,
- I believe these two DCâ??s hold the trust for DomainA to DomainB
- Network team have confirmed that there are no Firewalls in place between
DomainA & DomainB, and all servers on the Vlan that Server1 and the two DCâ??s
are on are treated in exactly the same way.
- There are no failed logon attempts on the DCâ??s from DomainB.
Hope that all makes sense, and any help hugely appreciated! Tag: 1yz.info - Anonymous Proxy Tag: 95917
Today: Q&A with Security MVP Expert Chat
Hello everyone,
You are invited to join our public chat on December 11th.
Security Chat:
Q&A With the Security MVP Experts
We invite you to attend a Q&A with the Microsoft Security MVPs. In this chat
the MVP experts will answer your questions regarding online safety issues
such as phishing, spyware, rootkits as well as server related topics. If you
have questions on how to protect your PC, please bring them to this
informative chat.
When: December 11th at 4pm PDT
Where: TechNet Chat Room
www.microsoft.com/technet/community/chats/chatroom.aspx
Password: Public Chat no password required
We are also holding similar chats for Exchange Server if anyone is
interested. For more information on the Security and Exchange chats and an
add to calendar file, please vistit
http://www.microsoft.com/communities/chats/default.mspx
Exchange Chats:
Q&A With the Exchange MVP Experts
We invite you to attend a Q&A with the Microsoft Exchange Server MVPs. In
this chat Exchange MVPs will be on hand to answer your questions about
Exchange Server, Outlook and Exchange for Small Business Server. So if you
are thinking of upgrading to Exchange Server 2007 or have questions about
Exchange Server 2003 we hope you can join us for this informative online
chat!
Chat 2: December 12 at 5pm PDT
Where: TechNet Chat Room
www.microsoft.com/technet/community/chats/chatroom.aspx
Password: Public Chat no password required
--
Melissa Travers
MVP Lead | Microsoft Exchange Server,
Virtual Machine, Windows Security,
Windows Server: Clustering, DPM,
Directory Services, ISA Server & MIIS.
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights. Tag: 1yz.info - Anonymous Proxy Tag: 95913
Hacked!!! Question on port 137
I've recently had my linksys befsx41 router hacked.
I've installed a packet sniffer and am watching the logs. Im noticing a
random UDP Packet being sent out port 137 from my XP pro box. Its going to a
few addresses in asia. Should I be overly concerned with this? It happens in
safe mode which strikes me as odd. No viruses, trojans etc found.
Thanks in advance,
Ralph Gustavsen Tag: 1yz.info - Anonymous Proxy Tag: 95910
Create certificate with makecert for LDAPS on a DC ?
Hi,
I would like to use LDAPS on my DC.
I have already read this article :
http://support.microsoft.com/default.aspx/kb/321051 ...
but I am not able to create my self-signed certificate with certreq as
I dont have any CA in my domain to submit the "request.req" file.
So I tried to create my own certificate with makecert by using this
command :
"makecert -r -pe -n "CN=FQDN_OF_DC.domain.local" -b 01/01/2000 -e
01/01/2036 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange
-sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12"
The certificate is created in Personal\Certificates (under Computer)
but when I watch the certificate status, I have a warning saying :
"This CA Root certificate is not trusted because it is not in the
Trusted Root Certification Authorities store.".
When I try to connect (locally)to my LDAPS using ldp.exe , I have an
error "Error <0x51>: Fail to connect to FQDN_OF_DC.domain.local."
Do you think I have this problem because of the fact the certificate
that I have created has not been delivered by a Trusted root CA store ?
Is there a way to bypass this limitation by creating a self signed
certificate for my DC that will let me try to use LDAPS ?
Thank you :)
P.S: Sorry for my english ;-)
--
bigstyle
MVP Windows Server - Directory Services
MCSE 2000/2003 Security Tag: 1yz.info - Anonymous Proxy Tag: 95909
lookupaccountname and workgroups
hello,
i asked this question in win32.programming.networks but got the advice to
try here, so here we go...
my basic problem is, when im calling LookupAccountName on a process running
as localsystem when not member of a domain (i.e., the machine is in a
workgroup) it returns 1332: no mapping between account names and security ids
was done.
i have been experimenting a bit using a small program similar to this
pseudo-c++:
string username
GetUserNameEx (NameSamCompatible, username, username.length)
print (username)
string domainname
// the sid things here are out parameters not relevant for my example
if (LookupAccountName (NULL, username, sidbuf, sidbuf.length, domainname,
domainname.length, sidthing)) {
print (domainname)
} else {
print (geterror ())
}
when running as user on a machine on a domain i get:
username: mydomain\jdoe
domainname: mydomain
running as localsystem on a domain i get:
username: mydomain\mycomputer$
domain: mydomain
but, running as user on a machine in a workgroup i get:
username: mycomputer\jdoe
domain: mycomputer
and finally, running as localsystem when in a workgroup i get:
username: workgroup\mycomputer$
domainname fails with 1332 as noted above
an interesting side note is that the domain part of the username differs in
the last two examples...
