Cannot install WIN2k SP2 - No print spooler
COMPAQ DL580 WIN2K Adv Server SP1. Try to install SP2 and get a message cannot install as the print spooler is not running. The spooler does not appear in the service list and net start spooler returns service name is invalid. Tried to reinstall SP1 and get the same message. Any ideas appreciated. In fact I did not know you could have a install without that service installed. TIA Andrew Frost http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Terminal Services/Citrix bug on a 933/1000Mhz multiproc system...?
Hello all, I ran across the following article that startled me somewhat. http://www.nwfusion.com/news/2001/0604infra.html It talks about a bug that crashes MSTS and Citrix when run on a multiprocessor 933 or 1000Mhz system. I've searched, but I can't find any other information on this. Can anyone confirm/deny or point me in the direction of an article from MS or Citrix or other? Thanks! Vance http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Cannot install win2k Sp2 No print spooler
How about reinstalling file andprint sharing? /MH -Original Message-From: Andrew Frost [mailto:[EMAIL PROTECTED]]Sent: 20. september 2001 07:14To: NT System Admin IssuesSubject: Cannot install win2k Sp2 No print spooler COMPAQDL580WIn2K Adv SP1. Try to install SP2 and get a message cannot install SP2 as the print spooler is not running. The spooler does not appear in the service list and net start spooler returns service name is invalid. Tried to reinstall Sp1 and get the same message. Any ideas as have not found any clues in TechNet. In fact I did not know you could have a install without that service installed. TIA Andrew Frosthttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Adding unlisted NIC driver to network install
Hi, Is there any way in NT4.0 Server to add an unlisted NIC in the Network Client Installation program? Alternatively, is there any easy way to add an unlisted NIC to the created boot disk? Cheers Mark http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: HELP VIRUS ON NT MACHINE?
I might be confused... Why do you need to remove the hard drive? -Original Message- From: Matthew Western [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 10:37 PM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? hehehe she knows how to fix it tho.. that's what we're doing sucessfully here. put it in another machine clean about 2000 files off the hard drive and put it back in... working on workstations. -Original Message- From: Greg Page [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 10:22 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? You're not in IT? Are you a lurker? Greg -Original Message- From: PITNEY,LDENISE (A-Sonoma,ex1) [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 6:44 PM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? Our local IT department has actually had to remove the disk from it's current machine and mount it in another machine as a secondary -- then clean it and return it to it's original home. Denise -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 2:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: How to remove Nimda from NT Server without a reload
I've had one server infected. Other than the description below, I used NAI's removal-tool with no problems. It can be found at http://vil.nai.com/vil/virusSummary.asp?virus_k=99209 (may be wrapped) under the heading Stand-alone removal tool. The server was booted in between each step, the whole operation took a little over 1 hour and it is so far behaving nicely. Søren A I'm in the middle of an all-nighter killing this thing, I'll tell you what is working for me (you need to be at the console): Delete Admin.dll and all TFTP* files from %driveletter%\Inetpub\scripts Stop and disable the server service Reboot Apply IIS cumulative patch Reboot Apply hotfixes for either IE 5.01 SP1 or IE5.5 SP1 (mime header vulns) Reboot I am running NetShield, so I apply DAT 4161 and then scan and clean. Kludgy, I know, we are working on scripting this. That is what we have so far. I'll update unless someone else does before then. Back to work -Original Message- From: Matthew Western [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:59 PM To: NT System Admin Issues Subject: How to remove Nimda from NT Server without a reload Any links on how to remove Nimda from NT without a reload? when i run the removal tool from this list it crashes... any idea what services it overwrites and runs as? i've heard cmd.exe and mmc.exe. we've got mmc.exe running but when i try to kill it with task manager it says access denied... ideas? Matthew http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Sevice pack Downloads
See the IEAK 6.0 for full download and installation package build Jason -Original Message- From: TDI Custom Computers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:59 PM To: NT System Admin Issues Subject: Re: Sevice pack Downloads Discovered today, that with IE 6 you can't save to disk unless you go back to the site after you did a download and install on the same machine and it gives you an option for a different install and an Advanced button. Mike - Original Message - From: Dennis Brunner [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Sent: Wednesday, September 19, 2001 12:43 PM Subject: Sevice pack Downloads When down loading from Microsoft's site is there a way to save to disk so I can patch other computers without having to go back to the net and redownload them? They would be a great help. thanks Thank you Dennis Brunner 616-677-3343 mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Repost: Spam to non-existent e-mail address-PLEASE HELP
Title: RE: Repost: Spam to non-existent e-mail address-PLEASE HELP Steve I use Mail Essentials on my Exchange server. It did real well with all the worms and with filtering. You can add the spammers and also filter out invalid return domains and prevent mail relaying. I got on the orbs list awhile ago and with Mail Essentials finally got it so their bogus mails didn't go anywhere. Pat Banyas -Original Message- From: Steve Jacobson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:31 PM To: NT System Admin Issues Subject: Repost: Spam to non-existent e-mail address-PLEASE HELP Please help! I administer the e-mail server (Exchange 5.5) for my small consulting company (DJI). I am getting lots of spam mail addressed to non-existent e-mail addresses. These addresses have never been used. Some seem to be valid addresses ([EMAIL PROTECTED], or [EMAIL PROTECTED]), while others seem to be made up from some random character generator ([EMAIL PROTECTED], [EMAIL PROTECTED]). I get about 30-50 of these messages per day. Naturally, they are bounced by the server, and I route them to the Administrator mailbox. Some of the bounce messages back to the sender also get bounced (mainly due to invalid addresses). I am now getting e-mail from someone telling me (actually they are sending it to one of the invalid e-mail addresses) not to spam them anymore. I have spam relaying turned off in Exchange. Do any of you folks have this problem, and if so, what do you do about it? I am desperate, and am considering disabling the djicom MX record in the dns (for a week) so that (hopefully) this spam will be stopped at the source. This is causing me quite a problem. Steve Jacobson [EMAIL PROTECTED] [EMAIL PROTECTED] (for this list) http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm ***The information contained in this e-mail is intended for the recipient or entity to whom it is addressed. If you have received this e-mail in error, please notify the sender immediately and delete this email from your system. E-mail messages sent to this email address must not contain any material that may reasonably be considered offensive, disruptive, defamatory, or disparaging towards any person. Questions please contact K. Johnson, Information Security Officer, US Naval Hospital Guantanamo Bay, 011-5399-72440, [EMAIL PROTECTED]*** http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Repost: Spam to non-existent e-mail address-PLEASE HELP
Title: RE: Repost: Spam to non-existent e-mail address-PLEASE HELP Steve I use Mail Essentials on my Exchange server. It did real well with all the worms and with filtering. You can add the spammers and also filter out invalid return domains and prevent mail relaying. I got on the orbs list awhile ago and with Mail Essentials finally got it so their bogus mails didn't go anywhere. Pat Banyas -Original Message- From: Steve Jacobson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:31 PM To: NT System Admin Issues Subject: Repost: Spam to non-existent e-mail address-PLEASE HELP Please help! I administer the e-mail server (Exchange 5.5) for my small consulting company (DJI). I am getting lots of spam mail addressed to non-existent e-mail addresses. These addresses have never been used. Some seem to be valid addresses ([EMAIL PROTECTED], or [EMAIL PROTECTED]), while others seem to be made up from some random character generator ([EMAIL PROTECTED], [EMAIL PROTECTED]). I get about 30-50 of these messages per day. Naturally, they are bounced by the server, and I route them to the Administrator mailbox. Some of the bounce messages back to the sender also get bounced (mainly due to invalid addresses). I am now getting e-mail from someone telling me (actually they are sending it to one of the invalid e-mail addresses) not to spam them anymore. I have spam relaying turned off in Exchange. Do any of you folks have this problem, and if so, what do you do about it? I am desperate, and am considering disabling the djicom MX record in the dns (for a week) so that (hopefully) this spam will be stopped at the source. This is causing me quite a problem. Steve Jacobson [EMAIL PROTECTED] [EMAIL PROTECTED] (for this list) http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm ***The information contained in this e-mail is intended for the recipient or entity to whom it is addressed. If you have received this e-mail in error, please notify the sender immediately and delete this email from your system. E-mail messages sent to this email address must not contain any material that may reasonably be considered offensive, disruptive, defamatory, or disparaging towards any person. Questions please contact K. Johnson, Information Security Officer, US Naval Hospital Guantanamo Bay, 011-5399-72440, [EMAIL PROTECTED]*** http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Re: Well, this is reassuring...
