Website repuation tool
I came across this little nugget in another discussion group, figure I would share it with the list, since we always are looking at scanning potentially malware/spyware infested files from virustotal.com or jotti, well you can scan websites to see if they are also infected at the following URL. www.urlvoid.com. It links into novirusthanks.com also. Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Applicability of the OSI model (was: Big Changes)
Not sure if it's a downward trend or just way-too-much-MS in our shops. You look up an error and you get 1000 hits, or you go to eventid, and you get 50 things it could be. Our contract gives us unlimited email tickets with MS, so now I just open up tickets. I've had MS dial in for 6-8 hours trying to solve a problem, and they're supposed to know their own products. We've had premium support people looking at things and wondering why the heck we're logging certain errors. We've had eventlogs full of errors, and have MS tell us don't worry about it. So now it's gotten to the point where we just say screw it and don't put too much effort into trying to fix problems. We just open tickets. Our desktop people don't have all day to screw around troubleshooting problems thoroughly anymore either. Image and move on. My son is at a small engineering college. Every student has a school-issued tablet. Their IT staff is just a couple of people. You have a problem, they put in a new HD. They don't really have time to do a lot of troubleshooting. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, May 31, 2010 9:45 AM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) Not likely. Besides, have you not noticed a downward trend in skill levels across the board? We're just not making IT professionals like we used to... -ASB: http://XeeSM.com/AndrewBaker Sent from my Motorola Droid On May 31, 2010 12:31 PM, Jonathan Link jonathan.l...@gmail.com wrote: Sorry, I forgot my smileys. However, though my resposne was sort of tongue in cheek, it sort of wasn't. If you're responsible for maintaining systems developed internally, I would hope you have some involvement with those hiring decisions, such as being part of the interview process and assessing potential candidates a score. While it may be the hiring manager's final say, at least you give yourself the opportunity for the inevitable I told you so. On Mon, May 31, 2010 at 12:23 PM, Erik Goldoff egold...@gmail.com wrote: With all due r... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
AD account - weird problem
Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: AD account - weird problem
The event logs on the workstation(s) and DCs for one... Shook From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Tuesday, June 01, 2010 8:54 AM To: NT System Admin Issues Subject: AD account - weird problem Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.orghttp://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: AD account - weird problem
Are you able to test her access? IE: Log in as her and verify that the problem is not user related? Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.commailto:supp...@sunbeltsoftware.com Voice: 1-877-673-1153 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.commailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Basehttp://support.sunbeltsoftware.com/ Open a New Support Tickethttp://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communitieshttp://www.sunbeltsoftware.com/communities/ From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Tuesday, June 01, 2010 8:54 AM To: NT System Admin Issues Subject: AD account - weird problem Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.orgmailto:richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.orghttp://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: AD account - weird problem
Keyboard got a stuck key? That happens a lot here On 1 June 2010 13:53, richardmccl...@aspca.org wrote: Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: AD account - weird problem
Bad keyboard? From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Tuesday, June 01, 2010 7:54 AM To: NT System Admin Issues Subject: AD account - weird problem Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: AD account - weird problem
Disable the account, get coffee...then re-enable it. I have had a few here and there do what you describe and that fixes it. From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Tuesday, June 01, 2010 7:54 AM To: NT System Admin Issues Subject: AD account - weird problem Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.orgmailto:richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.orghttp://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: AD account - weird problem
Hi Richard, Unless she insisted on taking her keyboard with her to all the other workstations, I think we can rule out a sticky or bad keyboard! Have you tried logging on as the user yourself after having reset her password, rather than relying on her saying it does or doesn't work? I would be inclined to try that. Also, although it should explicitly say that the account has expired if it has, you should check that the account hasn't expired. Let us know how you get on, I'd be interested to find out what it was when you know... Cheers, Andrew On 1 June 2010 22:07, Maglinger, Paul pmaglin...@scvl.com wrote: Bad keyboard? *From:* richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] *Sent:* Tuesday, June 01, 2010 7:54 AM *To:* NT System Admin Issues *Subject:* AD account - weird problem Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. -- Kind regards, Andrew Levicki MCITP:EDST7/EMA/EA,MCSE,MCSA,MCP,CCNA,ITIL ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: AD account - weird problem
Richard, you said She was unable to log into any workstations on our network. This would rule out any local issues on her workstation. You did not mention if you had tried to log on as her. I've seen situations with users who only have to enter the password when logging in because no one else ever logs on to their PC. Over time the forget their login name and enter a wrong one when trying to log in. Alternatively, if someone logged into her PC as a local admin before her next login, she may not even know that she needs to change from a local to domain login. Try logging in as her yourself to eliminate user error. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: James Rankin [mailto:kz2...@googlemail.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Tue, 01 Jun 2010 08:01:31 -0500 Subject: Re: AD account - weird problem Keyboard got a stuck key? That happens a lot here On 1 June 2010 13:53, richardmccl...@aspca.org wrote: Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Applicability of the OSI model (was: Big Changes)
While I don't whip out an OSI stack number, it's not uncommon to be troubleshooting systems interactions and isolate to specific layers (is this a http issue or an IP issue? Can we ARP successfully? Etc...) Again, just because multiple conceptual layers map to fewer layer in practice doesn’t mean those functions don't exist... not to mention that assuming that TCP/IP as implemented in current stacks will forever be the only protocol seems a tad shortsighted, no? -sc -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, May 31, 2010 2:23 AM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) Sigh. Newtonian physics works to several 9's of accuracy, and is good enough for almost everything that humans encounter. That's a whole different beast than the OSI stack, where, unless I'm thoroughly confused, the only thing that's even close to widely used that somewhat follows that model is X.400. Tell me - when was the last time in your memory where you thought something like Oh, this is operating at layer 5 instead of layer 6 or layer 4? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Applicability of the OSI model (was: Big Changes)
When you find some, please send them my way. Thanks. -sc From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, May 31, 2010 12:04 PM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) On Mon, May 31, 2010 at 9:36 AM, Erik Goldoff egold...@gmail.com wrote: Frequently when dealing with some application 'developers' when troubleshooting connectivity or performance issues. I would suggest that you're having a frequent discussion like this with 'developers' you should find some real developers... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: AD account - weird problem