after some trial and error i discovered that if i removed the domain part
and the trailing $ from the username the call to lookupaccountname succeeds,
but returns the same domainname as username (e.g., mycomputer in the example
above).
do i have to make a condition like if (in_workgroup && localsystem) { ... }
or have i got something else wrong here?
regards,
lars Tag: 1yz.info - Anonymous Proxy Tag: 95907
problem with EFS Recovery agent
4 month ago, i have implemented a certificate autority on my domain and i
have create one EFS Recovery Agent.
i have deployed many certificates for my users and the efs recovery agnet
work fine for these months.
today, i have make a change to my "User" certificate in the security tab, i
have deployed the updated template to one user and i have tested the recovery
of crypted data with my begening "efs recovery agent" certificate. now, i'm
unable to recover file with this certificate... Why??? i need to know why my
EFS Recovery Certificate does not work after the change. (the only thing i
have change is to enable the autoenrollment for this user).
for security, i need to have a fonctional EFS Recovery Agent
Thanks. Tag: 1yz.info - Anonymous Proxy Tag: 95903
File xfer security
Hello,
How can I securely transfer files using a recordable CD from one XP to the
other.
The XP Pro's native file encryption works only in the same HD. The moment
the file is copied to any other media it disables its security feature.
Is there any Microsoft product or a Freeware software that does not expire
nor has a number of files limitation for this purpose?
Thanks
Jim Tag: 1yz.info - Anonymous Proxy Tag: 95902
SAMR OpenUser fails with C0000022
Hi everybody!
A customer of ours operates an AD with one domain and a couple of subdomains
spread over few dozens AD-Servers across their intranet. On one of the member
servers (W2003) in their HQ there is an application that authenticates users
from several sub domains against the respective AD-Servers (W2000). For users
from some of the subdomains, the authentication works, for at least three of
the subdomains the authentication fails.
I do not have source code access for this application but I captured the
network traffic and it seems like the SamrOpenUser request gets a c0000022
(STATUS_ACCESS_DENIED) response from the subdomain controllers.
We checked the ACL on the "user" object in the AD - it had sufficient access
rights for a read access set. Also, a object access audit on the AD "user"
object showed no failure.
What other settings can cause a STATUS_ACCESS_DENIED response for the
SamrOpenUser request? Tag: 1yz.info - Anonymous Proxy Tag: 95900
Security Configuration Wizard
Hello,
can I use the System Center Configuration Manager 2007 to substitution the
SCW?
regard
Thomas Tag: 1yz.info - Anonymous Proxy Tag: 95898
Group Policy script protection
We have an environment with 17,000 pc's which we periodically change the
local administrator password with a vbscript using group policy.
Does anyone know a way to hide the new password in the script in case a user
navigates to the policy script file and opens it and reads it?
We have tried the MS script encoder to change the vbs file to vbe but there
is simple code on the internet that enables you to read it anyway. Tag: 1yz.info - Anonymous Proxy Tag: 95887
computer restart again and again - does not start even in safe mod
Sir,
> FOR my computer, I have installed dual Operating System, WINDOWS XP, in C &
> D drive. On start up of my computer through C drive system, it boots upto
> WINDOWS screen, then instead to go to windows welcome screen, it restarts
> again and again. I canâ??t even get it working on 'safe mode'.
> On other OS i.e. in D drive my computer works normally. Through D drive OS,
> I had scanned full computer, by UPDATED Antivirus AVG & NORTON. But problem
> of startup through C drive does not resolved.
> ON C drive boot up, selection it restarts each time. PLEASE INFORM ME what
> has gone wrong with my OS in C drive and HOW TO RESOLVE the PROBLEM?
> MY Email contact: gjanklesaria@hotmail.com
> Thanks
> G J ANKLESARIA
> Tag: 1yz.info - Anonymous Proxy Tag: 95886
Computer Certificate Private Key
By default, if i set up auto enrollment for computer certificate, i can from
computer export private key.
What would happened, if i import these key to different computer.
If I use different computer and i tried to authenticate, to IAS, would it
exempted as valid ? Tag: 1yz.info - Anonymous Proxy Tag: 95885
Norton Anti virus update
Norton prompted me to update the anti virus system. When I did that and tried
to restart the computer, it freezes and won't let me start in anything other
than "safe mode". Norton uninstalled the software & it is still happening.
Any ideas?
