RE: Home Depot scam taylored to men!
How did you explain it to your wife From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 4:42 PM To: NT System Admin Issues Subject: OT: Home Depot scam taylored to men! List dudes, This got me and I just wanted to pass along the info. The scam works like this.. I went to Home Depot bought some stuff and as I'm loading it in my truck, these two women approach me and start washing my windshield. The are well endowed twenty somethings and shall I say, easy on the eyes wearing shirts the same size as my four year olds. Now I didn't think anything of it, as I live in a college town and being a fraternity guy, I just figured it was one of the local sorority chapters conducting a fundraiser using there assets. They finish up as I finish loading and I reach for a couple of bucks. However, they refuse money and just ask for a ride a couple of miles down the road. I reluctantly agree and they hop in the truck. As soon as I start moving they start getting undressed and the on beside me jumps on mewhile the other one grabs my wallet. I couldn't believe it. They got me on the 17th, 19th, 20th and the 22nd. Shook *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Home Depot scam taylored to men!
Wait a minute, one of them probably was his Wife, the other, I dunno a female accompliace? Sounds like a good skit for Larry the Cable Guy joke session. PS: If anyone saw the Ron White Concert at Mohegan Sun in CT on Friday is how flipping hilarious was THAT! Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 From: René de Haas [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 3:33 AM To: NT System Admin Issues Subject: RE: Home Depot scam taylored to men! How did you explain it to your wife From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 4:42 PM To: NT System Admin Issues Subject: OT: Home Depot scam taylored to men! List dudes, This got me and I just wanted to pass along the info. The scam works like this.. I went to Home Depot bought some stuff and as I'm loading it in my truck, these two women approach me and start washing my windshield. The are well endowed twenty somethings and shall I say, easy on the eyes wearing shirts the same size as my four year olds. Now I didn't think anything of it, as I live in a college town and being a fraternity guy, I just figured it was one of the local sorority chapters conducting a fundraiser using there assets. They finish up as I finish loading and I reach for a couple of bucks. However, they refuse money and just ask for a ride a couple of miles down the road. I reluctantly agree and they hop in the truck. As soon as I start moving they start getting undressed and the on beside me jumps on mewhile the other one grabs my wallet. I couldn't believe it. They got me on the 17th, 19th, 20th and the 22nd. Shook *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Dell NVidia GPU problem
A little heads up: http://direct2dell.com/one2one/archive/2008/07/25/nvidia-gpu-update-for-dell-laptop-owners.aspx If the problem isn't with the D830 or D430 I hardly have a problem, but we'll see. Regards René *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Edit .dns files manually
I have moved DNS servers in that fashion, but you can probably use a script with dnscmd.exe from the resource kit to take care of the editing. Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Saturday, July 26, 2008 6:56 PM To: NT System Admin Issues Subject: Edit .dns files manually Im in process of changing about 40 domains for a client, all internal, they have a 2003 standard and secondary dns server (not ad). Im thinking to lessen the downtime, I could edit the .dns files in notepad and then just copy them back into the system32\dns folder and restart dns services. What say you? I googled around but most of what I found was copying registry over and doing other AD integrated style things.. Thanks ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Disgruntled Sysadmin
LOL just stupid people doing stupid things, DA's are not immune, they might be the most clueless people on the planet. That is why they say the joke what is a 100 lawyers on the bottom of the ocean... ( Yep a good start) Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -Original Message- From: David Lum [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 5:59 PM To: NT System Admin Issues Subject: RE: Disgruntled Sysadmin WTF? -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 1:28 PM To: NT System Admin Issues Subject: Re: Disgruntled Sysadmin On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/ 08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Alert when new Email Arrives (LOUD)
Dam that is the BOMB... Good one, Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 4:45 PM To: NT System Admin Issues Subject: RE: Alert when new Email Arrives (LOUD) Here is a wav file you could use :-)Uh, and NSFW. Although at my office, HEAW. (Highly encouraged at work). http://www.arr-the-kraken.com/files/mail.wav From: N Parr [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 3:19 PM To: NT System Admin Issues Subject: Alert when new Email Arrives (LOUD) Brainstorming here, trying to think of a way to alert shipping personnel in a warehouse when a new email arrives. Short of hooking a big a$$ amp up to the speaker output of the computer and having it play a little Ozzy when new email arrives. Anyone think of something, maybe usb relay, that could set off a light or buzzer. I suppose I could get a self powered PA speaker and tie it in, do have a couple of those in the closet. Niles ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Disgruntled Sysadmin
Or what are mixed feelings? The feeling of happiness when you hear a bus of lawyers had an accident Mixed with the feeling of sadness when you hear one of them survived -Original Message- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:32 PM To: NT System Admin Issues Subject: RE: Disgruntled Sysadmin LOL just stupid people doing stupid things, DA's are not immune, they might be the most clueless people on the planet. That is why they say the joke what is a 100 lawyers on the bottom of the ocean... ( Yep a good start) Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -Original Message- From: David Lum [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 5:59 PM To: NT System Admin Issues Subject: RE: Disgruntled Sysadmin WTF? -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 1:28 PM To: NT System Admin Issues Subject: Re: Disgruntled Sysadmin On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/ 08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Alert when new Email Arrives (LOUD)
They aren't important enough for that.Actually they did have a BB for a couple weeks while the line and VPN were being installed. From: Eric Woodford [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 3:36 PM To: NT System Admin Issues Subject: Re: Alert when new Email Arrives (LOUD) Have it forward to a vibrating pager.. or Blackberry.. On Fri, Jul 25, 2008 at 1:19 PM, N Parr [EMAIL PROTECTED] wrote: Brainstorming here, trying to think of a way to alert shipping personnel in a warehouse when a new email arrives. Short of hooking a big a$$ amp up to the speaker output of the computer and having it play a little Ozzy when new email arrives. Anyone think of something, maybe usb relay, that could set off a light or buzzer. I suppose I could get a self powered PA speaker and tie it in, do have a couple of those in the closet. Niles ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Alert when new Email Arrives (LOUD)
They would send themselves email just to set it off. From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 3:45 PM To: NT System Admin Issues Subject: RE: Alert when new Email Arrives (LOUD) Here is a wav file you could use JUh, and NSFW. Although at my office, HEAW. (Highly encouraged at work). http://www.arr-the-kraken.com/files/mail.wav From: N Parr [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 3:19 PM To: NT System Admin Issues Subject: Alert when new Email Arrives (LOUD) Brainstorming here, trying to think of a way to alert shipping personnel in a warehouse when a new email arrives. Short of hooking a big a$$ amp up to the speaker output of the computer and having it play a little Ozzy when new email arrives. Anyone think of something, maybe usb relay, that could set off a light or buzzer. I suppose I could get a self powered PA speaker and tie it in, do have a couple of those in the closet. Niles ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Disgruntled Sysadmin