FYI, SANS probably did not send that message at all, read the following excerpt from Symantec's write up of the Nimda virus: The worm begins the mass-mailing routine by first searching for email addresses. The worm searches for email addresses in .htm and .html files on the local system. The worm also uses MAPI to iterate through messages in the Inbox of email clients. Any MAPI supporting email clients may be affected including Microsoft Outlook and Outlook Express. The worm uses these email address for the To: and the From: addresses. Thus, the From: addresses will not be from the infected user. Heidi Pilewski Windows Systems Administrator Software Engineering Institute [EMAIL PROTECTED] Greg Page wrote: It's not a rumor, it's what happened. That this e-mail got to one of their people and propagated is disturbing. Antigen caught it at my GW and didn't send it anywhere. What's there excuse? Greg -Original Message- From: Dean Cunningham [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:19 PM To: NT System Admin Issues Subject: RE: Well, this is reassuring... Careful before spreading such a rumor, the detecters may well be oversensiitve at this point. McAffee did the same to me *because* a guy had posted to the mailing lust and email containing a portion of the javascript. I would suggest considering the source of teh messaging being blocked, that it is like they the message was benign and they too had a portion of code in it that set the alarm bells off. regards Dean -Original Message- From: Greg Page [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 12:49 p.m. To: NT System Admin Issues Subject: Well, this is reassuring... Antigen for Exchange found readme.exe infected with JScript/Nimda.A.Worm (CA(InoculateIT)) worm. The message is currently Purged. The message, SANS NewsBites Vol. 3 Num. 38, was sent from The SANS Institute and was discovered in IMC Queues\Inbound located at ORGANIZATION/SITE-1/ALEXAPP001. Greg http://www.sunbelt-software.com/ntsysadmin_list_charter.htm *** This e-mail is not an official statement of the Waikato Regional Council unless otherwise stated. Visit our website http://www.ew.govt.nz *** http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
win2000 dialup problem
Hi Just recently keep getting this error on a dialup connection a ISP (56K modem) Goes thru handshaking , and verfying User details then drops line with 1. The specified port is not connected. is this a ISP related problem which i think it is or a local problem ? -- Best regards, Gareth, MCP mailto:[EMAIL PROTECTED] [ Stay safe ppl, be kind to your neighbours. ] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Discontinuation of BackOffice Server 2000
Here's the link to what Microsoft has to say - I'm interpreting it as BackOffice Server 2000 is going away completely and you just buy the components separately. http://www.microsoft.com/backofficeserver/howtobuy/pricing/changes.asp Cheers Robert -Original Message- From: Bruce Raymond [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 8:14 AM To: NT System Admin Issues Subject: RE: Discontinuation of BackOffice Server 2000 Sorry, further reading shows that no trusts are supported, 50 clients max. on the network and all SBS components installed on the same server. Aaagh. Thanks -Original Message- From: Bruce Raymond [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 9:10 AM To: NT System Admin Issues Subject: RE: Discontinuation of BackOffice Server 2000 I thought SBS 4.5 did not support trusts and was limited to roughly 25 clients. But it appears that SBS 2000 can support more clients than that provided you purchase the CAL packs, etc. But does it also support trusts? Is the Exchange 2000 included with SBS 2000 a full version or does it have some limitation? Thanks, Bruce -Original Message- From: Kent Neff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 8:47 AM To: NT System Admin Issues Subject: RE: Discontinuation of BackOffice Server 2000 Check out these MS links: www.microsoft.com/sbserver www.microsoft.com/backofficeserver/default.asp The content has changed a bit since the last time I visited there. I was considering getting BO 2000 but when I saw that I went to SBS 2000. HTH, Kent From: Jang Man [EMAIL PROTECTED] Reply-To: NT System Admin Issues [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Subject: RE: Discontinuation of BackOffice Server 2000 Date: Tue, 18 Sep 2001 15:18:16 +0200 Is that true? I've got BackOffice 2000 on my system, upgraded from NT few moths ago. Does that mean we are not supported any more, despite BO is just a bunch of standalone servers, BO snap in and with cheaper license. Jang Man Ixtlan Team -Original Message- From: Kent Neff [mailto:[EMAIL PROTECTED]] Posted At: Tuesday, September 18, 2001 3:11 PM Posted To: NTSysAdmin Conversation: Discontinuation of BackOffice Server 2000 Subject: Re: Discontinuation of BackOffice Server 2000 Yes, this is correct. It is being replaced by Small Business Server 2000 which contains: Exchange 2000, SQL 2000, ISA and Terminal Services. I recently purchased the Upgrade and am implementing it on my network at work. MS has already discontinued support for Backoffice 2000 so if you do get it you are on your own. HTH, Kent Neff MCP, MCSE, A+ From: Chris Bodnar [EMAIL PROTECTED] Reply-To: NT System Admin Issues [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Subject: Discontinuation of BackOffice Server 2000 Date: Tue, 18 Sep 2001 08:42:41 -0400 I just received this from CDW, can anyone confirm that this is true: If you own: BACKOFFICE SERVER 4.5 You must purchase BackOffice 2000 Server by 9/28/2001. BACKOFFICE 2000 SERVER Includes: Exchange 2000 Server, SQL Server 2000, Windows 2000 Server, Host Integration Server 2000, Internet Security and Acceleration Server 2000, and Systems Management Server 2.0. AFTER 9/28/2001 these products may only be purchased as standalone components due to the discontinuation of BackOffice Server 2000. Chris Bodnar The Lehigh Group 610-966-9702 X:134 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Cannot install win2k Sp2 No print spooler
Stuff to try-- Use ntbackup to make an ERD first, then: Start, run, cmd chkdsk c: /f exit restart server If still not working after chkdsk, try system file checker: Start, Run, cmd sfc /scannow Have your Win2k adv sp1 server cd ready to replace any files found missing. Restart after it'sdone. You'll need to reapply hotfixes when done. If you don't have sp1 on the cd, you'll need to reapply that too, first (or you could just wing it and go right to sp2 :) Good luck--please tell us if one of these fixes it for you. I don't think I've ever seen a win2k system with the spooler service completely missing. -BM -Original Message-From: Andrew Frost [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 19, 2001 10:14 PMTo: NT System Admin IssuesSubject: Cannot install win2k Sp2 No print spooler COMPAQDL580WIn2K Adv SP1. Try to install SP2 and get a message cannot install SP2 as the print spooler is not running. The spooler does not appear in the service list and net start spooler returns service name is invalid. Tried to reinstall Sp1 and get the same message. Any ideas as have not found any clues in TechNet. In fact I did not know you could have a install without that service installed. TIA Andrew Frosthttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Crying Eagle is a source of Nimda?
This is probably a hoax, but I heard on the radio this morning that the Crying Eagle email web pages were a source of our friend nimda and it peaked my curiosity. Anyone else see or hear anything about this? I have that thing all over the place they're as clean as a new whistle according to NAV Trend. The e-mail I received it from is long gone so I can't check that one out. Cheers, Larry ** Lawrence D. Nail Microsoft Certified Systems Engineer NT Infrasture and Strategy SC Design Systems Texas Instruments Incorporated http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Win2KPro Security updates
Goto http://corporate.windowsupdate.microsoft.com/en/default.asp Download the appropriate hotfixes. Use Qchain.exe from MS to chain the installs together. Add them to your login script or have your users execute a batch file on the network. Matt Wehnes System Administrator Morton Machining MFG -Original Message- From: Stefan Jafs [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 3:06 PM To: NT System Admin Issues Subject: Win2KPro Security updates I have 40 Win2kPro workstations. How do I update all my systems without having to update single systems with windows update? Stefan http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Security Bulletin Confusion Part 2
The problem is that on one server (the most important server, no less) it keeps telling me it can't find the XML file even though the XML file is clearly present. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Greg Page [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:02 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 How about creating a dir names hotfix on your computer with all the files associated with hfnetchk and running HFNETCHK on you workstation, then copying all that to the server and running c:\dirname\hfnetchk -x mssecure.xml It's always works for me. Greg -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 5:01 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 Yeah, but HFNETCHK doesn't work on my server. Never has, and I've tried every suggestion everyone has made to make it work. -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 4:56 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 I still think that nothing beats HFNETCHK as it compares your registry settings with the current MS hotfix database. Nothing like realtime. http://support.microsoft.com/support/kb/articles/Q303/2/15.ASP -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 1:37 PM To: NT System Admin Issues Subject: Security Bulletin Confusion Part 2 Grrr... Now I'm looking at MS01-041, which is title Malformed RPC Request Can Cause Service Failure and MS01-048, which is titled Malformed Request to RPC Endpoint Mapper can Cause RPC Service to Fail. Are these two separate issues, or are they related? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Terminal Services/Citrix bug on a 933/1000Mhz multiproc system...?
Well I have a couple of dual 1 gig compaq servers running TS App mode and TS Admin mode and never seen/heard of this issue. Of course, I don't use citrix, so maybe that's it :). In reviewing the article its from 06/04/01 which is now 3 months old, Im sure there would be more info/patches if there is a real issue. -Original Message- From: Vance Krier [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 5:10 AM To: NT System Admin Issues Subject: Terminal Services/Citrix bug on a 933/1000Mhz multiproc system...? Hello all, I ran across the following article that startled me somewhat. http://www.nwfusion.com/news/2001/0604infra.html It talks about a bug that crashes MSTS and Citrix when run on a multiprocessor 933 or 1000Mhz system. I've searched, but I can't find any other information on this. Can anyone confirm/deny or point me in the direction of an article from MS or Citrix or other? Thanks! Vance http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Cannot install WIN2k SP2 - No print spooler
In win2k its called Print Spooler. Uhhh if you don't have that theres other issues to be concerned about. On the other side, I have seen weird occurences of this with the new nimda virus -Original Message- From: Andrew Frost [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:52 AM To: NT System Admin Issues Subject: Cannot install WIN2k SP2 - No print spooler COMPAQ DL580 WIN2K Adv Server SP1. Try to install SP2 and get a message cannot install as the print spooler is not running. The spooler does not appear in the service list and net start spooler returns service name is invalid. Tried to reinstall SP1 and get the same message. Any ideas appreciated. In fact I did not know you could have a install without that service installed. TIA Andrew Frost http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Crying Eagle is a source of Nimda?
That email was going around last week. Nimda began Tuesday (some say very late Monday). I got the mail and viewed it and my machine was not infected by Nimda. fwiw Scott -Original Message- From: Larry Nail [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:19 AM To: NT System Admin Issues Subject: Crying Eagle is a source of Nimda? This is probably a hoax, but I heard on the radio this morning that the Crying Eagle email web pages were a source of our friend nimda and it peaked my curiosity. Anyone else see or hear anything about this? I have that thing all over the place they're as clean as a new whistle according to NAV Trend. The e-mail I received it from is long gone so I can't check that one out. Cheers, Larry ** Lawrence D. Nail Microsoft Certified Systems Engineer NT Infrasture and Strategy SC Design Systems Texas Instruments Incorporated http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS disabled but proxy enabled? how to...