Thanks to all... May never know the reason, but this morning (in the agent's absence) I reset the password yet again. This time I got on (as her) with no issues at all... Too bad she'll need her supervisor to tell her the new password (and how to change it again). Other than that, it is fixed. Again, thanks to all! -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. Bob Hartung bhart...@wiscoind.com wrote on 06/01/2010 08:19:19 AM: Richard, you said She was unable to log into any workstations on our network. This would rule out any local issues on her workstation. You did not mention if you had tried to log on as her. I've seen situations with users who only have to enter the password when logging in because no one else ever logs on to their PC. Over time the forget their login name and enter a wrong one when trying to log in. Alternatively, if someone logged into her PC as a local admin before her next login, she may not even know that she needs to change from a local to domain login. Try logging in as her yourself to eliminate user error. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: James Rankin [mailto:kz2...@googlemail.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Tue, 01 Jun 2010 08:01:31 -0500 Subject: Re: AD account - weird problem Keyboard got a stuck key? That happens a lot here On 1 June 2010 13:53, richardmccl...@aspca.org wrote: Greetings! I got an emergency call MON regarding one of my users (a poison center agent). She was unable to log into any of the workstations in our network. Other agents were able to log into her primary workstation. She was getting the usual error that the password was incorrect (and to check the CapsLock key). I used ADUC from my workstation to reset her password. Still no access... I tried ADUC from two different domain controllers, and tried setting different passwords. Still no access... I also checked her account properties. The login hours were set to full access, 168 hours per week. The account is not locked. Domain is Windows 2003 Native (not R2). Workstations are all WinXP Pro SP3. Before I bring out the big artillery (delete her account, re-create it, and then re-assign permissions to all her files, shares, etc), what else to check? Thanks... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Applicability of the OSI model (was: Big Changes)
I guess I was too optimistic. I can code. I don't like to code, but I can do it. Having a systems background makes me aware of how my code gets utilized. I guess I forget how specialized everything in our society is becoming, and how many people just accept their pigeon-hole without trying to broaden their experience. Case in point, I was finishing up a small drywall project in our house. I took down some horrible spindles and built the half wall into a full wall on either side of the entry into our dining room. My wife indicated that my work was better than the drywall work in the rest of the house (tape seams visible on a lot of places). To which I said, I'm slow but I like to do a job right, and if I have to look at it everyday for the next year, 10 years, or however long it'll just bug me. Most people don't have to deal with the faults of their work, or at least have the faults staring them in the face, so to speak. On Tue, Jun 1, 2010 at 9:22 AM, Steven M. Caesare scaes...@caesare.comwrote: When you find some, please send them my way. Thanks. -sc *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Monday, May 31, 2010 12:04 PM *To:* NT System Admin Issues *Subject:* Re: Applicability of the OSI model (was: Big Changes) On Mon, May 31, 2010 at 9:36 AM, Erik Goldoff egold...@gmail.com wrote: Frequently when dealing with some application 'developers' when troubleshooting connectivity or performance issues. I would suggest that you're having a frequent discussion like this with 'developers' you should find some real developers... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Applicability of the OSI model (was: Big Changes)
Indeed... shoddy work makes me Angry. Props for tackling drywall... I _HATE_ it. -sc From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, June 01, 2010 10:52 AM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) I guess I was too optimistic. I can code. I don't like to code, but I can do it. Having a systems background makes me aware of how my code gets utilized. I guess I forget how specialized everything in our society is becoming, and how many people just accept their pigeon-hole without trying to broaden their experience. Case in point, I was finishing up a small drywall project in our house. I took down some horrible spindles and built the half wall into a full wall on either side of the entry into our dining room. My wife indicated that my work was better than the drywall work in the rest of the house (tape seams visible on a lot of places). To which I said, I'm slow but I like to do a job right, and if I have to look at it everyday for the next year, 10 years, or however long it'll just bug me. Most people don't have to deal with the faults of their work, or at least have the faults staring them in the face, so to speak. On Tue, Jun 1, 2010 at 9:22 AM, Steven M. Caesare scaes...@caesare.com wrote: When you find some, please send them my way. Thanks. -sc From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, May 31, 2010 12:04 PM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) On Mon, May 31, 2010 at 9:36 AM, Erik Goldoff egold...@gmail.com wrote: Frequently when dealing with some application 'developers' when troubleshooting connectivity or performance issues. I would suggest that you're having a frequent discussion like this with 'developers' you should find some real developers... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Memorial Day
Wow, that hit me hard. My wife's nephew died last year after a helicopter accident in Iraq, while in the Marines. I only met him once, when he was about 12 or so and he was in his early 20s when he died. I'll never forget the services at Arlington, it was spine chilling to say the least. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, May 31, 2010 9:57 AM To: NT System Admin Issues Subject: Memorial Day (For non-US readers, today is Memorial Day in the USA, a national holiday. Traditionally celebrated as the unofficial start to summer, with cookouts and the like.) For those enjoying the Memorial Day holiday, please also remember those who have given their lives fighting for their country. -- Ben You Never Knew Me by J.D. Illiad Frazer (http://ars.userfriendly.org/users/read.cgi?id=20tid=129418) You never knew me as you grew up on that farm watched the clouds roll by dreamed of life and love. You never knew me when you swore to fight and kissed your last goodbye to those who waved and cried. You never knew me when they stormed in, shards of dark metal quivering as they cut. You never knew me as you huddled in the grime cold and so alone wishing for the sun. You never knew me baker that you were carpenter or farmer not a soldier born. You never knew me but you cried out for freedom and defied the coming dark even as you fell. And as I kneel by your cross I realize that I never knew you but I know you did this for me even though you never knew me. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Limit the amount of times an application can be opened?
We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RRAS 2008 Demand Dial VPN
Hi There, I am trying to set-up a demand dial VPN from a 2008 R2 server RRAS to a SBS 2008 Server. I can make a connection via normal VPN, and putting the exact same config into the demand dial interface gives and error of An error occured during connection of the interface. A connection to the remote computer could not be established. You might need to change the network settings for this connection. I have turned on full logging on the RRAS server and have looked through the 15 different logs created but can find anything but I don't know what I'm looking for. Does anyone have any suggestions on a good place to look. thanks Graeme -- Good news everyone, you have just received and e-mail from me! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. John-AldrichTile-Tools From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
Re: Limit the amount of times an application can be opened?
I have done this in the past by using a batch file to start the executable. It first uses tasklist to check the running processes and if it finds the exe in question it exits with a message that the app is already running and the user name of the owner. If the app isn't running it starts the exe normally. It's a bit of a kludge, but it does work and is simple to implement. On Tue, Jun 1, 2010 at 11:10 AM, Craig Gauss gau...@rhahealthcare.orgwrote: We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Well we have some old DOS based 16-bit apps that can be opened only once. I created a Batch they use to run the application. The batch file writes a file on opening and deletes the file after the program is closed. If the file is already present they can't open the application. Then I compiled the batch file to an exe and voila, they are stuck with only one user. From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 10:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Limit the amount of times an application can be opened?
Publish it via Citrix and restrict users to one instance? Bit of an expensive solution if you don't already have Citrix though :-) there are some performance management apps, such as AppSense, that can also do this natively, but are similarly expensive. If it's cheap-and-cheerful the batch file option may be the best On 1 June 2010 16:10, Craig Gauss gau...@rhahealthcare.org wrote: We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
OK boys and girls, how do you go about...
...having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don't really want to depend on my users doing it, but since you can't work while a Windows surface check is running I can't just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: OK boys and girls, how do you go about...
You can probably use chkdsk with the right switches as a logon or startup script to perform a disk(s) check at next reboot On 1 June 2010 16:40, David Lum david@nwea.org wrote: …having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don’t really want to depend on my users doing it, but since you can’t work while a Windows surface check is running I can’t just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OK boys and girls, how do you go about...