An engineer died and reported to the pearly gates. An intern angel, filling in for St. Peter, checked his dossier and grimly said, Ah, you're an engineer; you're in the wrong place. So the engineer was cast down to the gates of hell and was let in. Pretty soon, the engineer became gravely dissatisfied with the level of comfort in hell, and began designing and building improvements. After a while, the underworld had air conditioning, flush toilets, and escalators, and the engineer was becoming a pretty popular guy among the demons. One day, God called Satan up on the telephone and asked with a sneer, So, how's it going down there in hell? Satan laughed and replied, Hey, things are going great. We've got air conditioning and flush toilets and escalators, and there's no telling what this engineer is going to come up with next. God's face clouded over and he exploded, What? You've got an engineer? That's a mistake; he should never have gotten down there; send him up here. Satan shook his head, No way. I like having an engineer on the staff, and I'm keeping him. God was as mad as he had ever been, This is not the way things are supposed to work and you know it. Send him back up here or I'll sue. Satan laughed uproariously, Yeah, right. And just where are YOU going to get a lawyer? 2008/7/28 René de Haas [EMAIL PROTECTED] Or what are mixed feelings? The feeling of happiness when you hear a bus of lawyers had an accident Mixed with the feeling of sadness when you hear one of them survived -Original Message- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:32 PM To: NT System Admin Issues Subject: RE: Disgruntled Sysadmin LOL just stupid people doing stupid things, DA's are not immune, they might be the most clueless people on the planet. That is why they say the joke what is a 100 lawyers on the bottom of the ocean... ( Yep a good start) Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -Original Message- From: David Lum [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 5:59 PM To: NT System Admin Issues Subject: RE: Disgruntled Sysadmin WTF? -Original Message- From: Angus Scott-Fleming [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 1:28 PM To: NT System Admin Issues Subject: Re: Disgruntled Sysadmin On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/ 08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.htmlhttp://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/08/07/25/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~
RE: Edit .dns files manually
We've done that successfully here. From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Saturday, July 26, 2008 5:56 PM To: NT System Admin Issues Subject: Edit .dns files manually Im in process of changing about 40 domains for a client, all internal, they have a 2003 standard and secondary dns server (not ad). Im thinking to lessen the downtime, I could edit the .dns files in notepad and then just copy them back into the system32\dns folder and restart dns services. What say you? I googled around but most of what I found was copying registry over and doing other AD integrated style things.. Thanks ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: WAY OT: WMP and youtube
Download Youtube videos (works on similar sites) http://tinyurl.com/6bkarx Tool to convert to DVD format:http://www.dvdflick.net/index.php Roger Wright Network Administrator 727.572.7076 x388 _ From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Saturday, July 26, 2008 2:44 PM To: NT System Admin Issues Subject: WAY OT: WMP and youtube I have these two guys (whom I want to help) that use realplayer on Vista to download and play youtube vids. That app sucks, and always has issues. How can I provide them with a setup to use wmp or another competent media player to rip and replay these vids? Thanks for any hints! jlc ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Any know how to install IO::Socket::SSL with active state perl
Thanks, ski Micheal Espinola Jr wrote: Its in the University of Winnipeg repository. Type this to add it (single line may wrap): ppm repo add University of Winnipeg http://theoryx5.uwinnipeg.ca/ppms/ after which, ppm install IO::Socket::SSL should work just fine. On Fri, Jul 25, 2008 at 11:59 AM, Ski Kacoroski [EMAIL PROTECTED] wrote: I was not able to find it in any PPM repositories. Do you know of one? ski Micheal Espinola Jr wrote: Do you know how to use the PPM? Have you found a repository that you can install this module from? On Wed, Jul 23, 2008 at 11:01 AM, Ski Kacoroski [EMAIL PROTECTED] wrote: Hi, I get a Net::SSLeay could not find a random number generator error. The docs for this say I need a RNG such as /dev/random (unix speak) or an alternate, but all the only alternate I can find is no longer available (EGADS). cheers, ski -- When we try to pick out anything by itself, we find it connected to the entire universeJohn Muir Chris Ski Kacoroski, [EMAIL PROTECTED], 206-501-9803 or ski98033 on most IM services ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ -- When we try to pick out anything by itself, we find it connected to the entire universeJohn Muir Chris Ski Kacoroski, [EMAIL PROTECTED], 206-501-9803 or ski98033 on most IM services ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ -- When we try to pick out anything by itself, we find it connected to the entire universeJohn Muir Chris Ski Kacoroski, [EMAIL PROTECTED], 206-501-9803 or ski98033 on most IM services ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Sharepoint Explorer View Issues
We did this, and it worked perfectly. Thanks for the education and your help on this. FYI, once we got Kerberos working properly, the explorer view problem went away without having to upgrade to Vista. ...Tim From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 7:29 PM To: NT System Admin Issues Subject: RE: Sharepoint Explorer View Issues What account is your Sharepoint application running under? That is the account (whether it be computer or user) that you'd register the http/spps and http/spps.yourdomain.whatever SPNs under (unless you are using IIS 7) Cheers Ken From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Saturday, 26 July 2008 5:39 AM To: NT System Admin Issues Subject: RE: Sharepoint Explorer View Issues Maybe I'm beating a dead horse here, but I've got to try :-) We've discovered that by disabling Kerberos authentication on the site everything works perfectly. So, implied to me that there is a problem with Kerberos authentication on that sharepoint site, which led me to a very nice series about Kerberos on your blog. After reading thru them, I think I understand the problem, I just don't know how to fix it. Hopefully you or someone else here can advise. The server's name is MOSS, but we access it with the name SPPS (set up as a CNAME in DNS) via host headers. When we set it up, we set up a SPN for HTTP and the sharepoint service account on MOSS. My theory is that Kerberos is trying to look up a SPN for SPPS instead, which doesn't exist, and I can't add one because it isn't an object in AD. Any thoughts? ...Tim From: Tim Evans Sent: Wednesday, May 21, 2008 6:04 PM To: NT System Admin Issues Subject: RE: Sharepoint Explorer View Issues Darn, Ken. I was counting on you to have a quick easy fix for this :-). We're working on the Vista upgrade, but we're not quite ready to take the plunge yet. Thanks anyway. ...Tim From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 21, 2008 5:44 PM To: NT System Admin Issues Subject: RE: Sharepoint Explorer View Issues I've been in a similar situation (trying to work out how to get WebDAV rather than FP view working). Been through that paper, looking at network packet captures, and all sorts of things. Pinged MVPs, Microsoft people, and couldn't work it all out. Upgrade to Vista - the WebDAV redirector was completely rewritten for Vista and works now :-) Cheers Ken From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Thursday, 22 May 2008 8:02 AM To: NT System Admin Issues Subject: Sharepoint Explorer View Issues We're having some problems with some users ability to use Explorer View in shared documents folders on our MOSS server. The symptom is that the get an authentication popup when they change from the All Documents view to Explorer view. They cannot authenticate with the pop up, no matter what credentials are used. If they cancel the popup, they get in, but have reduced functionality (can't drag drop, copy, etc). The users affected by it appear to be completely random some with IE6, some with IE7, nothing in common that I can see (all are XPSP2 or 3). Googling for help on this yields a bunch of blog entries that all point to a 2006 MS White paper titled Understanding and Troubleshooting the Sharepoint Explorer View. From reading this white paper, it sounds like we are getting FPRPC instead of WebDAV. Following the troubleshooting steps, we have confirmed that the Web Client Service is running, the content unencrypted over port 80. Manually adding the site to the local intranet zone makes no difference (it shows unknown zone/mixed by default). So, does anyone know how to force IE to use WebDAV on a Sharepoint site? ...Tim ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Remote Network Monitoring Software
Hi all, this is more targetting at those of you on list that work for consultancy firms, as opposed to in house folks. I am surfing around looking at various network monitoring tools, but the key things that I am looking for are ones that allow a consultancy firm to remotely monitor several networks simulteneously, and securely. The idea being we can have a dashboard in our office showing our various client's networks and alerting us to any issues. So this obviously mean mutilple domains, subnets, SNMP communities and the like. What are folks using, and how happy are you with it? Thanks Clayton ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Remote Network Monitoring Software