Well; you can harden your servers based on the NSA standards. If they use it and they are happyycheck out their site.www.nsa.org cannot remember the exact URL when I do you will get it. -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: 19 September 2001 07:34 To: NT System Admin Issues Subject: RE: IIS disabled but proxy enabled? how to... He has a point. Even a devout MS bigot has got to be pissed at the number of patches they have had to install over the last year. Not to mention how many applications don't work as advertised. If he can't do MS you're going to send him to a linux package? -Original Message- From: Kelly Borndale [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 1:20 AM To: NT System Admin Issues Subject: Re: IIS disabled but proxy enabled? how to... You may want to watch your attitude first off -this is an NT sys admin list, we all have jobs because we support MS products. There are plenty of free proxy servers and web servers. Check out http://www.debian.org/ or any Linux site, as well. -K - Original Message - From: Matthew Western [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Sent: Wednesday, September 19, 2001 12:23 AM Subject: IIS disabled but proxy enabled? how to... Hi People, We like the rest of the world are getting annoyed at microsnot. How do i disable all web server IIS junk and keep the MX proxy enabled? if i disable the IIS in services it kills proxy too... i've already broken one proxy trying to do this. regards Matthew http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: How to remove Nimda from NT Server without a reload
remember guest is admin on infected machines. anyone can upload tools and remote control apps to your machine, while guest is active. Dan -Original Message- From: Sren Albeck [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 7:34 AM To: NT System Admin Issues Subject: RE: How to remove Nimda from NT Server without a reload I've had one server infected. Other than the description below, I used NAI's removal-tool with no problems. It can be found at http://vil.nai.com/vil/virusSummary.asp?virus_k=99209 (may be wrapped) under the heading Stand-alone removal tool. The server was booted in between each step, the whole operation took a little over 1 hour and it is so far behaving nicely. Søren A I'm in the middle of an all-nighter killing this thing, I'll tell you what is working for me (you need to be at the console): Delete Admin.dll and all TFTP* files from %driveletter%\Inetpub\scripts Stop and disable the server service Reboot Apply IIS cumulative patch Reboot Apply hotfixes for either IE 5.01 SP1 or IE5.5 SP1 (mime header vulns) Reboot I am running NetShield, so I apply DAT 4161 and then scan and clean. Kludgy, I know, we are working on scripting this. That is what we have so far. I'll update unless someone else does before then. Back to work -Original Message- From: Matthew Western [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 8:59 PM To: NT System Admin Issues Subject: How to remove Nimda from NT Server without a reload Any links on how to remove Nimda from NT without a reload? when i run the removal tool from this list it crashes... any idea what services it overwrites and runs as? i've heard cmd.exe and mmc.exe. we've got mmc.exe running but when i try to kill it with task manager it says access denied... ideas? Matthew http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Security Bulletin Confusion Part 2
Yepper. But it doesn't work. John -Original Message- From: Greg Page [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:58 AM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 Do you use the -x mssecure.xml switch? Greg -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:33 AM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 The problem is that on one server (the most important server, no less) it keeps telling me it can't find the XML file even though the XML file is clearly present. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Greg Page [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 9:02 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 How about creating a dir names hotfix on your computer with all the files associated with hfnetchk and running HFNETCHK on you workstation, then copying all that to the server and running c:\dirname\hfnetchk -x mssecure.xml It's always works for me. Greg -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 5:01 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 Yeah, but HFNETCHK doesn't work on my server. Never has, and I've tried every suggestion everyone has made to make it work. -Original Message- From: Jim Busick [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 4:56 PM To: NT System Admin Issues Subject: RE: Security Bulletin Confusion Part 2 I still think that nothing beats HFNETCHK as it compares your registry settings with the current MS hotfix database. Nothing like realtime. http://support.microsoft.com/support/kb/articles/Q303/2/15.ASP -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 1:37 PM To: NT System Admin Issues Subject: Security Bulletin Confusion Part 2 Grrr... Now I'm looking at MS01-041, which is title Malformed RPC Request Can Cause Service Failure and MS01-048, which is titled Malformed Request to RPC Endpoint Mapper can Cause RPC Service to Fail. Are these two separate issues, or are they related? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Nimda Scanner from eEye Digital Security (Beta)
http://www.eeye.com/html/Research/Tools/nimda.html http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: HELP VIRUS ON NT MACHINE?
For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: HELP VIRUS ON NT MACHINE?
HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: HELP VIRUS ON NT MACHINE?
Hmmm. We have not had to take such drastic action(s) here at all - 'course, let's see what the new day brings. :-) Wendell -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 7:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: File Creation Dates
Just curious... Is there a utility available to adjust the creation date of a file. One of our SPC applications looks for a file with a specific date on it before it runs in the full mode instead of Evaluation mode. However, the contents of the file needs to change but when I change it, it runs the way I want it to but reverts back to an eval copy. So... I need to edit the file and then change it's date back to the original date. Len Hammond Network Administrator Pontiac Coil, Inc. [EMAIL PROTECTED] -Original Message- From: Kenneth Taira [mailto:[EMAIL PROTECTED]] Sent: Friday, September 14, 2001 5:55 PM To: NT System Admin Issues Subject: Re: File Creation Dates Err...you can make monster zip files as they save the creation date...then unzip them on the target. At 04:03 PM 9/14/2001 -0500, you wrote: Hello All, I have the need to transfer a large amount of data from one server to another. The source system is NT3.51 and the destination is Win2K. I am attempting to transfer these files across the network. My problem is that I need to maintain the file creation date on each file. I might also add that these files where created over several years of usage. Does anyone know of a utility or a switch that would allow for this? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? I'm blocking at the firewall.[1] Still has an impact on our bandwidth, but at least the server is free to get on with things... [1] Raptor[2] [2] aka Symantec Enterprise Firewall[3] [3] Boring name :( Les Bessant mailto:[EMAIL PROTECTED]IT Manager, Sanderson Townend GilbertActing in a personal capacityhttp://www.tiggercam.co.uk - New, improved and with more bounce! -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 3:36 PMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm_This message has been checked for all known viruses by Star Internetdelivered through the MessageLabs Virus Scanning Service. For furtherinformation visit http://www.star.net.uk/stats.asp or alternatively callStar Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend & Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: Message Slow down? Not that we could tell. But my traffic doubled the first day it was out. However it did tell that what I built can scale! -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:03 AMTo: NT System Admin IssuesSubject: RE: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? On my boxes where I have host headers configured and no website is "default", that is, every website demands that a host header be in the request, none of these requests are making it into the logs. I have no idea what that means wrt IIS, maybe it is still processing them and not logging or maybe it just ignores them once a matching host header isn't found. jbh -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 9:03 AMTo: NT System Admin IssuesSubject: RE: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Free Nimda scanner from eEye
http://www.eeye.com/html/Research/Tools/nimda.html Tom Kustner PC/LAN Engineer Wells Fargo Retirement Plan Services Any opinions are strictly my own and not necessarily those of Wells Fargo. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
NIMDA FIX
Good morning, Is anyone having good luck running the Fix_Nimda.A. Fix? A little skeptical about running it as of yet. Thanks, Dave http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: win2000 dialup problem
I had a problem with a new compaq (cheapie) winmodem on my home machine. I also got the message remote computer not responding or something... compaq swapped the modem 3 times, reloaded the new drivers 4 x, (and told me how to turn the volume down 5 times!) before they sent me a line filter to go in line with the phone line. You might find one at rat shack. fixed the prob. I'd try another modem/pc combination on the same line/ISP to see if it's in the workstation, or the connection. Dan -Original Message- From: Gareth Campling [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:40 AM To: NT System Admin Issues Subject: win2000 dialup problem Hi Just recently keep getting this error on a dialup connection a ISP (56K modem) Goes thru handshaking , and verfying User details then drops line with 1. The specified port is not connected. is this a ISP related problem which i think it is or a local problem ? -- Best regards, Gareth, MCP mailto:[EMAIL PROTECTED] [ Stay safe ppl, be kind to your neighbours. ] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IIS Slow Down Due to Nimda?