Maybe have them have a shutdown script with the scheduling of the chkdsk /R and have them reboot, which could get them check disking after they reboot. Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 11:41 AM To: NT System Admin Issues Subject: OK boys and girls, how do you go about... ...having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don't really want to depend on my users doing it, but since you can't work while a Windows surface check is running I can't just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Thanks for all the ideas! I think I am going to look into the batch file route. Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 10:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
Re: Applicability of the OSI model (was: Big Changes)
Kudos on the drywall project! I agree - if I'm doing the job whether it be IT or other (we're doing a rehab right now), I may be slow, but the work will be good and should stand up to scrutiny. Don K From: Jonathan Link jonathan.l...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tue, June 1, 2010 9:52:13 AM Subject: Re: Applicability of the OSI model (was: Big Changes) I guess I was too optimistic. I can code. I don't like to code, but I can do it. Having a systems background makes me aware of how my code gets utilized. I guess I forget how specialized everything in our society is becoming, and how many people just accept their pigeon-hole without trying to broaden their experience. Case in point, I was finishing up a small drywall project in our house. I took down some horrible spindles and built the half wall into a full wall on either side of the entry into our dining room. My wife indicated that my work was better than the drywall work in the rest of the house (tape seams visible on a lot of places). To which I said, I'm slow but I like to do a job right, and if I have to look at it everyday for the next year, 10 years, or however long it'll just bug me. Most people don't have to deal with the faults of their work, or at least have the faults staring them in the face, so to speak. On Tue, Jun 1, 2010 at 9:22 AM, Steven M. Caesare scaes...@caesare.com wrote: When you find some, please send them my way. Thanks. -sc From:Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, May 31, 2010 12:04 PM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) On Mon, May 31, 2010 at 9:36 AM, Erik Goldoff egold...@gmail.com wrote: Frequently when dealing with some application 'developers' when troubleshooting connectivity or performance issues. I would suggest that you're having a frequent discussion like this with 'developers' you should find some real developers... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Applicability of the OSI model (was: Big Changes)
Dude. Drywall sucks. I hate doing that - haven't done it since I was, well, my dad hadn't retired from the Air Force at that time, and I was helping him build our house. Kurt On Tue, Jun 1, 2010 at 07:52, Jonathan Link jonathan.l...@gmail.com wrote: I guess I was too optimistic. I can code. I don't like to code, but I can do it. Having a systems background makes me aware of how my code gets utilized. I guess I forget how specialized everything in our society is becoming, and how many people just accept their pigeon-hole without trying to broaden their experience. Case in point, I was finishing up a small drywall project in our house. I took down some horrible spindles and built the half wall into a full wall on either side of the entry into our dining room. My wife indicated that my work was better than the drywall work in the rest of the house (tape seams visible on a lot of places). To which I said, I'm slow but I like to do a job right, and if I have to look at it everyday for the next year, 10 years, or however long it'll just bug me. Most people don't have to deal with the faults of their work, or at least have the faults staring them in the face, so to speak. On Tue, Jun 1, 2010 at 9:22 AM, Steven M. Caesare scaes...@caesare.com wrote: When you find some, please send them my way. Thanks. -sc From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, May 31, 2010 12:04 PM To: NT System Admin Issues Subject: Re: Applicability of the OSI model (was: Big Changes) On Mon, May 31, 2010 at 9:36 AM, Erik Goldoff egold...@gmail.com wrote: Frequently when dealing with some application 'developers' when troubleshooting connectivity or performance issues. I would suggest that you're having a frequent discussion like this with 'developers' you should find some real developers... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OK boys and girls, how do you go about...
You could script setting the dirty bit with fsutil- fsutil dirty set C: If a volume's dirty bit is set, this indicates that the file system may be in an inconsistent state. The dirty bit can be set because the volume is online and has outstanding changes, because changes were made to the volume and the computer shutdown before the changes were committed to disk, or because corruption was detected on the volume. If the dirty bit is set when the computer restarts, chkdsk runs to verify the consistency of the volume. Every time Windows XP starts, Autochk.exe is called by the Kernel to scan all volumes to check if the volume dirty bit is set. If the dirty bit is set, autochk performs an immediate chkdsk /f on that volume. Chkdsk /f verifies file system integrity and attempts to fix any problems with the volume. From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 8:41 AM To: NT System Admin Issues Subject: OK boys and girls, how do you go about... ...having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don't really want to depend on my users doing it, but since you can't work while a Windows surface check is running I can't just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
+1 for batch file creating .lock file. I added a little more logic and would have it call a KiXstart script so they'd get a nice little message as well as a couple other features. Dave From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 8:52 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Thanks for all the ideas! I think I am going to look into the batch file route. Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 10:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. [cid:image001.jpg@01CB0172.B27DA7B0][cid:image002@01cb0172.b27da7b0] From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Limit the amount of times an application can be opened?
Only problem with that is permissions. If I am launching the app, I am creating the lock file, which isn't secure. If someone is clever, or even in an accidental situation this can be bypassed... From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 9:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. [John-Aldrich][Tile-Tools] From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: OK boys and girls, how do you go about...
Dam forgot about the fsutil I gotta go with Bob on this one I forgot about that trick totally... Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org From: Free, Bob [mailto:r...@pge.com] Sent: Tuesday, June 01, 2010 12:06 PM To: NT System Admin Issues Subject: RE: OK boys and girls, how do you go about... You could script setting the dirty bit with fsutil- fsutil dirty set C: If a volume's dirty bit is set, this indicates that the file system may be in an inconsistent state. The dirty bit can be set because the volume is online and has outstanding changes, because changes were made to the volume and the computer shutdown before the changes were committed to disk, or because corruption was detected on the volume. If the dirty bit is set when the computer restarts, chkdsk runs to verify the consistency of the volume. Every time Windows XP starts, Autochk.exe is called by the Kernel to scan all volumes to check if the volume dirty bit is set. If the dirty bit is set, autochk performs an immediate chkdsk /f on that volume. Chkdsk /f verifies file system integrity and attempts to fix any problems with the volume. From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 8:41 AM To: NT System Admin Issues Subject: OK boys and girls, how do you go about... ...having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don't really want to depend on my users doing it, but since you can't work while a Windows surface check is running I can't just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
True, but really, we're talking about LUSERS here. ;-) Seriously. how many end-users are going to be smart enough to know how to bypass that script? John-AldrichTile-Tools From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 1:16 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Only problem with that is permissions. If I am launching the app, I am creating the lock file, which isn't secure. If someone is clever, or even in an accidental situation this can be bypassed. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 9:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. John-AldrichTile-Tools From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
What the heck?
Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Try this, change strProcName and strProcPath in lines 6 7 Also change the message in line 17 to suit. Some applications, such as UltraVNC run 2 processes, so for something like that, change the 0 in line 16 This has only been tested on WinXP SP3, so YMMV on later OSs. Quick and nasty, but gets round the issue of the users being able to delete the lock file. I use PrimalScript for all my scripting and the handiest thing I use it for is to compile scripts in exe's so that the code can't be changed to increase the number, but I'm sure google would throw up some alternatives. --8 Option Explicit Dim objWMIService, colProcesses, objShell Dim strProcName, strProcPath strProcName = notepad.exe strProcPath = c:\windows\system32\ Set objWMIService = GetObject(winmgmts: _ {impersonationLevel=impersonate}!\\.\root\cimv2) Set colProcesses = objWMIService.ExecQuery _ (SELECT * FROM Win32_Process WHERE Name = _ ' strProcName ') If colProcesses.Count 0 Then MsgBox UltraVNC is already running. vbCrLf vbCrLf Only 1 instance is permitted at a time., vbOK, Process already running. Else Set objShell = CreateObject(WScript.Shell) objShell.Run strProcPath strProcName Set objShell = nothing End If --8 Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com From: Joseph L. Casale jcas...@activenetwerx.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date: 01/06/2010 18:18 Subject:RE: Limit the amount of times an application can be opened? Only problem with that is permissions. If ?I? am launching the app, I am creating the lock file, which isn?t secure. If someone is clever, or even in an accidental situation this can be bypassed? From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 9:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a ?.lock? file and check for the existence of that file and if it exists, have the batch file exit. From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance Limited (Under Administration), unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance Limited (Under Administration) is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Insurance Limited (Under Administration) is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Insurance Limited (Under Administration) is registered in Ireland, registration number 240768 and is a private company limited by shares. Its head office is at Dublin Road, Cavan, Co. Cavan. This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image/jpegimage/jpeg
RE: Limit the amount of times an application can be opened?