How much money do you want to spend, and how much work do you want to do rolling your own and how much equipment will you have at the remote end? Nagios, MRTG, etc. are all free and given site-to-site VPNs can be secure. But you'll have a significant roll-your-own investment to customize it. Servers Alive is inexpensive and can generate traps to only specific IP addresses for security. You'll have some roll-your-own going on here too. Altiris, OpsMgr, OpenView are all enterprise solutions, but you'll need to put a server on the customer site to be able to get it all. Configuration isn't for the weak at heart, but once configured should run smoothly. They all provide secure connections. Regards, Michael B. Smith MCITP:SA,EMA/MCSE/Exchange MVP http://TheEssentialExchange.com From: Clayton Doige [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:22 PM To: NT System Admin Issues Subject: Remote Network Monitoring Software Hi all, this is more targetting at those of you on list that work for consultancy firms, as opposed to in house folks. I am surfing around looking at various network monitoring tools, but the key things that I am looking for are ones that allow a consultancy firm to remotely monitor several networks simulteneously, and securely. The idea being we can have a dashboard in our office showing our various client's networks and alerting us to any issues. So this obviously mean mutilple domains, subnets, SNMP communities and the like. What are folks using, and how happy are you with it? Thanks Clayton ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Remote Network Monitoring Software
check out http://zenithinfotech.com/ - Original Message From: Clayton Doige [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, July 28, 2008 12:22:18 PM Subject: Remote Network Monitoring Software Hi all, this is more targetting at those of you on list that work for consultancy firms, as opposed to in house folks. I am surfing around looking at various network monitoring tools, but the key things that I am looking for are ones that allow a consultancy firm to remotely monitor several networks simulteneously, and securely. The idea being we can have a dashboard in our office showing our various client's networks and alerting us to any issues. So this obviously mean mutilple domains, subnets, SNMP communities and the like. What are folks using, and how happy are you with it? Thanks Clayton ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Symantec Endpoint Protection
Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Symantec Endpoint Protection
I think for a stand-alone PC that is an unmanaged client SEP is a pretty decent product. In a domain environment it is not so good. It's definitely a MUCH better product now then it was at launch, but that's not saying too much. I am still not confident enough with it to be comfortable installing it at any of our clients. I think by the end of the year it will probably be good enough. It also has all the extra stuff like the network and proactive scanning, firewall, etc that should all not be installed unless you are going to take the time to configure all of it. I would honestly stay with antivirus 10.2. If you are using 10.2 corporate edition and like the features of multi-tier protection you have an option. You can purchase SEP Multi-tier and request a downgrade license and media. You will get to use SAV 10.2 Enterprise edition which is a pretty kick ass product. Just my thoughts, hope they help! -Sean Houston On Mon, Jul 28, 2008 at 1:34 PM, Joe Heaton [EMAIL PROTECTED] wrote: Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Remote Network Monitoring Software
sAlive is *still* a great choice for very little $$$ I found it easier to install locally at the smaller client sites on the ONLY machine setup to allow me to VPN in and control (at my advice), the more robust sites can handle a permanent tunnel where I can *also* monitor from a local installation at my site. _ From: Clayton Doige [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:22 PM To: NT System Admin Issues Subject: Remote Network Monitoring Software Hi all, this is more targetting at those of you on list that work for consultancy firms, as opposed to in house folks. I am surfing around looking at various network monitoring tools, but the key things that I am looking for are ones that allow a consultancy firm to remotely monitor several networks simulteneously, and securely. The idea being we can have a dashboard in our office showing our various client's networks and alerting us to any issues. So this obviously mean mutilple domains, subnets, SNMP communities and the like. What are folks using, and how happy are you with it? Thanks Clayton No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
What's your address? :p Some badly written worms due sequential port scans. You don't want to be attacking systems because if somebody files a complaint against you, it's rather hard to defend cyber attacks.. Find the ISP of those addresses and file a complaint. From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:11 AM To: NT System Admin Issues Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: People that keep scanning my firewall
most are out of country. - Original Message - From: Mathew Shember To: NT System Admin Issues Sent: Monday, July 28, 2008 2:25 PM Subject: RE: People that keep scanning my firewall What's your address? :p Some badly written worms due sequential port scans. You don't want to be attacking systems because if somebody files a complaint against you, it's rather hard to defend cyber attacks.. Find the ISP of those addresses and file a complaint. From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:11 AM To: NT System Admin Issues Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: People that keep scanning my firewall
In that case, good luck getting them to do anything about it. If they are being a particular nuisance you could block that subnet at the router upstream from your firewall. David W. McSpadden wrote: most are out of country. -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: People that keep scanning my firewall
Router is Leased from ATT. I can ask them but I think I am just pissing in the wind right now. - Original Message - From: Phil Brutsche [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, July 28, 2008 2:36 PM Subject: Re: People that keep scanning my firewall In that case, good luck getting them to do anything about it. If they are being a particular nuisance you could block that subnet at the router upstream from your firewall. David W. McSpadden wrote: most are out of country. -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: People that keep scanning my firewall
Furthermore, Windows (at least up through 2003) does not have the whois command. If you have access to a x-nix box... Othewise, look for a reverse name lookup utility. There is a web-based one: http://www.arin.net/whois/ Also http://ip-lookup.net Also some tools such as iplookup from http://www.softnik.com Besides doing the reverse lookup, they should also tell you who owns that network and to whom you report abuse. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org David W. McSpadden [EMAIL PROTECTED] wrote on 07/28/2008 01:29:36 PM: most are out of country. - Original Message - From: Mathew Shember To: NT System Admin Issues Sent: Monday, July 28, 2008 2:25 PM Subject: RE: People that keep scanning my firewall What’s your address? :p Some badly written worms due sequential port scans. You don’t want to be attacking systems because if somebody files a complaint against you, it’s rather hard to defend cyber attacks…. Find the ISP of those addresses and file a complaint. From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:11 AM To: NT System Admin Issues Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
Hey, a lot of those scans will be script kiddies and the like, it is summer holidays after all. Annoying to be sure, but it does show your firewall up to management as a target, and that could work in your favour if you need budget for additional security in the future? Just a thought... -Original Message- From: David W. McSpadden [EMAIL PROTECTED] Sent: 28 July 2008 19:10 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: People that keep scanning my firewall
7887 entries since last thursday. The majority are 1 icmp scan per IP. However there are about 20 IPs that have over 300 scans since Thursday. They are all blocked but come on people this is crazy. - Original Message - From: Clayton Doige To: NT System Admin Issues Sent: Monday, July 28, 2008 2:43 PM Subject: RE: People that keep scanning my firewall Hey, a lot of those scans will be script kiddies and the like, it is summer holidays after all. Annoying to be sure, but it does show your firewall up to management as a target, and that could work in your favour if you need budget for additional security in the future? Just a thought... -- From: David W. McSpadden [EMAIL PROTECTED] Sent: 28 July 2008 19:10 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