Title: IIS Slow Down Due to Nimda? On my boxes where I have host headers configured and no website is "default", that is, every website demands that a host header be in the request, none of these requests are making it into the logs. I have no idea what that means wrt IIS, maybe it is still processing them and not logging or maybe it just ignores them once a matching host header isn't found. You can bet, it is still banging on you though. John Cesta jbh -Original Message-From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 9:03 AMTo: NT System Admin IssuesSubject: RE: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Of course IIS is going to slow down due to many requests. Not much of a way to make it stop unless you know where the source is, call them and ask. Otherwise we are all in the same boat. John Cesta -Original Message-From: Jerry Gamblin [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 10:36 AMTo: NT System Admin IssuesSubject: IIS Slow Down Due to Nimda? Any one seen there IIS Server slow down due to the bug? Is there anyway to stop the request(cmd.exe) from even being made to you box? Here's is what my logs look like. Sunday was a little slow but on an average day we get around ~700 unique visitors. Date Hits Successful Hits 09/16/2001 : 372 : 222 09/17/2001 : 3,454 : 1,026 09/18/2001 : 6,224 : 1,046 09/19/2001 : 5,401 : 745 09/20/2001 : 2,193 : 86 Total Hits : 17644 Average Hits : 3528 That's around 14,000 hits alone from this virus. I don't know what its doing to the server, but is there any way to make it stop? Jerry Gamblin Technology Specialist Linn State Technical College One Technology Drive Linn, MO 65051 [EMAIL PROTECTED] www.linnstate.edu 573-897-5240 -Original Message- From: Murray Freeman [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:24 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? HEY, not true, not true. We got hit on 3 servers and were able to cleanse manually and never even turned off the servers, nor did it impact our regular production. Murray -Original Message- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:21 AM To: NT System Admin Issues Subject: RE: HELP VIRUS ON NT MACHINE? For those of you that were unfortunately hit with the latest worm. There is usually no recourse but to wipe the machine clean and reload your software. Trend Antivirus has released a cleaner for the virus. Here is the info. Trend Micro has developed a cleaning tool that will allow you to clean systems infected by PE_NIMDA.A. The cleaning tool and instructions, manual cleaning instructions, and the latest pattern file can be found on our FTP site at: ftp://us-web\[EMAIL PROTECTED] Password: tmcustomer Directory: Premium Customer\tool Files: Cleaning tool: FIX_NIMDA.zip Cleaning tool description and instructions: Readme_nimda.txt Manual cleaning documentation: How to Clean.txt Latest pattern file: ptn_942.zip -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: September 19, 2001 5:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
Could this be a license issue?. We had similar problems on our citrix. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:52 AM To: NT System Admin Issues Subject:Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
shouldn't be a licenese issue... the Terminal Server is running in Administrative Mode (no licensing required) not Application Sharing Mode... If it was Licensing, I would expect that no clients could connect to Server1: -Original Message- From: Mal Sasalu [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 08:26 To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server Could this be a license issue?. We had similar problems on our citrix. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:52 AM To: NT System Admin Issues Subject:Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Microsoft Proxy Server Version 2 on NT 4.0 - SP 6a
Help, please As a result of the latest virus, I downloaded and installed one of the recommended patches for Internet Explorer. Anyway, after the installation of that patch... I can't open the following services within Microsoft Internet Service Manager Socks Proxy Web Proxy WWW In the event viewer, I see an event ID 7023 with the error message COULD NOT FIND SPECIFIED MODULE I have looked in my TechNet CD and on the Internet, but I can't find anything that addresses this issue. Can anyone help me with this? Thanks in advance, Nelson Aguillón 626.937.6693 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NIMDA FIX
I guess that it works fine. I didn't think that I had any infected machines but ran it anyway and came up with no infected computers. No virus warning yet. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: David Coffey [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:22 AM To: NT System Admin Issues Subject: NIMDA FIX Good morning, Is anyone having good luck running the Fix_Nimda.A. Fix? A little skeptical about running it as of yet. Thanks, Dave http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Microsoft Has Nimda
If anyone is looking for more infected sites, here's some including Dell and Microsoft... http://www.theregister.co.uk/content/56/21772.html * If you receive this e-mail in error, please contact +44 20 7280 5500. The information contained in this e-mail and in the attachments if any, is confidential. Unauthorised use, disclosure, printing, forwarding or copying is strictly prohibited. * http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Free Nimda scanner from eEye
Just a good note about this... We scanned our network, and while we had all of our servers patched, it did point out a few of our assembly line machines that had vulnerability that we hadn't thought about. Very excellent software. Kudos to all those at eEye who were involved. Barrett Blackburn ___ The two most common things in the universe are hydrogen and stupidity. ___ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 10:05 AM To: NT System Admin Issues Subject: Free Nimda scanner from eEye http://www.eeye.com/html/Research/Tools/nimda.html Tom Kustner PC/LAN Engineer Wells Fargo Retirement Plan Services Any opinions are strictly my own and not necessarily those of Wells Fargo. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
Did you end a previous connection abruptly. I have seen this when the server or the client drop the connection and you try to start it again without killing the previous connection. You could see if you have a dead process, but the only way to solve this is to bounce the server. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:28 AM To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server shouldn't be a licenese issue... the Terminal Server is running in Administrative Mode (no licensing required) not Application Sharing Mode... If it was Licensing, I would expect that no clients could connect to Server1: -Original Message- From: Mal Sasalu [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 08:26 To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server Could this be a license issue?. We had similar problems on our citrix. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:52 AM To: NT System Admin Issues Subject:Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
I wouldn't go that far. Slapped with a wet haddock, perhaps. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:53 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:51 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
Both are W2K Advanced server in Administrative Mode. Pings to both are fine. I am the only one that uses both of the terminal servers. I am downgrading the problem Terminal server to SP1 -Original Message- From: Greg Tupper [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 08:52 To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server not entirely true because win2k pro and server come with a terminal server license. They changed how the licensing works with Win2k terminal server. The server no longer keeps all of the licenses but instead issues them to a client that will always have it. Very hard to administer in my opinion since once the license is taken you can not get it back without calling up microsoft and having them change it for you. The question that i would have is: Is server 1 an NT 4 terminal server or are they both Win2k terminal servers running in admin mode? If both are win2k servers then the license theory is dead since it would have the correct licensing on the machine because it can attach to one of the Win2k machines. The next things i would look at would be to check and make sure that you can ping it from that machine, User profile is administrator of the box, and upgrade to the win2k terminal services client if you have not done so already. Not sure if that would help any since the old one should be able to connect to the server but just not be able to use the new features. It probably is not that 2 people have already connected to it since that error message indicates that the number of connections has been exceeded. Sorry couldn't help more. Greg T. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 10:28 AM To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server shouldn't be a licenese issue... the Terminal Server is running in Administrative Mode (no licensing required) not Application Sharing Mode... If it was Licensing, I would expect that no clients could connect to Server1: -Original Message- From: Mal Sasalu [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 08:26 To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server Could this be a license issue?. We had similar problems on our citrix. -Original Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:52 AM To: NT System Admin Issues Subject:Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
I think Martin would prefer his seafood in a taco :) -Original Message- From: Les Bessant [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 16:56 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I wouldn't go that far. Slapped with a wet haddock, perhaps. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:53 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:51 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm * If you receive this e-mail in error, please contact +44 20 7280 5500. The information contained in this e-mail and in the attachments if any, is confidential. Unauthorised use, disclosure, printing, forwarding or copying is strictly prohibited. * http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
IE5.5 SP2 Download for corporation
How do I download the complete SP2 for IE5.5 from Microsoft? I would like to do one download for automatic distribution instead of all 40 workstations downloading it using Windows Update? I can't seem to find a complete download on Microsoft's web site. Stefan http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Did u get Nimda? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: 20 September 2001 17:51 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
I didn't say that. What I said was that the person at Microsoft who was responsible for maintaining such a high-profile Web site should be fired if they failed to keep that site up-to-date. Not having properly-patched servers is a terrible embarrassment for Microsoft (assuming that this is how NIMDA got through the gate). And let me turn your question around... Should there be no accountability? Should everyone who failed to maintain proper security be patted on the back and told they're doing a good job? Aren't we supposed to be professionals? Aren't we paid to do our best to prevent this sort of thing from happening? We all screw up sometimes. I'm certainly not perfect myself, and I don't expect anyone else to be. What I *do* expect is that system administrators will take reasonable measures to ensure the security of their systems. I don't think it's unrealistic for the world to be able to rely on us to do our best to ensure that our servers don't get infected by a worm that exploits a vulnerability that was identified a year ago (the web server folder traversal issue was first addressed in MS00-057 in August of 2000). John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:52 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
You are correct sir! -Original Message- From: Phillips, Glen [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:03 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I think Martin would prefer his seafood in a taco :) -Original Message- From: Les Bessant [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 16:56 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I wouldn't go that far. Slapped with a wet haddock, perhaps. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:53 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:51 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm * If you receive this e-mail in error, please contact +44 20 7280 5500. The information contained in this e-mail and in the attachments if any, is confidential. Unauthorised use, disclosure, printing, forwarding or copying is strictly prohibited. * http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IE5.5 SP2 Download for corporation
IEAK http://www.microsoft.com/windows/ieak/default.asp -Original Message- From: Stefan Jafs [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:12 AM To: NT System Admin Issues Subject: IE5.5 SP2 Download for corporation How do I download the complete SP2 for IE5.5 from Microsoft? I would like to do one download for automatic distribution instead of all 40 workstations downloading it using Windows Update? I can't seem to find a complete download on Microsoft's web site. Stefan http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IE5.5 SP2 Download for corporation
When you run IE5Setup.exe there's an advanced button or something similar which lets you download only - you can then select which OSes you wish to download for. Did it here, and it is really quite painless. Phil - Phil Randal Network Engineer Herefordshire Council Hereford, UK -Original Message- From: Stefan Jafs [mailto:[EMAIL PROTECTED]] Sent: 20 September 2001 17:12 To: NT System Admin Issues Subject: IE5.5 SP2 Download for corporation How do I download the complete SP2 for IE5.5 from Microsoft? I would like to do one download for automatic distribution instead of all 40 workstations downloading it using Windows Update? I can't seem to find a complete download on Microsoft's web site. Stefan http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
I think it best that you read the releases. That way you will have a better grasp of how the Virus/worm spreads and will not jump to conclusions. Granted you have a point but I am sure that the differing methods in which a large organisation works and a school cannot be compared. -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: 20 September 2001 18:08 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I didn't say that. What I said was that the person at Microsoft who was responsible for maintaining such a high-profile Web site should be fired if they failed to keep that site up-to-date. Not having properly-patched servers is a terrible embarrassment for Microsoft (assuming that this is how NIMDA got through the gate). And let me turn your question around... Should there be no accountability? Should everyone who failed to maintain proper security be patted on the back and told they're doing a good job? Aren't we supposed to be professionals? Aren't we paid to do our best to prevent this sort of thing from happening? We all screw up sometimes. I'm certainly not perfect myself, and I don't expect anyone else to be. What I *do* expect is that system administrators will take reasonable measures to ensure the security of their systems. I don't think it's unrealistic for the world to be able to rely on us to do our best to ensure that our servers don't get infected by a worm that exploits a vulnerability that was identified a year ago (the web server folder traversal issue was first addressed in MS00-057 in August of 2000). John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:52 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