--
Mary B Tag: 1yz.info - Anonymous Proxy Tag: 95877
Your user profile was not loaded correctly using Vista Business
I have a 'strange' problem trying to login to an SBS2003 domain using a new
Vista Business workstation using a specific domain account. When I use this
account I get a popup with 'Your user profile was not loaded correctly. You
have been logged in using a temporary profile. Any changes made to this
profile will be lost when you logout. Contact your administrator.' When I
login using any other domain account, I can login OK.
I have tried the following:
-Used an account with identical domain group memberships as the 'bad' account
-Removed the 'bad' account profile on the Vista workstation
-Removed/Rejoined the Vista workstation to the domain
Anyone else see this?
-Removed/Rejoined the Vista workstation to the domain after removing the
profile Tag: 1yz.info - Anonymous Proxy Tag: 95876
Certificate request only 2 years
How can extend certificate request for more than two years for computer
certificate.
I have Enterprise Ca that is valid for 10 years, but computer certificate is
only valid for two years.
I have windows 2003 RS Standard server, and I have Enterprise CA.
Enrolment is only for V1 certificate. If I edit template for Computer
Certificate, than it become v2, and I can not use it, for enrolment. Tag: 1yz.info - Anonymous Proxy Tag: 95867
Web enrollment, only web server template
I have CA Windows 2003 R2 Standard with Enterprise CA.
When I go to : http:\//localhost/certsrv, I can chose only web certificate ?
How can I add other certificates ? Tag: 1yz.info - Anonymous Proxy Tag: 95866
fastest proxies!
Hi all,
here are some new and fast proxies :
www.gotfiles.org
www.g0tbored.com
www.isbored.net
Happy surfing! Tag: 1yz.info - Anonymous Proxy Tag: 95863
D-Link DI-624 setup
I have the subject router installed and use a direct
connection (LAN)to my desktop. I never set up a password for
the wireless connection. I now have a laptop and want to use
the wireless capability.
I don't have any installation CD (don't even know if there
was one)
How do I set this up so that only someone with the proper
password can access the wireless network? Tag: 1yz.info - Anonymous Proxy Tag: 95860
Error: 0x00000046 - when requesting certificates
Hey,
We have an internal PKI utilising an offlint root and policy server, and an
AD integrated enterprise issuing server. We've distributed our root
certificate via a GPO to all workstations/servers in AD.
We have a number of certifcate templates for SSL certs. We permission these
with Role groups to define who can request and modify the certs.
We have one problematic box, when requesting a certificate via
servername\certsrv we get a permission denied error:
"An error occurred while creating the certificate request. Please verify
that your CSP supports any settings you have made and that your input is
valid.
Suggested cause:
You do not have write permission to save the file to the path
Error: 0x00000046 - Permission Denied"
The request is for a generic SSL certificate so that a secure channel can be
used to communicate between 2 boxes. The certificate request never reaches
the enterprise issuing server (no record of failed request). The error
message indicates a permission issue, but the way we permission the templates
is such that you wont see the cert via the web interface if your not a member
of the group which can request this certificate type. The user requesting the
certificate is a member of builtin\administrators of the box requesting the
certificate.
Anyone have any suggestions? Tag: 1yz.info - Anonymous Proxy Tag: 95854
Shutdown (instead of Reboot) on recent Security Update
Last Security Update required a complete Shutdown.
In the past, only a Reboot was required.
Never had to Shutdown before, to install a Security Update.
Something not right here? Tag: 1yz.info - Anonymous Proxy Tag: 95850
Failure Audit Error 529
Hi,
We are getting the below mentioned event error in one of our exchange
server,which is running on windows 2003 sp1.
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 12/3/2007
Time: 6:44:33 PM
User: NT AUTHORITY\SYSTEM
Computer: SGHXCH01
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: test11
Domain: India
Logon Type: 3
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: SGHXCH01
Caller User Name: SGHXCH01$
Caller Domain: IND
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 612
Transited Services: -
Source Network Address: -
Source Port: -
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
The "test11" user not there in our ADS
Please let me know the resloution for this error, it's some one is hacking
or virus?
Shaik Tag: 1yz.info - Anonymous Proxy Tag: 95846
security settings - <not defined>
This is a multi-part message in MIME format.
------=_NextPart_000_0006_01C83597.3D4BA2C0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
When reviewing the recommended security settings for XP Professional, =
some settings are shown as <not defined>.
According to Microsoft's Windows XP Security Guide - =
http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/xps=
gch03.mspx
Policy settings that are not specified for specific environments are =
sometimes defined at the domain level, as described in Chapter 2, =
"Configuring the Active Directory Domain Infrastructure." Other policy =
settings that are listed as Not Defined in this chapter (Chapter 3: =
Security Settings for Windows XP clients) are treated in this manner =
because the default value is sufficiently secure for that particular =
environment. Also, undefined policy settings in these Group Policy =
objects (GPOs) facilitate the deployment of applications that need to =
modify settings during installation. For example, enterprise management =
tools may need to assign specific user rights to the local service =
accounts on managed computers. The guidance in this chapter consists of =
recommendations, and you should always carefully consider your business =
needs before you make any changes in your environment.