Download dig for windows, it includes whois.exe. Put the dig folder in the system path. Now you have a command line whois for windows. Carl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:41 PM To: NT System Admin Issues Subject: Re: People that keep scanning my firewall Furthermore, Windows (at least up through 2003) does not have the whois command. If you have access to a x-nix box... Othewise, look for a reverse name lookup utility. There is a web-based one: http://www.arin.net/whois/ Also http://ip-lookup.net Also some tools such as iplookup from http://www.softnik.com Besides doing the reverse lookup, they should also tell you who owns that network and to whom you report abuse. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org David W. McSpadden [EMAIL PROTECTED] wrote on 07/28/2008 01:29:36 PM: most are out of country. - Original Message - From: Mathew Shember To: NT System Admin Issues Sent: Monday, July 28, 2008 2:25 PM Subject: RE: People that keep scanning my firewall What’s your address? :p Some badly written worms due sequential port scans. You don’t want to be attacking systems because if somebody files a complaint against you, it’s rather hard to defend cyber attacks…. Find the ISP of those addresses and file a complaint. From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:11 AM To: NT System Admin Issues Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
Agreed - Nepenthes with Honeytrap works nice... send all the bad ports to the honeypot and tell Honeytrap to Mirror the connection (LOL, use with caution) I also use http://www.nirsoft.net/utils/ipnetinfo.html IPNETInfo for the looks up of rouge IP's it works nice... -Original Message- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 1:41 PM To: NT System Admin Issues Subject: RE: People that keep scanning my firewall Set up a honeypot and watch the scans go way up. Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -Original Message- From: Phil Brutsche [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:36 PM To: NT System Admin Issues Subject: Re: People that keep scanning my firewall In that case, good luck getting them to do anything about it. If they are being a particular nuisance you could block that subnet at the router upstream from your firewall. David W. McSpadden wrote: most are out of country. -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
Depending on how many IP's your talking about... try shunning them from the ASA, and removing the syslog message from being logged shun 11.22.33.44 no logging message 401004 That'll at least clean up the logs without sacrificing legitimate logging output. Aaron Rohyans IT Coordinator, IDC-USA [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 317.244.8307 (V) 317.244.4600 (F) From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:44 PM To: NT System Admin Issues Subject: Re: People that keep scanning my firewall 7887 entries since last thursday. The majority are 1 icmp scan per IP. However there are about 20 IPs that have over 300 scans since Thursday. They are all blocked but come on people this is crazy. - Original Message - From: Clayton Doige mailto:[EMAIL PROTECTED] To: NT System Admin Issues mailto:ntsysadmin@lyris.sunbelt-software.com Sent: Monday, July 28, 2008 2:43 PM Subject: RE: People that keep scanning my firewall Hey, a lot of those scans will be script kiddies and the like, it is summer holidays after all. Annoying to be sure, but it does show your firewall up to management as a target, and that could work in your favour if you need budget for additional security in the future? Just a thought... From: David W. McSpadden [EMAIL PROTECTED] Sent: 28 July 2008 19:10 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: People that keep scanning my firewall
I use Sam Spade...handy GUI tool...been around for years. http://www.pcworld.com/downloads/file/fid,4709-order,1-page,1-c,spamblockers/description.html Bill Lambert Concuity 847-941-9206 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 1:41 PM To: NT System Admin Issues Subject: Re: People that keep scanning my firewall Furthermore, Windows (at least up through 2003) does not have the whois command. If you have access to a x-nix box... Othewise, look for a reverse name lookup utility. There is a web-based one: http://www.arin.net/whois/ Also http://ip-lookup.net Also some tools such as iplookup from http://www.softnik.com Besides doing the reverse lookup, they should also tell you who owns that network and to whom you report abuse. -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org David W. McSpadden [EMAIL PROTECTED] wrote on 07/28/2008 01:29:36 PM: most are out of country. - Original Message - From: Mathew Shember To: NT System Admin Issues Sent: Monday, July 28, 2008 2:25 PM Subject: RE: People that keep scanning my firewall What’s your address? :p Some badly written worms due sequential port scans. You don’t want to be attacking systems because if somebody files a complaint against you, it’s rather hard to defend cyber attacks…. Find the ISP of those addresses and file a complaint. From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:11 AM To: NT System Admin Issues Subject: People that keep scanning my firewall Does anyone want to share a list of jerkoffs that keep scanning the outside interface of their firewalls? I want to just blast these IP's that keep filling up my Management reports. They are a bother and have no real value but I am required to get the board an unaltered report. Data Security is everyone's responsibility. __ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
DMZ\Firewall Question
I have a server in the DMZ that has no access from our network. I need to give access from our domain to a single folder on the server. What methods and what ports need to be opened on a firewall to allow a user to access this folder; either using a browser or My Computer so a domain user can drop files in the folder and retrieve files from the folder, while FTP is a great way to do this is there a method of access as simple as dragging and dropping a file. Any ideas are appreciated MS 2003 environment ASA Firewall Thanks, KC Carter System Administrator 302-734-1450 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
So I guess what I'm really asking here, now that I'm not trying to bash Symantec, is this: Are there enough improvements with the new version (mainly overhead, bloat, etc.) to recommend upgrading to it? My users' main complaint is that their computer takes so long to completely boot up in the morning, and this is because Symantec is doing a startup scan and takes a huge portion of CPU cycles, which bogs down the entire system. I personally would love to tell them not to upgrade, but wait until the contract ends, and dump Symantec like a hot potato. But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. Joe Heaton From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: DMZ\Firewall Question
Second NIC to LAN Anatoly Podgoretsky http://www.podgoretsky.com - Original Message - From: KC Carter To: NT System Admin Issues Sent: Monday, July 28, 2008 11:23 PM Subject: DMZ\Firewall Question I have a server in the DMZ that has no access from our network. I need to give access from our domain to a single folder on the server. What methods and what ports need to be opened on a firewall to allow a user to access this folder; either using a browser or My Computer so a domain user can drop files in the folder and retrieve files from the folder, while FTP is a great way to do this is there a method of access as simple as dragging and dropping a file. Any ideas are appreciated MS 2003 environment ASA Firewall ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: DMZ\Firewall Question
That was a joke, right? How about: -Create the share on the DMZ server with needed permissions to allow the user to get to it -have the user try to open the folder -note the log entries and use those to configure your rule allowing access from the users machine to the folder From: Anatoly Podgoretsky [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 3:58 PM To: NT System Admin Issues Subject: Re: DMZ\Firewall Question Second NIC to LAN Anatoly Podgoretsky http://www.podgoretsky.com - Original Message - From: KC Carter mailto:[EMAIL PROTECTED] To: NT System Admin Issues mailto:ntsysadmin@lyris.sunbelt-software.com Sent: Monday, July 28, 2008 11:23 PM Subject: DMZ\Firewall Question I have a server in the DMZ that has no access from our network. I need to give access from our domain to a single folder on the server. What methods and what ports need to be opened on a firewall to allow a user to access this folder; either using a browser or My Computer so a domain user can drop files in the folder and retrieve files from the folder, while FTP is a great way to do this is there a method of access as simple as dragging and dropping a file. Any ideas are appreciated MS 2003 environment ASA Firewall ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: DMZ\Firewall Question