One can only hope that MS takes the engineers off of Passport and the like and puts them onto IntelliPatch for Windows Networks. The automation intrinsic to the OS as it currently exists is IMHO like a toe on the trigger. We'll happily keep typing in our multitude of IDs and passwords (and keeping our credit card numbers in our LEATHER wallets, thank you very much) while they teach the OS to defend itself, rather than self-mutilate. -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:08 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I didn't say that. What I said was that the person at Microsoft who was responsible for maintaining such a high-profile Web site should be fired if they failed to keep that site up-to-date. Not having properly-patched servers is a terrible embarrassment for Microsoft (assuming that this is how NIMDA got through the gate). And let me turn your question around... Should there be no accountability? Should everyone who failed to maintain proper security be patted on the back and told they're doing a good job? Aren't we supposed to be professionals? Aren't we paid to do our best to prevent this sort of thing from happening? We all screw up sometimes. I'm certainly not perfect myself, and I don't expect anyone else to be. What I *do* expect is that system administrators will take reasonable measures to ensure the security of their systems. I don't think it's unrealistic for the world to be able to rely on us to do our best to ensure that our servers don't get infected by a worm that exploits a vulnerability that was identified a year ago (the web server folder traversal issue was first addressed in MS00-057 in August of 2000). John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:52 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Index Server on IIS 5
Does anyone have the html code to use with index server on iis 5? Mine searches fine if you search from the computer management console, but if I browse to the c:\winnt\help\ciquery.htm, and double click it, it comes up with question marks in all the fields. Thanks in advance, Jon http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
some good reading to go with that taco@!!! http://www.zdnet.com/zdnn/specialreport/0,12737,6021501,00.html?chkpt=zdnnt0 92001ts Gene C. aka C.E. Gene Connor Gene's Custom PC Service since 1989 Serving the U.S., Canada London,England -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:20 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Love the fish Tacos!!! Ensenada Mexico!!! Whoohoo!!! And on the Nimda thing. Got lucky this time, so far. But what happened with Code Red II with us might happen again. We had a developer get his laptop infected and then brought it in and infected our network. So, we may still end up with it a week after everyone else has finished dealing with it. Damn developers!!! :) -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:09 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda You are correct sir! -Original Message- From: Phillips, Glen [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:03 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I think Martin would prefer his seafood in a taco :) -Original Message- From: Les Bessant [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 16:56 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I wouldn't go that far. Slapped with a wet haddock, perhaps. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:53 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:51 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm * If you receive this e-mail in error, please contact +44 20 7280 5500. The information contained in this e-mail and in the attachments if any, is confidential. Unauthorised use, disclosure, printing, forwarding or copying is strictly prohibited. * http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Love the fish Tacos!!! Ensenada Mexico!!! Whoohoo!!! And on the Nimda thing. Got lucky this time, so far. But what happened with Code Red II with us might happen again. We had a developer get his laptop infected and then brought it in and infected our network. So, we may still end up with it a week after everyone else has finished dealing with it. Damn developers!!! :) -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:09 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda You are correct sir! -Original Message- From: Phillips, Glen [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:03 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I think Martin would prefer his seafood in a taco :) -Original Message- From: Les Bessant [mailto:[EMAIL PROTECTED]] Sent: Thursday, 20 September 2001 16:56 To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I wouldn't go that far. Slapped with a wet haddock, perhaps. -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 4:53 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda So everyone who got Nimda should be fired? -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:51 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda That's just SO embarrassing. I hope someone at Microsoft lost their job over that. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. The information in this communication and any attachments is confidential and may be legally privileged. It is intended solely for the addressee. If you are not the intended recipient any use, review, dissemination, distribution or copying of this information is strictly prohibited. If you have received this communication in error please notify us immediately on 0191 261 2681 and delete the original message and any copies of it. Any opinions, conclusions or other information in this message that do not relate to the official business of Sanderson Townend Gilbert are neither given nor endorsed by the firm. _ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm * If you receive this e-mail in error, please contact +44 20 7280 5500. The information contained in this e-mail and in the attachments if any, is confidential. Unauthorised use, disclosure, printing, forwarding or copying is strictly prohibited. * http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Sevice pack Downloads
Actually, you can download the express install and run it with different switches. This article explains: http://support.microsoft.com/support/kb/articles/Q257/2/49.ASP Regards, Sean Martin, MCSE Network Administrator Ribelin Lowell Company Insurance Brokers, Inc. 3111 C Street, Suite 300 Anchorage, Alaska 99503 Ph: (907) 561-1250 Fax: (907) 561-4315 Cell: (907) 229-0885 Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: TDI Custom Computers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 4:59 PM To: NT System Admin Issues Subject: Re: Sevice pack Downloads Discovered today, that with IE 6 you can't save to disk unless you go back to the site after you did a download and install on the same machine and it gives you an option for a different install and an Advanced button. Mike - Original Message - From: Dennis Brunner [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Sent: Wednesday, September 19, 2001 12:43 PM Subject: Sevice pack Downloads When down loading from Microsoft's site is there a way to save to disk so I can patch other computers without having to go back to the net and redownload them? They would be a great help. thanks Thank you Dennis Brunner 616-677-3343 mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm DO NOT read, copy or disseminate this communication unless you are the intended addressee. This e-mail communication contains confidential and/or privileged information intended only for the addressee. If you have received this communication in error, please call us immediately at (907) 561-1250 and ask to speak to the sender of the communication. Also, please e-mail the sender and notify the sender immediately that you have received the communication in error. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
No, I apparently didn't (thank goodness). Information is still coming out about this nasty, but it appears that none of my servers were vulnerable. I don't browse the Web or use them for e-mail, which excludes two methods of infection. And they all have the SRP installed (in addition to other patches), which (according to the MS article on NIMDA) closes those vulnerabilities. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:11 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Did u get Nimda? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
What conclusions am I jumping to, and what releases do you presume I'm not reading? And you're correct... There IS a difference between a large organization and a school district. The difference is that the large organization has a greater responsibility to ensure security--not to mention vastly more resources with which to do it. I'm sorry, but I think sysadmins have been dropping the ball too much lately. Again, I know we're not all perfect. I'm sure there are vulnerabilities my servers have that I've missed. I know that if anyone wanted badly enough to get into them, they would find success. But I also know that we've not been vulnerable to Code Red, Code Red II, or NIMDA because we've stayed up-to-date on patches and general security issues. We all know the saying: Fool me once, shame on you. Fool me twice, shame on ME. Code Red should've been a wakeup call to sysadmins everywhere (personally, I was already awake because a prior hack attempt months earlier had been MY wakeup call). Apparently, some people didn't learn their lesson, though, and still had unpatched servers. What's their excuse--particularly in a large company? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:20 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I think it best that you read the releases. That way you will have a better grasp of how the Virus/worm spreads and will not jump to conclusions. Granted you have a point but I am sure that the differing methods in which a large organisation works and a school cannot be compared. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: IE5.5 SP2 Download for corporation
http://support.microsoft.com/support/kb/articles/Q257/2/49.ASP Regards, Sean Martin, MCSE Network Administrator Ribelin Lowell Company Insurance Brokers, Inc. 3111 C Street, Suite 300 Anchorage, Alaska 99503 Ph: (907) 561-1250 Fax: (907) 561-4315 Cell: (907) 229-0885 Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: Stefan Jafs [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 8:12 AM To: NT System Admin Issues Subject: IE5.5 SP2 Download for corporation How do I download the complete SP2 for IE5.5 from Microsoft? I would like to do one download for automatic distribution instead of all 40 workstations downloading it using Windows Update? I can't seem to find a complete download on Microsoft's web site. Stefan http://www.sunbelt-software.com/ntsysadmin_list_charter.htm DO NOT read, copy or disseminate this communication unless you are the intended addressee. This e-mail communication contains confidential and/or privileged information intended only for the addressee. If you have received this communication in error, please call us immediately at (907) 561-1250 and ask to speak to the sender of the communication. Also, please e-mail the sender and notify the sender immediately that you have received the communication in error. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
NAV service for Exchange not starting
Title: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 NAV service for Exchange not starting the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 The NAV for microsoft exchange service failed to start due to : The system can not find the file specified (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 Service could not start NAV for exchange... points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Is IE4 vulnerable to nimda?
I've not seen mention, either, but I'm curious. After all, Microsoft's own IIS Security Checklist recommends using IE4 on IIS machines... John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Bunting, Jeff [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:47 PM To: NT System Admin Issues Subject: Is IE4 vulnerable to nimda? I haven't seen any mention of it one way or the other. Anyone know? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NAV service for Exchange not starting
Title: Message reformat. : Kevinm WLKMMAS, UCC+WCA ~~~ All spelling and Factual errors are the fault of Bob Barker ~~~ This space has been rented by: Http://www.tiggercam.co.uk For all your tigger needs You 2 can rent this space if you need it. -Original Message-From: Terry Manolakos [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:44 AMTo: NT System Admin IssuesSubject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: "Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started"(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 "NAV service for Exchange not starting" the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 "The NAV for microsoft exchange service failed to start due to : The system can not find the file specified" (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 "Service could not start NAV for exchange..." points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: FTP IIS user access
Title: Message In 2000 hell need to go to the Local Security Settings I believe. We still use NT4 for the domain, but on my Win2000 Pro box it is under Admin ToolsàLocal Security PolicyàLocal PoliciesàUser Rights Assignment. -Original Message- From: Peter Pearson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 1:38 PM To: NT System Admin Issues Subject: Re: FTP IIS user access In User Manager - under user rights scroll down the log on locally. Are you using IIS for the FTP sites? Also check your client FTP app (unless of course you're using DOS. See attached articles (hope they help) http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q200475 http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q221934 Cheers. - Original Message - From: Murray Binette To: NT System Admin Issues Sent: Wednesday, September 19, 2001 2:04 PM Subject: RE: FTP IIS user access Just a simple domain with 30 users. The SBServer is the PDC which is connected directly to the internet. I want users that hold a valid domain account to have access to the ftp site (no annonymous access). Arghh, I forget how to manipulate attributes such as 'log on locally'thats done through 'poledit' right? Thanks for you patience! :) -Original Message- From: Peter Pearson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 11:45 AM To: NT System Admin Issues Subject: Re: FTP IIS user access What is your network setup? Domain model etc.. What type of access are you allowing to the FTP site? If the FTP server is a member server, do the users have the right to log on locally? - Original Message - From: Murray Binette To: NT System Admin Issues Sent: Wednesday, September 19, 2001 1:33 PM Subject: FTP IIS user access I'm running SBS2000 and I'm trying to set up an FTP site so that users can access their folders from home. The problem is only users with Admin privileges are able to get onto the server. The error their getting is 530 User x cannot login in !Logon failure, so quitting. I'm not sure what attribute or privilege I have to assign to users to allow them in. Thanks a lot guys! Murray B Cybertech Automation http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
W2k AD