You would be surprised at that one, one user figures it out, soon after it's all round the company. They have brains when you don't want them to :) Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com From: John Aldrich jaldr...@blueridgecarpet.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date: 01/06/2010 18:29 Subject:RE: Limit the amount of times an application can be opened? True, but really, we?re talking about LUSERS here. ;-) Seriously? how many end-users are going to be smart enough to know how to bypass that script? From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 1:16 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Only problem with that is permissions. If ?I? am launching the app, I am creating the lock file, which isn?t secure. If someone is clever, or even in an accidental situation this can be bypassed? From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 9:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a ?.lock? file and check for the existence of that file and if it exists, have the batch file exit. From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance Limited (Under Administration), unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance Limited (Under Administration) is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Insurance Limited (Under Administration) is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Insurance Limited (Under Administration) is registered in Ireland, registration number 240768 and is a private company limited by shares. Its head office is at Dublin Road, Cavan, Co. Cavan. This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image/jpegimage/jpegimage/jpegimage/jpeg
Re: What the heck?
Hmmm, the numerical IP address later in the body of the message seems to belong to someone in Bogota Columbia I wasn't aware that Adobe was HQ'd in Columbia nor distributed vital security information and patches from that country MORE social engineering. On Tue, Jun 1, 2010 at 1:34 PM, David McSpadden dav...@imcu.com wrote: Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf(requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Fortunately, my users seem to not be able to figure that stuff out. 'Course if I limited the number of times they could open any app, they might, but so far, they haven't appeared that intelligent. Heck, I even have to tell 'em when it's time to change their password because they can't reach the network drives. J John-AldrichTile-Tools From: tony patton [mailto:tony.pat...@quinn-insurance.com] Sent: Tuesday, June 01, 2010 1:41 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? You would be surprised at that one, one user figures it out, soon after it's all round the company. They have brains when you don't want them to :) Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com From:John Aldrich jaldr...@blueridgecarpet.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:01/06/2010 18:29 Subject:RE: Limit the amount of times an application can be opened? _ True, but really, we're talking about LUSERS here. ;-) Seriously. how many end-users are going to be smart enough to know how to bypass that script? John-AldrichTile-Tools From: Joseph L. Casale [ mailto:jcas...@activenetwerx.com mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 1:16 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Only problem with that is permissions. If I am launching the app, I am creating the lock file, which isn't secure. If someone is clever, or even in an accidental situation this can be bypassed. From: John Aldrich [ mailto:jaldr...@blueridgecarpet.com mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 9:24 AM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Use a batchfile to create a .lock file and check for the existence of that file and if it exists, have the batch file exit. John-AldrichTile-Tools From: Craig Gauss [ mailto:gau...@rhahealthcare.org mailto:gau...@rhahealthcare.org] Sent: Tuesday, June 01, 2010 11:10 AM To: NT System Admin Issues Subject: Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance Limited (Under Administration), unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance Limited (Under Administration) is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Insurance Limited (Under Administration) is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Insurance Limited (Under Administration) is registered in Ireland, registration number 240768 and is a private company limited by shares. Its head office is at Dublin Road, Cavan, Co. Cavan. This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
Re: Limit the amount of times an application can be opened?
In the bat/cmd world, here is a sanitized version of what I've used which seems to work with both XP and Windows 7. - echo off setlocal set imgname=whatever.exe set exeName=whatever.exe set found= set user= for /f tokens=* %%a in ('tasklist /v ^| findstr /i %imgName%') do set found=Y for /f tokens=8,* %%b in ('tasklist /v ^| findstr /i %imgName%') do set user=%%b if %found%==Y clsecho Sorry, %user% is already running this application.pausegoto :EOF start C:\Path\To\%exename% - On Tue, Jun 1, 2010 at 1:39 PM, tony patton tony.pat...@quinn-insurance.com wrote: Try this, change strProcName and strProcPath in lines 6 7 Also change the message in line 17 to suit. Some applications, such as UltraVNC run 2 processes, so for something like that, change the 0 in line 16 This has only been tested on WinXP SP3, so YMMV on later OSs. Quick and nasty, but gets round the issue of the users being able to delete the lock file. I use PrimalScript for all my scripting and the handiest thing I use it for is to compile scripts in exe's so that the code can't be changed to increase the number, but I'm sure google would throw up some alternatives. --8 Option Explicit Dim objWMIService, colProcesses, objShell Dim strProcName, strProcPath strProcName = notepad.exe strProcPath = c:\windows\system32\ Set objWMIService = GetObject(winmgmts: _ {impersonationLevel=impersonate}!\\.\root\cimv2) Set colProcesses = objWMIService.ExecQuery _ (SELECT * FROM Win32_Process WHERE Name = _ ' strProcName ') If colProcesses.Count 0 Then MsgBox UltraVNC is already running. vbCrLf vbCrLf Only 1 instance is permitted at a time., vbOK, Process already running. Else Set objShell = CreateObject(WScript.Shell) objShell.Run strProcPath strProcName Set objShell = nothing End If --8 Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com From:Joseph L. Casale jcas...@activenetwerx.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:01/06/2010 18:18 Subject:RE: Limit the amount of times an application can be opened? -- Only problem with that is permissions. If “I” am launching the app, I am creating the lock file, which isn’t secure. If someone is clever, or even in an accidental situation this can be bypassed… *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.comjaldr...@blueridgecarpet.com] * Sent:* Tuesday, June 01, 2010 9:24 AM* To:* NT System Admin Issues* Subject:* RE: Limit the amount of times an application can be opened? Use a batchfile to create a “.lock” file and check for the existence of that file and if it exists, have the batch file exit. [image: John-Aldrich][image: Tile-Tools] *From:* Craig Gauss [mailto:gau...@rhahealthcare.orggau...@rhahealthcare.org] * Sent:* Tuesday, June 01, 2010 11:10 AM* To:* NT System Admin Issues* Subject:* Limit the amount of times an application can be opened? We have one application that is absolute resource hog. Unfortunately the users will open it over and over again, usually bringing the system to a crawl. It has been very difficult to train them to only open it once. Anyone have any ideas on how we could limit the amount of times it is opened? Craig Gauss, Technical Supervisor/Security Officer Riverview Hospital Association This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance Limited (Under Administration), unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance Limited (Under Administration) is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Insurance Limited (Under Administration) is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Insurance Limited (Under Administration) is registered in Ireland, registration number 240768 and is a private company limited by shares. Its head office is at Dublin Road, Cavan, Co. Cavan. This message is
RE: What the heck?
Phone number is disconnected too. Adobe is having a rough month. _ From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Tuesday, June 01, 2010 1:48 PM To: NT System Admin Issues Subject: Re: What the heck? Hmmm, the numerical IP address later in the body of the message seems to belong to someone in Bogota Columbia I wasn't aware that Adobe was HQ'd in Columbia nor distributed vital security information and patches from that country MORE social engineering. On Tue, Jun 1, 2010 at 1:34 PM, David McSpadden dav...@imcu.com wrote: Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: What the heck?