Lol...that's funny. From: Anatoly Podgoretsky [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:58 PM To: NT System Admin Issues Subject: Re: DMZ\Firewall Question Second NIC to LAN Anatoly Podgoretsky http://www.podgoretsky.com - Original Message - From: KC Cartermailto:[EMAIL PROTECTED] To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com Sent: Monday, July 28, 2008 11:23 PM Subject: DMZ\Firewall Question I have a server in the DMZ that has no access from our network. I need to give access from our domain to a single folder on the server. What methods and what ports need to be opened on a firewall to allow a user to access this folder; either using a browser or My Computer so a domain user can drop files in the folder and retrieve files from the folder, while FTP is a great way to do this is there a method of access as simple as dragging and dropping a file. Any ideas are appreciated MS 2003 environment ASA Firewall ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
blacklists
We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
XP SP3
Any reason NOT to install this at this point? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Sounds like you may have an infected client on your network that is sending outbound spam. Block port 25 at the firewall for all but authorized systems (mail server). Set the mail server so that it only accepts mail from your exchange server. That should get things cleared up enough so that you'll stay off the blacklists and give you some time to hunt for the guilty party. ...Tim From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: XP SP3
I looked and looked, couldn't find anything... haven't WSUS'd it out yet, just doing a manual installs when I 'touch' or redeploy machines. I like the perf boost I hear about. Haven't done any internal benchmarking though. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 4:43 PM To: NT System Admin Issues Subject: XP SP3 Any reason NOT to install this at this point? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
ESX/ESXi
So, from what I've read, the difference between these two is that ESXi has a smaller footprint. Is this all I need to consolidate physical servers, or do I need the Infrastructure 3.0? Running around 20 physical servers atm, including 2 DCs, Exchange 2K3 box, file server, print server, web servers and application servers. Nothing too far out of the ordinary. This post is not asking about box requirements to do this, just if the ESXi is all I would need. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Are you allowing mail relaying on your internal network? ESMSMTPDefault SMTPAccessRelay (Any exclusions here at all?) You cannot change the port/25 if you expect to be able to send mail to other organizations. You can only change the port if you are passing emails off to another server, and then that server sends it out. I think it's time to start looking through your SMTP logs on your mail server. Also, check out http://www.authsmtp.com/ Set your exchange box to send mail through them on a obscure port, and turn off port 25 on all your firewalls. I'm not talking zone alarm, I'm talking about your perimeter hardware firewall. This will get your messages out, and let things calm down to get you off the blacklists. Sam From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 4:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Set the mail server so that it only accepts mail from your exchange server They are one and the same. My DC is actually my Mail Gateway between the WG and Exchange. Block port 25 at the firewall for all but authorized systems (mail server). Any idea how to do this on a Watchguard 700? Thanks From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:47 PM To: NT System Admin Issues Subject: RE: blacklists Sounds like you may have an infected client on your network that is sending outbound spam. Block port 25 at the firewall for all but authorized systems (mail server). Set the mail server so that it only accepts mail from your exchange server. That should get things cleared up enough so that you'll stay off the blacklists and give you some time to hunt for the guilty party. ...Tim From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: XP SP3
Don't know of any Joe Heaton wrote: Any reason NOT to install this at this point? -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Then forget about the Set the mail server so that it only accepts mail from your exchange server part. Just set your firewall so that it only accept SMTP mail from that server. Sorry, but I can't help you on the watchguard config. ...Tim From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:54 PM To: NT System Admin Issues Subject: RE: blacklists Set the mail server so that it only accepts mail from your exchange server They are one and the same. My DC is actually my Mail Gateway between the WG and Exchange. Block port 25 at the firewall for all but authorized systems (mail server). Any idea how to do this on a Watchguard 700? Thanks From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:47 PM To: NT System Admin Issues Subject: RE: blacklists Sounds like you may have an infected client on your network that is sending outbound spam. Block port 25 at the firewall for all but authorized systems (mail server). Set the mail server so that it only accepts mail from your exchange server. That should get things cleared up enough so that you'll stay off the blacklists and give you some time to hunt for the guilty party. ...Tim From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Have you tested for Open Relay? Roger Wright Network Administrator 727.572.7076 x388 _ From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Yes, with MXToolbox everything check out. From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:11 PM To: NT System Admin Issues Subject: RE: blacklists Have you tested for Open Relay? Roger Wright Network Administrator 727.572.7076 x388 _ From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: XP SP3
Really? I'm using the nVidia drivers from April in my SP3 images without any problems. Mark A. Ross wrote: Iv'e got a good one for you guys that drove me nuts. Windows Xp SP3 + New NVidia drivers = No Terminal Services. -- Phil Brutsche [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Infected computers use port 25 like everything else. At the firewall create a port 25 outbound rule that only allows the Exchange server. BTW your final firewall rule should be to disallow everything that isn't specifically allowed, right?! At the Exchange server only allow relaying for localhost. Now any outbound spam has no choice to get out except to use MAPI and the Exchange server, and if such a thing were happening you could track it. Assuming of course, that the Exchange server itself is clean. Carl _ From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Sounds like a client open with SMTP, I just went through that deal recently Paul, removed the malicious user from the network As for Barracuda Reputation, GOOD LUCK...we are still on that system even though I cleared our org from the other lists. Thomas From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:15 PM To: NT System Admin Issues Subject: RE: blacklists Yes, with MXToolbox everything check out. From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:11 PM To: NT System Admin Issues Subject: RE: blacklists Have you tested for Open Relay? Roger Wright Network Administrator 727.572.7076 x388 _ From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Girl Scouts of Southwest Texas company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Open Policy Manager on the Watchguard 700, you will have either a proxy or filter policy for SMTP. On the Outgoing tab, set From: to the IP address of your mail server and To: to all The default rule is all to all, which will allow traffic from port 25 to pass from any machine on your network. By setting From: to only your mail server IP, you will block any internal machines that may be attempting to send SMTP traffic on their own. You can also set the rule to log denied traffic which will quickly identify internal machines that are attempting to use port 25. Configuration is a little different on the newer Watchguard boxes, but should be pretty straight forward on the 700. If the problem persists, then you're back to a relay problem or compromised mail server. Dennis From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 4:54 PM To: NT System Admin Issues Subject: RE: blacklists Set the mail server so that it only accepts mail from your exchange server They are one and the same. My DC is actually my Mail Gateway between the WG and Exchange. Block port 25 at the firewall for all but authorized systems (mail server). Any idea how to do this on a Watchguard 700? Thanks From: Tim Evans [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:47 PM To: NT System Admin Issues Subject: RE: blacklists Sounds like you may have an infected client on your network that is sending outbound spam. Block port 25 at the firewall for all but authorized systems (mail server). Set the mail server so that it only accepts mail from your exchange server. That should get things cleared up enough so that you'll stay off the blacklists and give you some time to hunt for the guilty party. ...Tim From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 2:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: blacklists