What if the workstation is a standalone workstation and connecting to =
the Internet. It does not have the GPO pushes either site or domain =
policy to it. What happens to its security?
Any pointers/suggestions are appreciated.
------=_NextPart_000_0006_01C83597.3D4BA2C0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.3199" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2>When reviewing the recommended security =
settings=20
for XP Professional, some settings are shown as <not=20
defined>.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial =
size=3D2>According=20
to Microsoft=92s Windows XP Security Guide - </FONT><A=20
href=3D"http://www.microsoft.com/technet/security/prodtech/windowsxp/secw=
inxp/xpsgch03.mspx"><A=20
href=3D"http://www.microsoft.com/technet/security/prodtech/windowsxp/secw=
inxp/xpsgch03.mspx"><FONT=20
face=3DArial=20
size=3D2>http://www.microsoft.com/technet/security/prodtech/windowsxp/sec=
winxp/xpsgch03.mspx</FONT></A></A></P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial=20
size=3D2></FONT> </P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial =
size=3D2>Policy=20
settings that are not specified for specific environments are sometimes =
defined=20
at the domain level, as described in Chapter 2, "Configuring the Active=20
Directory Domain Infrastructure." Other policy settings that are listed =
as Not=20
Defined in this chapter (Chapter 3: Security Settings for Windows XP =
clients)=20
are treated in this manner because the default value is sufficiently =
secure for=20
that particular environment. Also, undefined policy settings in these =
Group=20
Policy objects (GPOs) facilitate the deployment of applications that =
need to=20
modify settings during installation. For example, enterprise management =
tools=20
may need to assign specific user rights to the local service accounts on =
managed=20
computers. The guidance in this chapter consists of recommendations, and =
you=20
should always carefully consider your business needs before you make any =
changes=20
in your environment.</FONT></P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial=20
size=3D2></FONT> </P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial =
size=3D2>What if=20
the workstation is a standalone workstation and connecting to the=20
Internet. It does not have the GPO pushes either site or domain =
policy to=20
it. What happens to its security?</FONT></P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial=20
size=3D2></FONT> </P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in 0pt"><FONT face=3DArial =
size=3D2>Any=20
pointers/suggestions are appreciated.</FONT></P>
<P class=3DMsoNormal style=3D"MARGIN: 0in 0in =
0pt"> </P></DIV></BODY></HTML>
------=_NextPart_000_0006_01C83597.3D4BA2C0-- Tag: 1yz.info - Anonymous Proxy Tag: 95844
December 11th: Q&A with the Security MVP Experts
Hello everyone,
You are invited to join our public chat on December 11th.
Security Chat:
Q&A With the Security MVP Experts
We invite you to attend a Q&A with the Microsoft Security MVPs. In this chat
the MVP experts will answer your questions regarding online safety issues
such as phishing, spyware, rootkits as well as server related topics. If you
have questions on how to protect your PC, please bring them to this
informative chat.
When: December 11th at 4pm PDT
Where: TechNet Chat Room
www.microsoft.com/technet/community/chats/chatroom.aspx
Password: Public Chat no password required
We are also holding similar chats for Exchange Server if anyone is
interested. For more information on the Security and Exchange chats and an
add to calendar file, please vistit
http://www.microsoft.com/communities/chats/default.mspx
Exchange Chats:
Q&A With the Exchange MVP Experts
We invite you to attend a Q&A with the Microsoft Exchange Server MVPs. In
this chat Exchange MVPs will be on hand to answer your questions about
Exchange Server, Outlook and Exchange for Small Business Server. So if you
are thinking of upgrading to Exchange Server 2007 or have questions about
Exchange Server 2003 we hope you can join us for this informative online
chat!
Held on 2 dates/times
Chat 1: December 5th at 10am PDT
Chat 2: December 12 at 5pm PDT
Where: TechNet Chat Room
www.microsoft.com/technet/community/chats/chatroom.aspx
Password: Public Chat no password required
--
Melissa Travers
MVP Lead | Microsoft Exchange Server,
Virtual Machine, Windows Security,
Windows Server: Clustering, DPM,
Directory Services, ISA Server & MIIS.
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights. Tag: 1yz.info - Anonymous Proxy Tag: 95842
Terminal Services
I am trying to connect to my pc at home from my Pocket PC6700 using terminal
services via the internet or wireless web on my Pocket PC6700. Is that
Possible? And if so, how it that done? Tag: 1yz.info - Anonymous Proxy Tag: 95839
Visit Hyves Myspace YouTube etc. without being blocked by schools,
Company's, ISP's
http://www.1yz.info