On Tue, Jun 1, 2010 at 1:47 PM, Erik Goldoff egold...@gmail.com wrote: I wasn't aware that Adobe was HQ'd in Columbia nor distributed vital security information and patches from that country I particularly like the PDF with the spoofed Adobe security advisory. It looks just like something a company would put out, and certainly Adobe loves PDF. The use of a bare IP address in the URLs is a dead giveaway, though. If they had employed some URL obfuscation techniques, it would be much more difficult to spot at first glance. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
Looks like they are down now. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, June 01, 2010 2:07 PM To: NT System Admin Issues Subject: Re: What the heck? On Tue, Jun 1, 2010 at 1:47 PM, Erik Goldoff egold...@gmail.com wrote: I wasn't aware that Adobe was HQ'd in Columbia nor distributed vital security information and patches from that country I particularly like the PDF with the spoofed Adobe security advisory. It looks just like something a company would put out, and certainly Adobe loves PDF. The use of a bare IP address in the URLs is a dead giveaway, though. If they had employed some URL obfuscation techniques, it would be much more difficult to spot at first glance. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: What the heck?
well, with known pdf exploits, I wasn't about to click the link to open *their* document On Tue, Jun 1, 2010 at 2:07 PM, Ben Scott mailvor...@gmail.com wrote: On Tue, Jun 1, 2010 at 1:47 PM, Erik Goldoff egold...@gmail.com wrote: I wasn't aware that Adobe was HQ'd in Columbia nor distributed vital security information and patches from that country I particularly like the PDF with the spoofed Adobe security advisory. It looks just like something a company would put out, and certainly Adobe loves PDF. The use of a bare IP address in the URLs is a dead giveaway, though. If they had employed some URL obfuscation techniques, it would be much more difficult to spot at first glance. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
The exe below is malware (I suppose everyone figured that out). From: David McSpadden [mailto:dav...@imcu.com] Sent: Tuesday, June 01, 2010 1:34 PM To: NT System Admin Issues Subject: What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
Did Ninja catch it or did you have to scan it manually?? _ From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Tuesday, June 01, 2010 2:34 PM To: NT System Admin Issues Subject: RE: What the heck? The exe below is malware (I suppose everyone figured that out). From: David McSpadden [mailto:dav...@imcu.com] Sent: Tuesday, June 01, 2010 1:34 PM To: NT System Admin Issues Subject: What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: What the heck?
I was figuring both the EXE *and* the PDF were grin On Tue, Jun 1, 2010 at 2:33 PM, Alex Eckelberry al...@sunbelt-software.comwrote: The exe below is malware (I suppose everyone figured that out). *From:* David McSpadden [mailto:dav...@imcu.com] *Sent:* Tuesday, June 01, 2010 1:34 PM *To:* NT System Admin Issues *Subject:* What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf(requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
Actually the PDF doesn't appear malicious. But I haven't had the labs look at it yet. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Tuesday, June 01, 2010 2:42 PM To: NT System Admin Issues Subject: Re: What the heck? I was figuring both the EXE *and* the PDF were grin On Tue, Jun 1, 2010 at 2:33 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: The exe below is malware (I suppose everyone figured that out). From: David McSpadden [mailto:dav...@imcu.commailto:dav...@imcu.com] Sent: Tuesday, June 01, 2010 1:34 PM To: NT System Admin Issues Subject: What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.commailto:ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com To: Administrator ad...@imcu.commailto:ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.commailto:rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Heck, I even have to tell ‘em when it’s time to change their password because they can’t reach the network drives. ☺ Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Limit the amount of times an application can be opened?
Sounds like it's time your network develop a case of persistent randrom nightly reboots. On Tue, Jun 1, 2010 at 3:12 PM, John Aldrich jaldr...@blueridgecarpet.comwrote: Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: What the heck?
We've been seeing this today also. - Sean On Tue, Jun 1, 2010 at 9:34 AM, David McSpadden dav...@imcu.com wrote: Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf(requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Nahh. I wait for 'em to call me saying they can't access the public drive (network share) and then I tell 'em try hitting ctl+alt+del and select 'change password' and let me know if that does NOT work. J Rarely get a call back. J John-AldrichTile-Tools From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, June 01, 2010 3:15 PM To: NT System Admin Issues Subject: Re: Limit the amount of times an application can be opened? Sounds like it's time your network develop a case of persistent randrom nightly reboots. On Tue, Jun 1, 2010 at 3:12 PM, John Aldrich jaldr...@blueridgecarpet.com wrote: Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
RE: [SPAM] Re: What the heck?
Reminded me of this that I received over the weekend. Looks like they are going after those who have heard all the reports about the problems with adobe PDF. I have modified the URLs to make sure they aren't clickable. Simon. From: Adobe PDF Reader [mailto:supp...@adobe-pdf-solutions.org] Sent: 29 May 2010 19:31 To: Simon Butler Subject: Update New Adobe PDF Reader For Windows Dear valued customers, We are pleased to announce new release of Adobe PDF 2010 which will give you more options to view, create, edit, print and share PDF documents. You will not have to look around for help anymore ! + 50% of your daily office works requires document handling. + 70% of your documents requires extra processing. + 15-20% of your documents requires exchanging with your peers, customers or partners. + 30% of such documents are in PDF format, and you need to view, edit, print and share them. To learn more about new features and install Adobe PDF 2010, please: + Go to: http:// www.adobe-pdf-solutions. org/ + Choose your options, download and start to improve your works. A full version of Office suite is also available for your download. DOWNLOAD TODAY: http:// www.adobe-pdf-solutions. org/ Best regards, Adobe PDF 2010 -- Copy rights PDF Pro 2010 (c) All rights reserved 124 Denver St., Bluepoint, CA 91732, USA Website: http://www.adobe-pdf-solutions.org/ From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: 01 June 2010 20:16 To: NT System Admin Issues Subject: [SPAM] Re: What the heck? We've been seeing this today also. - Sean On Tue, Jun 1, 2010 at 9:34 AM, David McSpadden dav...@imcu.commailto:dav...@imcu.com wrote: Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.commailto:ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com To: Administrator ad...@imcu.commailto:ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.commailto:rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
PIX replacement
PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: [SPAM] Re: What the heck?
Bad grammar is always a giveaway. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Simon Butler [mailto:si...@sembee.co.uk] Sent: Tuesday, June 01, 2010 3:33 PM To: NT System Admin Issues Subject: RE: [SPAM] Re: What the heck? Reminded me of this that I received over the weekend. Looks like they are going after those who have heard all the reports about the problems with adobe PDF. I have modified the URLs to make sure they aren't clickable. Simon. From: Adobe PDF Reader [mailto:supp...@adobe-pdf-solutions.org] Sent: 29 May 2010 19:31 To: Simon Butler Subject: Update New Adobe PDF Reader For Windows Dear valued customers, We are pleased to announce new release of Adobe PDF 2010 which will give you more options to view, create, edit, print and share PDF documents. You will not have to look around for help anymore ! + 50% of your daily office works requires document handling. + 70% of your documents requires extra processing. + 15-20% of your documents requires exchanging with your peers, customers or partners. + 30% of such documents are in PDF format, and you need to view, edit, print and share them. To learn more about new features and install Adobe PDF 2010, please: + Go to: http:// www.adobe-pdf-solutions. org/ + Choose your options, download and start to improve your works. A full version of Office suite is also available for your download. DOWNLOAD TODAY: http:// www.adobe-pdf-solutions. org/ Best regards, Adobe PDF 2010 -- Copy rights PDF Pro 2010 (c) All rights reserved 124 Denver St., Bluepoint, CA 91732, USA Website: http://www.adobe-pdf-solutions.org/ From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: 01 June 2010 20:16 To: NT System Admin Issues Subject: [SPAM] Re: What the heck? We've been seeing this today also. - Sean On Tue, Jun 1, 2010 at 9:34 AM, David McSpadden dav...@imcu.com wrote: Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited.