Thanks Thomas. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:21 PM To: NT System Admin Issues Subject: RE: blacklists Sounds like a client open with SMTP, I just went through that deal recently Paul, removed the malicious user from the network As for Barracuda Reputation, GOOD LUCK...we are still on that system even though I cleared our org from the other lists. Thomas From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:15 PM To: NT System Admin Issues Subject: RE: blacklists Yes, with MXToolbox everything check out. From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:11 PM To: NT System Admin Issues Subject: RE: blacklists Have you tested for Open Relay? Roger Wright Network Administrator 727.572.7076 x388 _ From: Paul Everett [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 5:35 PM To: NT System Admin Issues Subject: blacklists We've been finding ourself on some blacklists since last week and have basically shut us down. Specifically Spamhaus and Barracuda's. I'm not sure if I have an infected computer on my network sending spam or not. I've requested my ip removed from the blacklists several times, but after a day or two I'm back on. I've got a window to post this question before it happens again. Here's what I have. One Domain, two locations connected via PTP T1 (Adtrans). All Internet access is at one location where I have my Mail Server 2003 (Ninja) and a Watchguard Firewall. All clients (about 200) running Symantec AV. I don't have really the tools or knowledge to run any packet capture software (or anything else) to determine if I have an owned machine, but while I am working on that is there any way to close my firewall to outbound mail traffic while still letting my Exchange out? Do infected computers send email thru port 25 like Exchange? If so, can I block that port and change the port Exchange uses to send? If so, how? This may take me awhile, but I'd like to stay off the blacklists in the mean time. One thing I've done is installed Zone Alarm on my pc to see if I can catch any of my local computers scanning my network. After the install it asked if I wanted my Outlook to act as a Server. The info button showed that it should be ok to do, but I said no. My email seems to be working but I keep getting notifications that ZA is blocking internet access to my computer from my mail server. This is probably nothing. Thanks for any suggestions. Paul Everett IS Dept. Lee Mental Health Center 239-791-1551 Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org blocked::http://www.leementalhealth.org/ to learn more. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message, including attachments. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Girl Scouts of Southwest Texas. Warning: Although precautions have been taken to make sure no viruses are present in this email, Girl Scouts of Southwest Texas cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: ESX/ESXi
You would still need Virtual Center if you wanted to do things like VMotion. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 3:35 PM To: NT System Admin Issues Subject: RE: ESX/ESXi So it is all I need to consolidate my servers, and I don't need Infrastructure 3.0..right? Joe Heaton _ From: Don Ely [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 3:29 PM To: NT System Admin Issues Subject: Re: ESX/ESXi No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. You like having a single point of failure for your AV software? I am the complete opposite to you. I hate having the same brand on Exchange and the desktops and will avoid it where possible. In your current scenario you have one defence system - as both the desktop and Exchange AV will be working on the same set of definition files. It gets past one it will get past the other and your machines will be infected. I will leave the Symantec bashing out of it, but will say that I see more infected systems that are protected by Symantec than any others. What you should be looking for is to have something different on the Exchange server to provide dual levels of protection. Something like GFI Mail Security, Microsoft Forefront or the list host's product. Something using multiple definition files that are not the same as what you are using now. The idea being that if one doesn't catch, the other will. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/http://certificatesforexchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 21:44 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection So I guess what I'm really asking here, now that I'm not trying to bash Symantec, is this: Are there enough improvements with the new version (mainly overhead, bloat, etc.) to recommend upgrading to it? My users' main complaint is that their computer takes so long to completely boot up in the morning, and this is because Symantec is doing a startup scan and takes a huge portion of CPU cycles, which bogs down the entire system. I personally would love to tell them not to upgrade, but wait until the contract ends, and dump Symantec like a hot potato. But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. Joe Heaton From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Moving a PowerVault
Depending in the PowerVault it may be both. Our 201 it was on both and was still good after a move, but then I blew the drive anyway as the data was out of date. Our 220 also had it both places but I did not want the setup and was changing it any way with adding of drives and other changes. Jon On Fri, Jul 25, 2008 at 9:14 AM, John Hornbuckle [EMAIL PROTECTED] wrote: The new server has its own controller. I was thinking that the config info was actually stored in the PowerVault, and could be loaded from it on to the new controller. I can't recall why I thought that--some past experience I had. It's hazy now. I can rebuild and restore if I have to. But unless there's some advantage to doing that, I'd rather not--it would save time and headache. -Original Message- From: N Parr [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 9:09 AM To: NT System Admin Issues Subject: RE: Moving a PowerVault If you are moving the controller card along with it then you don't have any worries, it contains all the drive configuration. If you're just moving the array then I don't really know. Someone else could probably answer if a similar controller would detect the drive array. I assume it's a Perc card of some sort. I would probably rebuild and restore anyway. I'm getting ready to do this myself but I'm going to move the Perc card with the array. If the Powervault is only half full of drives you could split the backplane on the array and put new drives in and connect them to your new server and then just move your files over to the other server and then decommission or reuse the old drives. -Original Message- From: John Hornbuckle [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 8:03 AM To: NT System Admin Issues Subject: Moving a PowerVault I've got a PowerVault SCSI RAID storage system attached to a server that's being decommissioned. I want to move it over to a new replacement server. I have no experience doing this, and want to make sure I don't screw up the RAID configuration and data on it. Any pointers on how to do this? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 www.taylor.k12.fl.us ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Disgruntled Sysadmin
You mean the not so slow circular motion we see is not the world getting to the bottom of the toilet? Jon On Fri, Jul 25, 2008 at 4:39 PM, Kurt Buff [EMAIL PROTECTED] wrote: ROFL! The world will be destroyed by the clueless... On Fri, Jul 25, 2008 at 1:27 PM, Angus Scott-Fleming [EMAIL PROTECTED] wrote: On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Dell NVidia GPU problem
Thanks for the heads up I have a couple of the Vostros machines that will need checking. Jon On Mon, Jul 28, 2008 at 7:57 AM, René de Haas [EMAIL PROTECTED]wrote: A little heads up: http://direct2dell.com/one2one/archive/2008/07/25/nvidia-gpu-update-for-dell-laptop-owners.aspx If the problem isn't with the D830 or D430 I hardly have a problem, but we'll see. Regards René -- *** The information in this e-mail is confidential and intended solely for the individual or entity to whom it is addressed. If you have received this e-mail in error please notify the sender by return e-mail delete this e-mail and refrain from any disclosure or action based on the information. *** ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
OT: HIPAA