Hi Guys, We are setting up a W2k/AD domain which covers various sites. One of the sites is not directly connected to others by any WAN link. But it has a direct connection to the internet via a 256mb line to an ISP. At present, it participates in our global exchange 5.5 organisation by an Internet Mail Connector over the internet. Without having a direct link to the W2k/AD root domain, will it still be possible to set-up this site as a child domain? If so, what are the options or what's the best way to go about doing it? Thanks GT. *** *** Harlequin Mills Boon Limited Main Tel: 020 8288 2800 Main Fax: 020 8288 2899 Main Web: http://www.millsandboon.co.uk *** *** The information contained in this email together with any accompanying attachments is sent privately and confidentially to the intended recipients. If you have received this email in error, please inform the sender immediately and delete the entire message from your mailbox. Disclosure, copying, further distribution or any other form of action taken based on the information contained in this email by an unintended recipient is strictly prohibited and may be unlawful. Harlequin Mills Boon cannot accept responsibility for the accuracy or completeness of this email as it has been transmitted over a public network. We also do not accept responsibility for the views expressed by the sender of this email. Virus Notice: Harlequin Mills Boon Ltd operate an anti-virus policy, however, it is the responsibility of the recipient of this email to ensure that it and any accompanying attachments are free of viruses. *** *** http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Those are the guys you want to lock their machines down tight. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Love the fish Tacos!!! Ensenada Mexico!!! Whoohoo!!! And on the Nimda thing. Got lucky this time, so far. But what happened with Code Red II with us might happen again. We had a developer get his laptop infected and then brought it in ... Damn developers!!! :) This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NAV service for Exchange not starting
I wonder why a worm infection would not allow a virus scanner to run... hmmm Dan -Original Message- From: Kevin Miller [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:03 PM To: NT System Admin Issues Subject: RE: NAV service for Exchange not starting reformat. : Kevinm WLKMMAS, UCC+WCA ~~~ All spelling and Factual errors are the fault of Bob Barker ~~~ This space has been rented by: Http://www.tiggercam.co.uk http://www.tiggercam.co.uk/ For all your tigger needs You 2 can rent this space if you need it. -Original Message- From: Terry Manolakos [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 9:44 AM To: NT System Admin Issues Subject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 NAV service for Exchange not starting the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 The NAV for microsoft exchange service failed to start due to : The system can not find the file specified (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 Service could not start NAV for exchange... points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Copy file from Novell server to W2K
Greetings, Is there a file utility like robocopy, I can use to copy users data from a Novell 5. server to a W2K server. I need to copy over files and permisions. Thanks, Miguel http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Red Cross Plea asks for Computers/Tech support
I asked a friend of mine Doug, (retired from here, Sysadm for the Red Cross) what he specifically needed. Here's his reply, if anyone has machines or $$ to help him it would be appreciated. It seems timely and appropriate for this discussion group. Contact Doug directly if you have any questions on how or where to donate. Dan -- -Original Message- From: Gilstrap, Doug [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 1:50 PM To: Dan Miley (E-mail) Subject: Request for PCs Dan, First let me say I am sorry for not answering this right away. I don't use this mailbox anymore, but keep it and check it every week. We really need computers that are network ready capable of running Windows 2000 or Windows xp. If a donation is in order, I pay 1,100 each for Dell optiplex machines. This price is discounted by dell for us. If PCs are in order, anything that is network ready, 300mhz or better, 128k ram, 10gb hard drive, capable of running 2000 or xp. I currently need to replace at least 10 machines. These users are currently using PCs that are 90mhz and 100mhz with small amounts of memory and small 1gb hard drives. They work but are extremely slow. To completely update us would require 15 PCs at least. Make a note to change my Email address to [EMAIL PROTECTED] Thanks for thinking of us. Douglas Gilstrap System Administrator American Red Cross Greenville County Chapter Together, we can save a life. Chapter Website: www.redcross.org/sc/greenville -Original Message- From: Amer Karim [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 13, 2001 2:49 AM To: NT System Admin Issues Subject: Red Cross Plea asks for Computers/Tech support TechTV is reporting a plea from the Red Cross in NYC for computers and tech support. The info is here : http://www.techtv.com/screensavers/showtell/story/0,23008,3347294,00.html (URL may get wrapped) I would also like to add my condolences to all who have lost friends an loved ones in this tragedy. And my sympathy and best wishes to all who are still waiting for news - I know what you are going through. My parents and my sister live and work in Washington DC, and I have friends in NYC and Manhatten. My family is fine, but I still haven't heard from any of the people I know in NYC... I live in Vancouver, Canada, and there's very little I can do from here - but I'm sure that some of the people on this list may be able to answer the appeal from the Red Cross for tech support - after all, it's what we do. Regards, Amer Karim Nautilis Information Systems e-mail: [EMAIL PROTECTED], [EMAIL PROTECTED] PS - I thought this appeal was appropiate to this list (for anyone who might ask). http://www.sunbelt-software.com/ntsysadmin_list_charter.htm This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Copy file from Novell server to W2K
Try the Novell Migrator from NETIQ. We are using that right now in testing and it will do exactly what you are looking for. www.netiq.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:23 PM To: NT System Admin Issues Subject: Copy file from Novell server to W2K Greetings, Is there a file utility like robocopy, I can use to copy users data from a Novell 5. server to a W2K server. I need to copy over files and permisions. Thanks, Miguel http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Re: NAV service for Exchange not starting
Title: NAV service for Exchange not starting Hi Terry, Have you looked in task manager to see if the NAV processes are running ? If they are kill them (end task), and then start the service.. That should give you a clean start up... ? Thanks Rob - Original Message - From: Terry Manolakos To: NT System Admin Issues Sent: Thursday, September 20, 2001 5:43 PM Subject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: "Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started"(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 "NAV service for Exchange not starting" the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 "The NAV for microsoft exchange service failed to start due to : The system can not find the file specified" (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 "Service could not start NAV for exchange..." points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NAV service for Exchange not starting
Title: NAV service for Exchange not starting I've been up about 36hrs no sleep since the virus attackI overlooked checking the processes in task manager.I see several processes that may be NAV related though not surethey're: NaveSrv.* Nave.* is this the NAV I'm looking for? BTW, Norton's Gold support line is so busy, I don't even get a chance to be placed on Hold! This list is very appreciated. -Original Message-From: Rob Wilcox [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 1:45 PMTo: NT System Admin IssuesSubject: Re: NAV service for Exchange not starting Hi Terry, Have you looked in task manager to see if the NAV processes are running ? If they are kill them (end task), and then start the service.. That should give you a clean start up... ? Thanks Rob - Original Message - From: Terry Manolakos To: NT System Admin Issues Sent: Thursday, September 20, 2001 5:43 PM Subject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: "Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started"(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 "NAV service for Exchange not starting" the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 "The NAV for microsoft exchange service failed to start due to : The system can not find the file specified" (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 "Service could not start NAV for exchange..." points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: File Creation Dates
many such applets.. two that come to mind are command line: slap touch Erik Goldoff Systems Manager The HoneyBaked Ham Company 678-966-3320 [EMAIL PROTECTED] -Original Message- From: Len Hammond [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 10:30 AM To: NT System Admin Issues Subject: RE: File Creation Dates Just curious... Is there a utility available to adjust the creation date of a file. One of our SPC applications looks for a file with a specific date on it before it runs in the full mode instead of Evaluation mode. However, the contents of the file needs to change but when I change it, it runs the way I want it to but reverts back to an eval copy. So... I need to edit the file and then change it's date back to the original date. Len Hammond Network Administrator Pontiac Coil, Inc. [EMAIL PROTECTED] -Original Message- From: Kenneth Taira [mailto:[EMAIL PROTECTED]] Sent: Friday, September 14, 2001 5:55 PM To: NT System Admin Issues Subject: Re: File Creation Dates Err...you can make monster zip files as they save the creation date...then unzip them on the target. At 04:03 PM 9/14/2001 -0500, you wrote: Hello All, I have the need to transfer a large amount of data from one server to another. The source system is NT3.51 and the destination is Win2K. I am attempting to transfer these files across the network. My problem is that I need to maintain the file creation date on each file. I might also add that these files where created over several years of usage. Does anyone know of a utility or a switch that would allow for this? http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
MIME Header fix?
If you apply the MIME Header fix AFTER the NT SRP, do you need to re-install Q299444i? Eric http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: NAV service for Exchange not starting
Title: NAV service for Exchange not starting http://www.antivirus.com/pc-cillin/vinfo/virusencyclo/default5.asp?VName=PE_NIMDA.A nimda fix Link may wrap -Eric Larsen -Key Knife, Inc. -Original Message-From: Terry Manolakos [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 11:02 AMTo: NT System Admin IssuesSubject: RE: NAV service for Exchange not starting I've been up about 36hrs no sleep since the virus attackI overlooked checking the processes in task manager.I see several processes that may be NAV related though not surethey're: NaveSrv.* Nave.* is this the NAV I'm looking for? BTW, Norton's Gold support line is so busy, I don't even get a chance to be placed on Hold! This list is very appreciated. -Original Message-From: Rob Wilcox [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 1:45 PMTo: NT System Admin IssuesSubject: Re: NAV service for Exchange not starting Hi Terry, Have you looked in task manager to see if the NAV processes are running ? If they are kill them (end task), and then start the service.. That should give you a clean start up... ? Thanks Rob - Original Message - From: Terry Manolakos To: NT System Admin Issues Sent: Thursday, September 20, 2001 5:43 PM Subject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: "Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started"(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 "NAV service for Exchange not starting" the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 "The NAV for microsoft exchange service failed to start due to : The system can not find the file specified" (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 "Service could not start NAV for exchange..." points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Sevice pack Downloads
Thanks it worked great. Stefan -Original Message- From: Sean Martin [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:23 To: NT System Admin Issues Subject: RE: Sevice pack Downloads Actually, you can download the express install and run it with different switches. This article explains: http://support.microsoft.com/support/kb/articles/Q257/2/49.ASP Regards, Sean Martin, MCSE Network Administrator Ribelin Lowell Company Insurance Brokers, Inc. 3111 C Street, Suite 300 Anchorage, Alaska 99503 Ph: (907) 561-1250 Fax: (907) 561-4315 Cell: (907) 229-0885 Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -Original Message- From: TDI Custom Computers [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 4:59 PM To: NT System Admin Issues Subject: Re: Sevice pack Downloads Discovered today, that with IE 6 you can't save to disk unless you go back to the site after you did a download and install on the same machine and it gives you an option for a different install and an Advanced button. Mike - Original Message - From: Dennis Brunner [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Sent: Wednesday, September 19, 2001 12:43 PM Subject: Sevice pack Downloads When down loading from Microsoft's site is there a way to save to disk so I can patch other computers without having to go back to the net and redownload them? They would be a great help. thanks Thank you Dennis Brunner 616-677-3343 mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm DO NOT read, copy or disseminate this communication unless you are the intended addressee. This e-mail communication contains confidential and/or privileged information intended only for the addressee. If you have received this communication in error, please call us immediately at (907) 561-1250 and ask to speak to the sender of the communication. Also, please e-mail the sender and notify the sender immediately that you have received the communication in error. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Okay, okay... I'll back off and take a wait-and-see approach. Let's wait a few days as research continues and find out if there's a way a server could get infected other than the methods that have already been discovered. If it turns out that Microsoft was lazy on their end, though, then my initial feeling that someone should lose their job will be justified. The other option is that there's some new, unknown exploit out there that NIMDA used. I guess I was just lucky that my servers were apparently not vulnerable to that exploit and that the 16 attempts it uses to break in all result in 404 errors in the logs. If this turns out to be the case, I'll be eating crow. But I'm not ashamed to admit when I'm wrong, so this won't be too painful! We'll have to disagree over whether admins are dropping the ball--although surely we can agree that SOMEONE is dropping it. Code Red exploited a vulnerability that had been fixed some time earlier (over a month, as I recall). Why were so many servers unpatched? And whose responsibility was it to patch them, if not ours? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Clayton [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:06 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda But are you sure that MS has all of the bits in place to protect your network? They may have been infected because of something that has been overlooked, and not because one of their sysadmins was playing quake. They may have all of the patches they have in place, but were still hit from the side door. If they overlooked it for themselves, how can you be sure all of the patches you have will sort you out? I don't agree that sysadmins have been dropping the ball lately either. There is more than one ball to carry in most cases, and the trick is keeping them all up in the air at the same time. It is much easier to secure a small system than a large one as well, which only adds to the challenges we all have the pleasure of dealing with daily. I fully agree that we should always be prepared for all known threats, but the key work there is known. I certainly don't know all of the threats out there, and have to take MS on faith in terms of what Service Pack or hotfix I need to protect my systems, so I hope they were lazy on their end, at least that way I know we are cool here. If they had all of the patches in, and still got it anyways, then I guess we are all in for some long nights. Clayton Doige IT Manager MCSE, MCP + I Gameday International N.V. Bound in a nutshell, King of infinite space... T: +5 999 736 0309 ext 4537 C: +5 999 563 1845 F: +5 999 733 1259 E: [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Nimda Fix!!!