RE: PIX replacement
My small-org scale friends are all enamored with this company called Calyptix. I know nothing about it but they all talk about it a lot. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, June 01, 2010 2:35 PM To: NT System Admin Issues Subject: PIX replacement PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: PIX replacement
Yes. I had the exact same scenario, and went live with an NSA 240 last December. I had read awful things about SonicWall support (on this forum, I think), and I asked very pointed questions about that to both the reseller and the SonicWall SE I spoke with. I was assured that things were better, and I have been pleased the few times I've had to create a case. I obtained a unit as a 30 day demo and was pleased enough that I kept it and put it into production. I've since added an HA failover unit which was pretty easy to set up. On Tue, Jun 1, 2010 at 3:35 PM, mqcarp mqcarpen...@gmail.com wrote: PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
yes you can:) a gpo can do this as well... -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 1:12 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Now: monitoring; (was RE: Veering even more OT ...)
+1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: monitoring; (was RE: Veering even more OT ...)
I've had this philosophical discussion before. I usually do DNS names although my argument for IPs is that in the event of a datacenter/mass outage you want to get a dashboard of where services stand from a readiness perspective and if DNS is busted but everything is up you want to be focusing on DNS not something else. Thanks, Brian Desmond br...@briandesmond.com c – 312.731.3132 -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 2:56 PM To: NT System Admin Issues Subject: Now: monitoring; (was RE: Veering even more OT ...) +1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: monitoring; (was RE: Veering even more OT ...)
I agree, PING by name tests a few birds with one stone. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 3:56 PM To: NT System Admin Issues Subject: Now: monitoring; (was RE: Veering even more OT ...) +1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
I'm afraid I'm not much on GPOs. I tried it once with setting up network printers and it just didn't work. :-( I'm afraid to try anything else myself... maybe one of you guys could point me towards a how to create GPOs for Idiots? :-) -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 3:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? yes you can:) a gpo can do this as well... -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 1:12 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Now: monitoring; (was RE: Veering even more OT ...)
Kind of a chicken egg problem, seems like. Your network guy is right as far as that technically goes, but I'm with you. If DNS goes down, that needs to be the first order of business, since your business will start grinding to a halt anyway. I'd feel silly, pinging a server and not know that DNS was failing. On Tue, Jun 1, 2010 at 12:55 PM, David Lum david@nwea.org wrote: +1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- David _ Are you better off than you were four trillion dollars ago? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Limit the amount of times an application can be opened?
Just a thought. If you're just learning about Group Policy and GPOs, I highly recommend using a lab environment to test and figure out what it's all about. You can easily set up a domain in your virtualization environment of choice, and it's well worth it to mitigate the potential risk to your production environment. At the absolute very least set up a test OU and don't link your GPOs anywhere else until they're fully tested. Many Group Policy settings are relatively benign, but just one doozy applied at the domain level can wreak all kinds of havoc. On Tue, Jun 1, 2010 at 3:52 PM, Joseph L. Casale jcas...@activenetwerx.comwrote: yes you can:) a gpo can do this as well... -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 1:12 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: monitoring; (was RE: Veering even more OT ...)
I prefer monitoring by hostname. if DNS goes down, the servers are going to have problems anyway. -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 2:56 PM To: NT System Admin Issues Subject: Now: monitoring; (was RE: Veering even more OT ...) +1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
Yeah. When our consultants set up the Active Directory for us, they set up a test OU as part of that AD, so we're good there. J John-AldrichTile-Tools From: Richard Stovall [mailto:rich...@gmail.com] Sent: Tuesday, June 01, 2010 4:07 PM To: NT System Admin Issues Subject: Re: Limit the amount of times an application can be opened? Just a thought. If you're just learning about Group Policy and GPOs, I highly recommend using a lab environment to test and figure out what it's all about. You can easily set up a domain in your virtualization environment of choice, and it's well worth it to mitigate the potential risk to your production environment. At the absolute very least set up a test OU and don't link your GPOs anywhere else until they're fully tested. Many Group Policy settings are relatively benign, but just one doozy applied at the domain level can wreak all kinds of havoc. On Tue, Jun 1, 2010 at 3:52 PM, Joseph L. Casale jcas...@activenetwerx.com wrote: yes you can:) a gpo can do this as well... -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Tuesday, June 01, 2010 1:12 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Oh, trust me, it'll notify them if they were to log out and log back in. :-) Trouble is, I can't convince them to log out of their computer every night. :-/ -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Tuesday, June 01, 2010 2:52 PM To: NT System Admin Issues Subject: RE: Limit the amount of times an application can be opened? Heck, I even have to tell em when its time to change their password because they cant reach the network drives. ? Uh, you know their wkst can let them know this? Check GPO's out:) Comp Config / Windows Settings / Security Settings / Local Policies / Security Options interactive logon: Prompt user to change password before expiration ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
RE: monitoring; (was RE: Veering even more OT ...)
I test DNS independently (port UDP/53 TCP/53 availability, nslookup response check) and then layer my other tests beneath that. In most directory services these days (not just AD), if DNS is bad, you're just screwed. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 3:56 PM To: NT System Admin Issues Subject: Now: monitoring; (was RE: Veering even more OT ...) +1, I've smoked my Service Desk guys on that EXACT error before (not that I've ever done the same bonehead thing myself to burn this into my head) Setting up monitoring dependencies follows the same thing - no need to PING test a remote server if you can't ping a the local switch, or the remote router, etc. Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. I'm of the test as you operate so if clients connect by hostname, then test by hostname. If only IP addr is used, then use that. Same for websites, etc. Would LOVE to see a whitepaper recommending one way or another. Thoughts? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, May 31, 2010 6:29 AM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? +1 Back in the NT 4.0 days when interviewing candidates I'd ask them the first thing they'd check if a user could not login due to a 'domain controller cannot be found' type error. Amazing how many would jump directly to the more 'sophisticated' layers, check domain controller, IP Stack, WINS, etc To me the ONLY correct answer for the FIRST thing to check is: Check the Ethernet cable ! ( in my experience over 90% of these type errors were from the ether net cable either being unplugged or damaged ) Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Saturday, May 29, 2010 9:23 PM To: NT System Admin Issues Subject: RE: Veering even more OT - was: Re: Big Changes Ahead for IT - Anyone seen this? Normalisation is used for data integrity not efficiency. And whilst there aren't many practical implementations of OSI, the concept of a layered approach to networking (physical link, node addressing, routing, session control) is very useful in design and diagnosing problems. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OK boys and girls, how do you go about...