Hi All, I was hoping someone help me with HIPAA rules and regulations in IT. I did all kinds of searching and have found many sites with HIPAA info, but nothing solid... Im looking to implement policys, procedures, for HIPAA compliance. Anything from passwords changes to physical server room security. Does anyone have any good resources to start looking into this? Any advise is greatly appreciated! Travis ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: ESX/ESXi
So, we have two servers running ESX Standard, and we use the VI client to manage those servers (along with some judicious use of ssh). If I fire up a machine running the free ESXi, will the VI client allow me to manage it, or will I need the VMWare Server Console, which I use to manage my free installation of VMWare server for my desktop use? I'm looking at this page: http://www.vmware.com/products/esxi/features.html and it looks like it's basically the same as the ESX Standard that we paid a fair amount for about a year ago. Now it's free. Wow. On Mon, Jul 28, 2008 at 3:28 PM, Don Ely [EMAIL PROTECTED] wrote: The i is for integrated... Other than that, its the same old ESX... On Mon, Jul 28, 2008 at 2:50 PM, Joe Heaton [EMAIL PROTECTED] wrote: So, from what I've read, the difference between these two is that ESXi has a smaller footprint. Is this all I need to consolidate physical servers, or do I need the Infrastructure 3.0? Running around 20 physical servers atm, including 2 DCs, Exchange 2K3 box, file server, print server, web servers and application servers. Nothing too far out of the ordinary. This post is not asking about box requirements to do this, just if the ESXi is all I would need. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Server Colidation via VMWare
It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has – it lets you make a P2V image w/out taking the target system offline – it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. *Dave Lum* - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 *..*remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside*** - JFK*** *From:* Roger Wright [mailto:[EMAIL PROTECTED] *Sent:* Friday, July 25, 2008 8:36 AM *To:* NT System Admin Issues *Subject:* Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Disgruntled Sysadmin
Indeed, including the USAF crew found asleep at the missile launch switch... On Mon, Jul 28, 2008 at 4:40 PM, Jon Harris [EMAIL PROTECTED] wrote: You mean the not so slow circular motion we see is not the world getting to the bottom of the toilet? Jon On Fri, Jul 25, 2008 at 4:39 PM, Kurt Buff [EMAIL PROTECTED] wrote: ROFL! The world will be destroyed by the clueless... On Fri, Jul 25, 2008 at 1:27 PM, Angus Scott-Fleming [EMAIL PROTECTED] wrote: On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: ESX/ESXi
There are a few diffs not relevant actually that account for the smaller size. But if your not using a san and have shared storage with the intent to vmotion your golden! Its limited to two procs so you may run out of processor. 20 vm's is by no means a small load, not to say it cant be done. Given the right hardware and resources its trivial. Watch disk IO, in my experience that (besides ram) is what limitation I have run into almost always first. Given vmware's time on the market, their product is super polished. I have had a good chunk of experience with the others, especially the xen based ones including the open source xen version and none have an interface as good this. It's a real steal for free! There is no supported cli except for the lame rcli but there is an unobtrusive fix for that to get ssh access which IMHO is a must. Then again, Update 2 was released as free and I haven't installed it yet. They might have done something about that:) jlc From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 4:35 PM To: NT System Admin Issues Subject: RE: ESX/ESXi So it is all I need to consolidate my servers, and I don't need Infrastructure 3.0right? Joe Heaton From: Don Ely [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 3:29 PM To: NT System Admin Issues Subject: Re: ESX/ESXi No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: ESX/ESXi
Kurt, If I fire up a machine running the free ESXi, will the VI client allow me to manage it, or will I need the VMWare Server Console No, you can use VIC with ESXi. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:14 PM To: NT System Admin Issues Subject: Re: ESX/ESXi So, we have two servers running ESX Standard, and we use the VI client to manage those servers (along with some judicious use of ssh). If I fire up a machine running the free ESXi, will the VI client allow me to manage it, or will I need the VMWare Server Console, which I use to manage my free installation of VMWare server for my desktop use? I'm looking at this page: http://www.vmware.com/products/esxi/features.html and it looks like it's basically the same as the ESX Standard that we paid a fair amount for about a year ago. Now it's free. Wow. On Mon, Jul 28, 2008 at 3:28 PM, Don Ely [EMAIL PROTECTED] wrote: The i is for integrated... Other than that, its the same old ESX... On Mon, Jul 28, 2008 at 2:50 PM, Joe Heaton [EMAIL PROTECTED] wrote: So, from what I've read, the difference between these two is that ESXi has a smaller footprint. Is this all I need to consolidate physical servers, or do I need the Infrastructure 3.0? Running around 20 physical servers atm, including 2 DCs, Exchange 2K3 box, file server, print server, web servers and application servers. Nothing too far out of the ordinary. This post is not asking about box requirements to do this, just if the ESXi is all I would need. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Server Colidation via VMWare
Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has - it lets you make a P2V image w/out taking the target system offline - it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. Dave Lum - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 ..remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside - JFK From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 8:36 AM To: NT System Admin Issues Subject: Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: ESX/ESXi
That just rocks. I'm definitely stoked. On Mon, Jul 28, 2008 at 5:20 PM, Sam Cayze [EMAIL PROTECTED] wrote: Kurt, If I fire up a machine running the free ESXi, will the VI client allow me to manage it, or will I need the VMWare Server Console No, you can use VIC with ESXi. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:14 PM To: NT System Admin Issues Subject: Re: ESX/ESXi So, we have two servers running ESX Standard, and we use the VI client to manage those servers (along with some judicious use of ssh). If I fire up a machine running the free ESXi, will the VI client allow me to manage it, or will I need the VMWare Server Console, which I use to manage my free installation of VMWare server for my desktop use? I'm looking at this page: http://www.vmware.com/products/esxi/features.html and it looks like it's basically the same as the ESX Standard that we paid a fair amount for about a year ago. Now it's free. Wow. On Mon, Jul 28, 2008 at 3:28 PM, Don Ely [EMAIL PROTECTED] wrote: The i is for integrated... Other than that, its the same old ESX... On Mon, Jul 28, 2008 at 2:50 PM, Joe Heaton [EMAIL PROTECTED] wrote: So, from what I've read, the difference between these two is that ESXi has a smaller footprint. Is this all I need to consolidate physical servers, or do I need the Infrastructure 3.0? Running around 20 physical servers atm, including 2 DCs, Exchange 2K3 box, file server, print server, web servers and application servers. Nothing too far out of the ordinary. This post is not asking about box requirements to do this, just if the ESXi is all I would need. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Disgruntled Sysadmin
Better than playing with the launch switch I would think. Jon On Mon, Jul 28, 2008 at 8:16 PM, Kurt Buff [EMAIL PROTECTED] wrote: Indeed, including the USAF crew found asleep at the missile launch switch... On Mon, Jul 28, 2008 at 4:40 PM, Jon Harris [EMAIL PROTECTED] wrote: You mean the not so slow circular motion we see is not the world getting to the bottom of the toilet? Jon On Fri, Jul 25, 2008 at 4:39 PM, Kurt Buff [EMAIL PROTECTED] wrote: ROFL! The world will be destroyed by the clueless... On Fri, Jul 25, 2008 at 1:27 PM, Angus Scott-Fleming [EMAIL PROTECTED] wrote: On 15 Jul 2008 at 14:14, Jon Harris wrote: Besides it is just plain more fun to give them the user ID's and passwords and let them screw everything up for themselves. Done for him by the SF DA's office: --- Included Stuff Follows --- San Francisco DA discloses city's network passwords | IDGNS | News | July 25, 2008 | By Robert McMillan, IDG News Service In its bid to protect the city from one computer security risk, the San Francisco District Attorney's Office may very well have created another. The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case of Terry Childs, who is accused of holding the city's network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail. - Included Stuff Ends - Full story here: http://www.infoworld.com/archives/emailPrint.jsp?R=printThisA=/article/08/07/2 5/San_Francisco_DA_discloses_citys_network_passwords_1.html or here if the above wraps unusably: http://preview.tinyurl.com/6k5a2v -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Server Colidation via VMWare