http://www.antivirus.com/pc-cillin/vinfo/virusencyclo/default5.asp?VName=PE_ NIMDA.A I sent this once, but never saw it arrive on the list... sorry if it is a dup. Link may wrap. -Eric Larsen -Key Knife, Inc. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: HELP VIRUS ON NT MACHINE?
They could not get into the disk at all. After pressing ctl-alt-del the machine just would hang and the processor was near 100%. There was no other way to scan the disk. Denise -Original Message- From: Bartolini [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 3:51 PM To: NT System Admin Issues Subject: Re: HELP VIRUS ON NT MACHINE? why? - Original Message - From: PITNEY,LDENISE (A-Sonoma,ex1) [EMAIL PROTECTED] To: NT System Admin Issues [EMAIL PROTECTED] Sent: Wednesday, September 19, 2001 6:43 PM Subject: RE: HELP VIRUS ON NT MACHINE? Our local IT department has actually had to remove the disk from it's current machine and mount it in another machine as a secondary -- then clean it and return it to it's original home. Denise -Original Message- From: Tiffany Belcher [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 19, 2001 2:35 PM To: NT System Admin Issues Subject: HELP VIRUS ON NT MACHINE? This thing is on a machine at work and it writes .eml files all over the place in the folders on the hard drive. Is there a way to get rid if this virus? What is it? Uninstalling outlook express or email would that do it? It ran very sluggish and now is frozen up. HELP http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
Thanks Denise 1) I have it set to unlimited 2) already done... 3) yep... I know... I have downgraded the problem server to SP1, unfortunately I cannot test it till I get home... (since it is my home 98 box that is giving me grief) -Original Message- From: PITNEY,LDENISE (A-Sonoma,ex1) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 10:55 To: NT System Admin Issues Subject: RE: Problem Connecting to Terminal Server Hi Bill See if any of these suggestions work for you... 1. Make sure to set the connections allowed number to 3 --that way I get two complete connections and the third is rejected and you still adhere to the license reqs. 2. Try dropping the encryption to low. This would be set on the properties of the RDP-TCP object under Terminal services configuration. **In remote administration mode no additional licenses are required, you get 2 automatically. Regards, Denise -OH\riginal Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 7:52 AM To: NT System Admin Issues Subject: Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Problem Connecting to Terminal Server
Hi Bill See if any of these suggestions work for you... 1. Make sure to set the connections allowed number to 3 --that way I get two complete connections and the third is rejected and you still adhere to the license reqs. 2. Try dropping the encryption to low. This would be set on the properties of the RDP-TCP object under Terminal services configuration. **In remote administration mode no additional licenses are required, you get 2 automatically. Regards, Denise -OH\riginal Message- From: Bill Higgins [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 7:52 AM To: NT System Admin Issues Subject: Problem Connecting to Terminal Server Server1: W2K Advanced Server, SP2, running Terminal Server in remote administration mode Server2: W2K Advanced Server, SP1, running Terminal Server in remote administration mode Client1: Win98 Client2: W2K Advanced Server, SP1 Client3: W2K Pro Client2 and Client3 can connect to Server1 and Server2 with no problems. Client1 can connect to Server2 with no problem Client1 cannot connect to Server1, get the terminal server has ended the connection dialog box before a login box. I have checked Technet and it is not: http://support.microsoft.com/support/kb/articles/Q237/7/92.ASP?LN=EN-USSD=g nFR=0qry=%26quot%3Bthe%20terminal%20server%20has%20ended%20the%20connectio n%26quot%3Brnk=11src=DHCS_MSPSS_gn_SRCHSPR=MSALL (running in admin mode, not app mode) Any suggestions? Bill Higgins Lead NT Systems Engineer (415) 402-3444 office (415) 720-7053 cell [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
Re: NAV service for Exchange not starting
Title: NAV service for Exchange not starting They are indeed the ones. It's multithreaded hence the additional processes. - Original Message - From: Terry Manolakos To: NT System Admin Issues Sent: Thursday, September 20, 2001 7:02 PM Subject: RE: NAV service for Exchange not starting I've been up about 36hrs no sleep since the virus attackI overlooked checking the processes in task manager.I see several processes that may be NAV related though not surethey're: NaveSrv.* Nave.* is this the NAV I'm looking for? BTW, Norton's Gold support line is so busy, I don't even get a chance to be placed on Hold! This list is very appreciated. -Original Message-From: Rob Wilcox [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 20, 2001 1:45 PMTo: NT System Admin IssuesSubject: Re: NAV service for Exchange not starting Hi Terry, Have you looked in task manager to see if the NAV processes are running ? If they are kill them (end task), and then start the service.. That should give you a clean start up... ? Thanks Rob - Original Message - From: Terry Manolakos To: NT System Admin Issues Sent: Thursday, September 20, 2001 5:43 PM Subject: NAV service for Exchange not starting Exchange srvr (ever since the virus attacked itnow cleaned but with these residual side-effects) in Services, the NAV service for exchange is not starting. The startup is automatic.when I try starting it I get: "Could not start the NAV for Microsoft Exchange service. Error 2182: The requested service has already started"(present status).I had repaired this server's infected files and checked the registry settings instructed from a document relating to error 2182 and another found in my Event Viewer error # 2140 "NAV service for Exchange not starting" the event viewer contradicts the Services error. To give you the whole picture I add these facts: 1. this exchange server was infected with the nimb..virus and was scanned; some repaired files, some quarantened filesreplaced and now is clean. 2. Event ID# 7000 "The NAV for microsoft exchange service failed to start due to : The system can not find the file specified" (Which now is resolved because that file was quarantened and replaced/cleaned one...now ok. (this event occurred sept 18th) 3.symantec knowledge_base error for 2140 "Service could not start NAV for exchange..." points me to registry keys to check for editing ServerAddress name and IP but these have been checked and are correct...rule that out. 4.this exchange mail server is working fine (no hiccups yet other than the NAV failing to start) The NAV had been working well on this exchange server and it stops viruses from entering the mailboxes and spreadingbut right now, this NAV service is down since the virus attacked it via the IISwhich is now clean. I know many SysAdmins are still cleaning up the pieces right now, tending to their own networks as I am, but for those who are out there, not infected and may have the solution to this... I greatly appreciate and thank you in advance for any advice on this matter. THANKS Terry Manolakos http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Pardon me. Did I read this right? Someone at MS makes a mistake and he should be fired. You make a mistake and you eat crow? --Charles John Hornbuckle John.Hornbuckle@taylor.To: NT System Admin Issues k12.fl.us [EMAIL PROTECTED] cc: 09/20/2001 02:30 PM Subject: RE: Microsoft Has Nimda Please respond to NT System Admin Issues Okay, okay... I'll back off and take a wait-and-see approach. Let's wait a few days as research continues and find out if there's a way a server could get infected other than the methods that have already been discovered. If it turns out that Microsoft was lazy on their end, though, then my initial feeling that someone should lose their job will be justified. The other option is that there's some new, unknown exploit out there that NIMDA used. I guess I was just lucky that my servers were apparently not vulnerable to that exploit and that the 16 attempts it uses to break in all result in 404 errors in the logs. If this turns out to be the case, I'll be eating crow. But I'm not ashamed to admit when I'm wrong, so this won't be too painful! We'll have to disagree over whether admins are dropping the ball--although surely we can agree that SOMEONE is dropping it. Code Red exploited a vulnerability that had been fixed some time earlier (over a month, as I recall). Why were so many servers unpatched? And whose responsibility was it to patch them, if not ours? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Clayton [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:06 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda But are you sure that MS has all of the bits in place to protect your network? They may have been infected because of something that has been overlooked, and not because one of their sysadmins was playing quake. They may have all of the patches they have in place, but were still hit from the side door. If they overlooked it for themselves, how can you be sure all of the patches you have will sort you out? I don't agree that sysadmins have been dropping the ball lately either. There is more than one ball to carry in most cases, and the trick is keeping them all up in the air at the same time. It is much easier to secure a small system than a large one as well, which only adds to the challenges we all have the pleasure of dealing with daily. I fully agree that we should always be prepared for all known threats, but the key work there is known. I certainly don't know all of the threats out there, and have to take MS on faith in terms of what Service Pack or hotfix I need to protect my systems, so I hope they were lazy on their end, at least that way I know we are cool here. If they had all of the patches in, and still got it anyways, then I guess we are all in for some long nights. Clayton Doige IT Manager MCSE, MCP + I Gameday International N.V. Bound in a nutshell, King of infinite space... T: +5 999 736 0309 ext 4537 C: +5 999 563 1845 F: +5 999 733 1259 E: [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Yes, that's correct. Let's say a mechanic's hand slips when he's working on my car. What's the worst that can happen? Maybe he damages a part and has to pay out of his own pocket to replace it. No big deal. Now let's a doctor's hand slips while he's operating on me. He ends up cutting my heart, causing me to bleed to death. The consequences for his mistake are going to be much harsher than the mechanic's, right? Microsoft is asking people to trust sensitive information to their servers (through the Passport initiative). Don't you think it's fairly critical that their servers stay secure? And don't you think that if someone fails to do their part in maintaining that security, there should be serious consequences? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:35 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Pardon me. Did I read this right? Someone at MS makes a mistake and he should be fired. You make a mistake and you eat crow? --Charles http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Now, now, be nice :-) Eating crow may be worse than getting fired, depending on what the crow has eaten itself in the previous 24 hours :-) John, LOL on your response :-) With our no so good friend code red, I'd be willing to bet corporate policy played a part in some of the infections (we have to test each patch before rolling to production for a period of X Y or Z) No doubt there are others out there who did not stay on top of things, but I bet those types wouldn't get a job for MS. Like I said earlier, I hope that MS got hit because they were playing quake, instead of patching their servers, as it means we will all be OK as long as we have patched. If not, I understand Worchester Sauce will go quite nicely with crow :-) Clayton Doige IT Manager MCSE, MCP + I Gameday International N.V. Bound in a nutshell, King of infinite space... T: +5 999 736 0309 ext 4537 C: +5 999 563 1845 F: +5 999 733 1259 E: [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: September 20, 2001 1:35 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Pardon me. Did I read this right? Someone at MS makes a mistake and he should be fired. You make a mistake and you eat crow? --Charles John Hornbuckle John.Hornbuckle@taylor.To: NT System Admin Issues k12.fl.us [EMAIL PROTECTED] cc: 09/20/2001 02:30 PM Subject: RE: Microsoft Has Nimda Please respond to NT System Admin Issues Okay, okay... I'll back off and take a wait-and-see approach. Let's wait a few days as research continues and find out if there's a way a server could get infected other than the methods that have already been discovered. If it turns out that Microsoft was lazy on their end, though, then my initial feeling that someone should lose their job will be justified. The other option is that there's some new, unknown exploit out there that NIMDA used. I guess I was just lucky that my servers were apparently not vulnerable to that exploit and that the 16 attempts it uses to break in all result in 404 errors in the logs. If this turns out to be the case, I'll be eating crow. But I'm not ashamed to admit when I'm wrong, so this won't be too painful! We'll have to disagree over whether admins are dropping the ball--although surely we can agree that SOMEONE is dropping it. Code Red exploited a vulnerability that had been fixed some time earlier (over a month, as I recall). Why were so many servers unpatched? And whose responsibility was it to patch them, if not ours? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: Clayton [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:06 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda But are you sure that MS has all of the bits in place to protect your network? They may have been infected because of something that has been overlooked, and not because one of their sysadmins was playing quake. They may have all of the patches they have in place, but were still hit from the side door. If they overlooked it for themselves, how can you be sure all of the patches you have will sort you out? I don't agree that sysadmins have been dropping the ball lately either. There is more than one ball to carry in most cases, and the trick is keeping them all up in the air at the same time. It is much easier to secure a small system than a large one as well, which only adds to the challenges we all have the pleasure of dealing with daily. I fully agree that we should always be prepared for all known threats, but the key work there is known. I certainly don't know all of the threats out there, and have to take MS on faith in terms of what Service Pack or hotfix I need to protect my systems, so I hope they were lazy on their end, at least that way I know we are cool here. If they had all of the patches in, and still got it anyways, then I guess we are all in for some long nights. Clayton Doige IT Manager MCSE, MCP + I Gameday International N.V. Bound in a nutshell, King of infinite space... T: +5 999 736 0309 ext 4537 C: +5 999 563 1845 F: +5 999 733 1259 E: [EMAIL PROTECTED] http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
ie6 vs. ie5.5
I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Nah... It's such a tiny amount that I can handle it raw! John -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:46 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I've heard it's better when fried... ;o) -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:41 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Wow... It's already time to eat a little crow! Turns out that Microsoft was only SORT OF infected: http://www.zdnet.com/zdnn/stories/news/0,4586,5097206,00.html?chkpt=zdnn p1tp02 Their Web server was shootin', but it was shootin' blanks. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
I've seen no issues YET with IE6. I've deployed it to all my client machines (just 40), but am staying with 4.01 or 5.5 on the servers for awhile. Roger Wright Southern Commerce Bank ___ Philosophy: Unintelligible answers to insoluble problems. -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:53 PM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm ___ NOTICE: The information contained in this electronic message is considered privileged and confidential under Florida Statutes 455.251 and 3905.017. It is intended solely for the use of the recipient named above. If the reader is not the recipient named above, you are hereby notified that any dissemination, distribution, copying or disclosure of the contents of this message is prohibited. If you have received this e-mail message in error, please immediately notify the sender and destroy the original message. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
We were using IE5.5 with Sp and no problems. I've just installed IE6 for test purposes and other than an install problem that we solved, it's working fine. Murray -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:53 PM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
Watch out for salmonella poisoning... ;o) -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:57 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Nah... It's such a tiny amount that I can handle it raw! John -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:46 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda I've heard it's better when fried... ;o) -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:41 AM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Wow... It's already time to eat a little crow! Turns out that Microsoft was only SORT OF infected: http://www.zdnet.com/zdnn/stories/news/0,4586,5097206,00.html?chkpt=zdnn p1tp02 Their Web server was shootin', but it was shootin' blanks. John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
Have used IE6 since it was offered with no problems. My thinking is, with MS products, the latest version has all the security updates. -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: Microsoft Has Nimda
The doc has malpractice insurance and stays employed. The mechanic apoligies and tries not to repeat mistakes. You. no taxes for you! --Charles John Hornbuckle John.Hornbuckle@taylor.To: NT System Admin Issues k12.fl.us [EMAIL PROTECTED] cc: 09/20/2001 02:49 PM Subject: RE: Microsoft Has Nimda Please respond to NT System Admin Issues Yes, that's correct. Let's say a mechanic's hand slips when he's working on my car. What's the worst that can happen? Maybe he damages a part and has to pay out of his own pocket to replace it. No big deal. Now let's a doctor's hand slips while he's operating on me. He ends up cutting my heart, causing me to bleed to death. The consequences for his mistake are going to be much harsher than the mechanic's, right? Microsoft is asking people to trust sensitive information to their servers (through the Passport initiative). Don't you think it's fairly critical that their servers stay secure? And don't you think that if someone fails to do their part in maintaining that security, there should be serious consequences? John Hornbuckle Network Manager Taylor County School District 318 North Clark Street Perry, FL 32347 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 2:35 PM To: NT System Admin Issues Subject: RE: Microsoft Has Nimda Pardon me. Did I read this right? Someone at MS makes a mistake and he should be fired. You make a mistake and you eat crow? --Charles http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
Has worked great for me for months now... -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
After reading all of the posts from you about IE6 I must say that after installing IE6 I have experienced an increase in the number of crashes. Not a significant increase, just an increase. I do like the new features though. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:05 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 Has worked great for me for months now... -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
On our 150 or so machines we found no increase. Still zero. We still have Win95 boxes too where 5.5 sp2 has to be used. -Original Message- From: Don Collier (Intermap Denver) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:22 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 After reading all of the posts from you about IE6 I must say that after installing IE6 I have experienced an increase in the number of crashes. Not a significant increase, just an increase. I do like the new features though. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:05 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 Has worked great for me for months now... -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
Have W2KPro, SP2, Off2K, 128Megs, PII, T1 connection at work. Home system is Win2KPro, SP2, 97Megs, Off2K, P166, Cable modem. Both work beautiful. -Original Message- From: Don Collier (Intermap Denver) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 3:22 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 After reading all of the posts from you about IE6 I must say that after installing IE6 I have experienced an increase in the number of crashes. Not a significant increase, just an increase. I do like the new features though. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:05 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 Has worked great for me for months now... -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: ie6 vs. ie5.5
I am not talking about a huge increase in the number of IE crashes. Just sometimes when I get a few different windows going I get a crash. A few being 3 to 5. Nothing major, just noticeable. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:26 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 Funny, I haven't had any of my systems crash yet. -Original Message- From: Don Collier (Intermap Denver) [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 12:22 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 After reading all of the posts from you about IE6 I must say that after installing IE6 I have experienced an increase in the number of crashes. Not a significant increase, just an increase. I do like the new features though. _ Don Collier Network Administrator Intermap Technologies Inc. Voice: 303-708-0955 x-207 Fax:303-708-0952 [EMAIL PROTECTED] www.intermaptechnologies.com -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 1:05 PM To: NT System Admin Issues Subject: RE: ie6 vs. ie5.5 Has worked great for me for months now... -Original Message- From: Jon Hill [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 20, 2001 11:53 AM To: NT System Admin Issues Subject: ie6 vs. ie5.5 I'm using nimda as an excuse to upgrade my firm from ie 5.01 (yes, I could apply the patch but I'd rather just go whole hog and get this over with). Since ie6 hasn't been out all that long, I'm a little leery of using it. Any advice? My environment: NT4sp6a (some sp5), Office 2000, 128MB. http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