Closethis does indeed do a /F but I need the sector checking to happen as well. I am trying an SMS push of CHKDSK /F y.txt (with the appropriate text file of course). Dave From: Free, Bob [mailto:r...@pge.com] Sent: Tuesday, June 01, 2010 9:06 AM To: NT System Admin Issues Subject: RE: OK boys and girls, how do you go about... You could script setting the dirty bit with fsutil- fsutil dirty set C: If a volume's dirty bit is set, this indicates that the file system may be in an inconsistent state. The dirty bit can be set because the volume is online and has outstanding changes, because changes were made to the volume and the computer shutdown before the changes were committed to disk, or because corruption was detected on the volume. If the dirty bit is set when the computer restarts, chkdsk runs to verify the consistency of the volume. Every time Windows XP starts, Autochk.exe is called by the Kernel to scan all volumes to check if the volume dirty bit is set. If the dirty bit is set, autochk performs an immediate chkdsk /f on that volume. Chkdsk /f verifies file system integrity and attempts to fix any problems with the volume. From: David Lum [mailto:david@nwea.org] Sent: Tuesday, June 01, 2010 8:41 AM To: NT System Admin Issues Subject: OK boys and girls, how do you go about... ...having 300 users run CHKDSK /R? I need to roll out PGP encryption to this many laptops and I want to do a disk health check first. I don't really want to depend on my users doing it, but since you can't work while a Windows surface check is running I can't just arbitrarily push it out. Alternately is there a 3rd party tool that can do this while the OS is running? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: PIX replacement
I would vote for the ASA, For small offices, the ASA 5505 runs about $370. The maintenance agreement is only $70 a year, and allows you tech support for setup issues and next day replacement. The 5505 has some very nice features, especially for VOIP. The higher end ASA appliances get pricey. But the 5505 has similar features as the higher end models. Shane -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, June 01, 2010 3:35 PM To: NT System Admin Issues Subject: PIX replacement PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Limit the amount of times an application can be opened?
On 1 Jun 2010 at 15:29, Terry Dickson wrote: Well we have some old DOS based 16-bit apps that can be opened only once. I created a Batch they use to run the application. The batch file writes a file on opening and deletes the file after the program is closed. If the file is already present they can´t open the application. Then I compiled the batch file to an exe and voila, they are stuck with only one user. Don't forget an override switch for those rare occasions when the app or workstation crashes and the .lock file is left behind. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Now: monitoring; (was RE: Veering even more OT ...)
On Tue, Jun 1, 2010 at 3:55 PM, David Lum david@nwea.org wrote: Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. Generally speaking, I would prefer ping by name, simply so that when IP addresses or network numbers change, you don't have to manually update your monitoring system. Setting that problem aside, I would prefer two tests: One to test name resolution of that particular host's name (perhaps in multiple forms), and one to ping by IP address. That gives you more granularity in your monitoring system. One tells you when name resolution for that particular host is screwed up; the other tests connectivity and the ability of the host to return packets. Knowing *which* is down is more data than knowing one or both is down. (I guess my ideal monitoring system would internally cache name lookups so that it could intelligently try the last known IP address if DNS is down, but one could argue that would be a rather severe case of creeping featureism.) I'm of the test as you operate ... I generally agree. However, I expect your operations do not consist of pinging the host. The users are actually connecting to HTTP or SMB or SMTP or whatever. Ping is a synthetic test, and very different from the real thing. I've had boxes which were responding to ping be otherwise crashed to the point of needing a hardware reset. So I would be less inclined to worry about that aspect for a ping test (provided you are testing name resolution as well). Certainly, pinging by IP address without also monitoring name resolution means you will miss name resolution problems. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: PIX replacement
Ditto, using a couple here. SSL VPN, RDP, Hardware VPN to remote site. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Tuesday, June 01, 2010 3:32 PM To: NT System Admin Issues Subject: RE: PIX replacement I would vote for the ASA, For small offices, the ASA 5505 runs about $370. The maintenance agreement is only $70 a year, and allows you tech support for setup issues and next day replacement. The 5505 has some very nice features, especially for VOIP. The higher end ASA appliances get pricey. But the 5505 has similar features as the higher end models. Shane -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, June 01, 2010 3:35 PM To: NT System Admin Issues Subject: PIX replacement PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Now: monitoring; (was RE: Veering even more OT ...)
That's what I liked about What's Up Gold. You could test by ping, by http, https, smtp, etc. Pretty much any type of connection could be tested. :-) -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, June 01, 2010 4:52 PM To: NT System Admin Issues Subject: Re: Now: monitoring; (was RE: Veering even more OT ...) On Tue, Jun 1, 2010 at 3:55 PM, David Lum david@nwea.org wrote: Which brings up a question as I've had this debate with my network architect. He says when monitoring servers to ping by IP instead of hostname in case DNS goes down. My point is you should be testing for that infrastructure anyway so ping by name doesn't get triggered unless DNS functionality (also tested for) is working. Generally speaking, I would prefer ping by name, simply so that when IP addresses or network numbers change, you don't have to manually update your monitoring system. Setting that problem aside, I would prefer two tests: One to test name resolution of that particular host's name (perhaps in multiple forms), and one to ping by IP address. That gives you more granularity in your monitoring system. One tells you when name resolution for that particular host is screwed up; the other tests connectivity and the ability of the host to return packets. Knowing *which* is down is more data than knowing one or both is down. (I guess my ideal monitoring system would internally cache name lookups so that it could intelligently try the last known IP address if DNS is down, but one could argue that would be a rather severe case of creeping featureism.) I'm of the test as you operate ... I generally agree. However, I expect your operations do not consist of pinging the host. The users are actually connecting to HTTP or SMB or SMTP or whatever. Ping is a synthetic test, and very different from the real thing. I've had boxes which were responding to ping be otherwise crashed to the point of needing a hardware reset. So I would be less inclined to worry about that aspect for a ping test (provided you are testing name resolution as well). Certainly, pinging by IP address without also monitoring name resolution means you will miss name resolution problems. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Now: monitoring; (was RE: Veering even more OT ...)
That's what I meant by test as you operate, ping was just an example. If you have an FTP server, make sure those services are up and those ports are reachable. In the Windows world, I check for RPC being available and Server services being available (as well as DHCP client, DNS client, etc) before trying other test on said host. If the necessary services aren't reachable, no need to test for items that are DEPENDANT on that functionality (well, there are times you might want to parallel test as previously covered). Dave -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, June 01, 2010 1:52 PM To: NT System Admin Issues Subject: Re: Now: monitoring; (was RE: Veering even more OT ...) I'm of the test as you operate ... I generally agree. However, I expect your operations do not consist of pinging the host. The users are actually connecting to HTTP or SMB or SMTP or whatever. Ping is a synthetic test, and very different from the real thing. I've had boxes which were responding to ping be otherwise crashed to the point of needing a hardware reset. So I would be less inclined to worry about that aspect for a ping test (provided you are testing name resolution as well). Certainly, pinging by IP address without also monitoring name resolution means you will miss name resolution problems. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Limit the amount of times an application can be opened?
No override switch, they have to contact IT to get the file removed. That way we can see what is going on and who is causing the problem. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Tuesday, June 01, 2010 3:52 PM To: NT System Admin Issues Subject: Re: Limit the amount of times an application can be opened? On 1 Jun 2010 at 15:29, Terry Dickson wrote: Well we have some old DOS based 16-bit apps that can be opened only once. I created a Batch they use to run the application. The batch file writes a file on opening and deletes the file after the program is closed. If the file is already present they can´t open the application. Then I compiled the batch file to an exe and voila, they are stuck with only one user. Don't forget an override switch for those rare occasions when the app or workstation crashes and the .lock file is left behind. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Applicability of the OSI model (was: Big Changes)
On Sun, May 30, 2010 at 11:45 PM, Kurt Buff kurt.b...@gmail.com wrote: Well then, to expand upon my thoughts: Ah, thank you. Using a model that bears little relationship to reality is a faux pas, and likely to lead you to bad conclusions. I suppose that's possible. However, I don't think that even OSIs detractors can honestly say it bears little relationship with reality. Indeed, I would argue the concepts it describes are almost always going to be encountered in *any* communications system design, even if only to say it doesn't apply or isn't being implemented. There are also dangers involved in adding layers to a conceptual model of networking, as described in RFC3439 (https://tools.ietf.org/html/rfc3439). That it's specifically talking about implementations, not conceptual models. To quote, Such ordering constraints are in conflict with efficient *implementation of data manipulation functions*. (Section 3, page 7; emphasis added). Note also that that same criticism is also leveled at the design of IP. One could accuse the layered model (e.g., *TCP/IP* and ISO OSI) of causing this conflict. (ibid; emphasis added) It then goes on to detail how allowing the IP network layer to be optimized for various datalink transports has been a performance win. I don't see how that supports the idea that OSI is evil. It ain't scientific. Claim without a supporting argument. I believe it's better to acknowledge that everything above layer 3 is a bunch of different protocols, some of which stand alone and some of which are encapsulated in other protocols, than to use a flawed model and fool ourselves into thinking something that isn't so. I don't see how using the OSI model as a common frame of reference thereby means we're going to fool ourselves into thinking something isn't so. (I am ignoring the tautology in your supporting argument of assuming flawed model.) You mention in another message that OSI has never really been implemented. If that's your concern, I think you are missing a subtle but critical point in my argument (and what I believe are the arguments of others): OSI is useful as an *abstract model*. I don't think anyone here is advocating for a strict implementation of OSI as an actual network stack. However, when we talk about things that do networking, it's extremely advantageous to have common, concise terminology which is shared among all involved. That we can say things like TCP handles transport and session layer duties; anything higher-level is implementation-specific and everyone will know what we mean. It's common terminology, not a technological mandate. Even when a given OSI layer is not implemented in a system, that very fact is a key attribute of a design. For example, say you have something designed around Ethernet. If you want to move that to FDDI, you know you just have to adapt your handling of the data link layer. But if you want to move that to EIA-485, you're going to have to implement your own data link layer, because EIA-485 is a physical layer only. Without the common terminology of the OSI model, that discussion would be much more confused. So it's good that OSI specifies so many layers and abstractions, even when things are often not implemented that way -- it gives us clear, concise, common terminology for any number of different scenarios. Adopting the IP model for such conversations would be especially cumbersome, because in the IP model, anything below the network layer is implementation-specific, and anything above the IP protocol layer is implementation specific. Great if all you ever do is work with IP routers, but really limiting if you're building an Ethernet switch or a streaming video protocol. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: PIX replacement
I have never heard of the 5505. I think they always have pushed the monstrosity on us. What are the size limitations/expectations for that unit? I will go google it. We have several Sonicwalls in two other sites and have never had issues with them. They are not completely feature rich but offer IDS capability for a cheap price. Just never considered it for the main office to date. On Tue, Jun 1, 2010 at 3:59 PM, N Parr npar...@mortonind.com wrote: Ditto, using a couple here. SSL VPN, RDP, Hardware VPN to remote site. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Tuesday, June 01, 2010 3:32 PM To: NT System Admin Issues Subject: RE: PIX replacement I would vote for the ASA, For small offices, the ASA 5505 runs about $370. The maintenance agreement is only $70 a year, and allows you tech support for setup issues and next day replacement. The 5505 has some very nice features, especially for VOIP. The higher end ASA appliances get pricey. But the 5505 has similar features as the higher end models. Shane -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, June 01, 2010 3:35 PM To: NT System Admin Issues Subject: PIX replacement PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: PIX replacement
If you're already using SonicWalls elsewhere, and are comfortable with them, then there are probably a valid option for you. I'm a fan of Fortigate for these types of situations, as I was a fan of Netscreen (before Juniper complicated them... ) -ASB: http://XeeSM.com/AndrewBaker On Tue, Jun 1, 2010 at 5:55 PM, mqcarp mqcarpen...@gmail.com wrote: I have never heard of the 5505. I think they always have pushed the monstrosity on us. What are the size limitations/expectations for that unit? I will go google it. We have several Sonicwalls in two other sites and have never had issues with them. They are not completely feature rich but offer IDS capability for a cheap price. Just never considered it for the main office to date. On Tue, Jun 1, 2010 at 3:59 PM, N Parr npar...@mortonind.com wrote: Ditto, using a couple here. SSL VPN, RDP, Hardware VPN to remote site. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Tuesday, June 01, 2010 3:32 PM To: NT System Admin Issues Subject: RE: PIX replacement I would vote for the ASA, For small offices, the ASA 5505 runs about $370. The maintenance agreement is only $70 a year, and allows you tech support for setup issues and next day replacement. The 5505 has some very nice features, especially for VOIP. The higher end ASA appliances get pricey. But the 5505 has similar features as the higher end models. Shane -Original Message- From: mqcarp [mailto:mqcarpen...@gmail.com] Sent: Tuesday, June 01, 2010 3:35 PM To: NT System Admin Issues Subject: PIX replacement PIX is at end of life and Cisco is pushing ASA. This product is overkill for smaller companies. Has anyone else replaced or implemented Sonicwall instead? One of our vendors is touting it and we are considering it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Office 2003 and Snipping tool
Thanks Jon On Sun, May 30, 2010 at 4:05 PM, Ralph Smith m...@gatewayindustries.orgwrote: It is Office 2003 Pro. Since doing a clean install of RTM Win 7 - I think it's Ultimate - as well obviously all his applications including Office 2003, the problem has gone away. -- *From:* Jon Harris [mailto:jk.har...@gmail.com] *Sent:* Saturday, May 29, 2010 11:12 PM *To:* NT System Admin Issues *Subject:* Re: Office 2003 and Snipping tool What version of Office is he using? I have Office 2003. I know this was not a problem with Office 2007. Jon On Sat, May 29, 2010 at 10:35 PM, Ralph Smith m...@gatewayindustries.orgwrote: FWIW, one of my coworkers had a problem with the snipping tool that sounds similar, but it was on one of the pre-release versions of Windows 7. That version eventually got wiped and AFAIK he hasn't had the problem since installing the current version. -- *From:* Jon Harris [mailto:jk.har...@gmail.com] *Sent:* Friday, May 28, 2010 6:47 PM *To:* NT System Admin Issues *Subject:* Office 2003 and Snipping tool Has anyone used the Windows 7 Snipping Tool with Office 2003? I keep having an issue with Excel or Word closing if I don't have them open before the first use of the Snipping Tool. The Office application seems to crash on closing. I don't know if it is just this setup or if others are having it as well. Thanks for any insight, Jon * Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. * * Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Perc H700 6x1T
Agreed had the web site several times burn me. I would insist that a sales person take a look at the configuration that way you at least have a person to blame if something goes bad. Jon On Mon, May 31, 2010 at 9:59 AM, Ben Scott mailvor...@gmail.com wrote: On Sun, May 30, 2010 at 10:50 PM, Brian Desmond br...@briandesmond.com wrote: Has anyone got something to the tune of 6x1T RAID10 hanging off a Perc H700 or Perc/6i? Dell’s shopping site is rejecting the config although their specs for the controllers seem to think it’s supported. The shopping site is making me really nervous. While I can't speak to that configuration in particular, I can say that Dell's web configurator is frequently wrong. Several times I've had to forward quotes to our sales rep to have him add/change/tweak something the web configurator doesn't allow for. Contact a sales rep; have them check with a sales engineer if needed. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~