During my attempts with SQL all SQL services were set to disabled and machine restarted. I also tried doing a cold boot but nothing seemed to help. Same thing with the IISv6 with FTP. I did not try removing all the IP's from these machines as I had enough issues getting everything working together in the first place. Jon On Mon, Jul 28, 2008 at 8:22 PM, Sam Cayze [EMAIL PROTECTED] wrote: Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. -- *From:* Jon Harris [mailto:[EMAIL PROTECTED] *Sent:* Monday, July 28, 2008 7:15 PM *To:* NT System Admin Issues *Subject:* Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has – it lets you make a P2V image w/out taking the target system offline – it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. *Dave Lum* - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 *..*remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside*** - JFK*** *From:* Roger Wright [mailto:[EMAIL PROTECTED] *Sent:* Friday, July 25, 2008 8:36 AM *To:* NT System Admin Issues *Subject:* Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Server Colidation via VMWare
I think I recall reading once that conversion can mess with the whitespace in databases (or something like that...). I am curious, as I have a SQL migration coming up. I think I also recall reading that you shouldn't resize any drives that the SQL are on. And possibly doing a backup/restore of the DBs after migration. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:34 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare During my attempts with SQL all SQL services were set to disabled and machine restarted. I also tried doing a cold boot but nothing seemed to help. Same thing with the IISv6 with FTP. I did not try removing all the IP's from these machines as I had enough issues getting everything working together in the first place. Jon On Mon, Jul 28, 2008 at 8:22 PM, Sam Cayze [EMAIL PROTECTED] wrote: Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has - it lets you make a P2V image w/out taking the target system offline - it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. Dave Lum - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 ..remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside - JFK From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 8:36 AM To: NT System Admin Issues Subject: Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Server Colidation via VMWare
Sam, Try this: http://www.rtfm-ed.co.uk/?page_id=174 I use this so that I may use native win/nix utils for dumping the disk off a physical machine very quickly into the vm, then I boot off a cd and run this. Easy and way faster to convert then the vmware tool. I have many issues with that tool from bad conversions to IO issues when dumping the data into the vm, I gave up on it. I have an SQL coming up asap but I presume it will work just fine as I will ghost/clonezilla the machine which I know works (Its been restored that way already before). jlc From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:51 PM To: NT System Admin Issues Subject: RE: Server Colidation via VMWare I think I recall reading once that conversion can mess with the whitespace in databases (or something like that...). I am curious, as I have a SQL migration coming up. I think I also recall reading that you shouldn't resize any drives that the SQL are on. And possibly doing a backup/restore of the DBs after migration. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:34 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare During my attempts with SQL all SQL services were set to disabled and machine restarted. I also tried doing a cold boot but nothing seemed to help. Same thing with the IISv6 with FTP. I did not try removing all the IP's from these machines as I had enough issues getting everything working together in the first place. Jon On Mon, Jul 28, 2008 at 8:22 PM, Sam Cayze [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. From: Jon Harris [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Monday, July 28, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has - it lets you make a P2V image w/out taking the target system offline - it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. Dave Lum - Systems Engineer [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] - (971)-222-1025 ..remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside - JFK From: Roger Wright [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Friday, July 25, 2008 8:36 AM To: NT System Admin Issues Subject: Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
Hey, and don't forget Sunbelt's Ninja for the exchange server. http://www.sunbeltsoftware.com/Business/Ninja-Email-Security/ While we are talking, VIPRE Enterprise on the desktop will prevent those insanely long boot times as well. http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ Simon, ask for a quote. Will make you an offer you cannot refuse. Warm regards, Stu From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:30 PM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. You like having a single point of failure for your AV software? I am the complete opposite to you. I hate having the same brand on Exchange and the desktops and will avoid it where possible. In your current scenario you have one defence system - as both the desktop and Exchange AV will be working on the same set of definition files. It gets past one it will get past the other and your machines will be infected. I will leave the Symantec bashing out of it, but will say that I see more infected systems that are protected by Symantec than any others. What you should be looking for is to have something different on the Exchange server to provide dual levels of protection. Something like GFI Mail Security, Microsoft Forefront or the list host's product. Something using multiple definition files that are not the same as what you are using now. The idea being that if one doesn't catch, the other will. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 21:44 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection So I guess what I'm really asking here, now that I'm not trying to bash Symantec, is this: Are there enough improvements with the new version (mainly overhead, bloat, etc.) to recommend upgrading to it? My users' main complaint is that their computer takes so long to completely boot up in the morning, and this is because Symantec is doing a startup scan and takes a huge portion of CPU cycles, which bogs down the entire system. I personally would love to tell them not to upgrade, but wait until the contract ends, and dump Symantec like a hot potato. But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. Joe Heaton From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM .. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Server Colidation via VMWare
Second that. Used it several times and it beats the vmware converter for me. Jon Lewis From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 8:00 PM To: NT System Admin Issues Subject: RE: Server Colidation via VMWare Sam, Try this: http://www.rtfm-ed.co.uk/?page_id=174 I use this so that I may use native win/nix utils for dumping the disk off a physical machine very quickly into the vm, then I boot off a cd and run this. Easy and way faster to convert then the vmware tool. I have many issues with that tool from bad conversions to IO issues when dumping the data into the vm, I gave up on it. I have an SQL coming up asap but I presume it will work just fine as I will ghost/clonezilla the machine which I know works (Its been restored that way already before). jlc From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:51 PM To: NT System Admin Issues Subject: RE: Server Colidation via VMWare I think I recall reading once that conversion can mess with the whitespace in databases (or something like that...). I am curious, as I have a SQL migration coming up. I think I also recall reading that you shouldn't resize any drives that the SQL are on. And possibly doing a backup/restore of the DBs after migration. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:34 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare During my attempts with SQL all SQL services were set to disabled and machine restarted. I also tried doing a cold boot but nothing seemed to help. Same thing with the IISv6 with FTP. I did not try removing all the IP's from these machines as I had enough issues getting everything working together in the first place. Jon On Mon, Jul 28, 2008 at 8:22 PM, Sam Cayze [EMAIL PROTECTED] wrote: Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has - it lets you make a P2V image w/out taking the target system offline - it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. Dave Lum - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 ..remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside - JFK From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 8:36 AM To: NT System Admin Issues Subject: Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Symantec Endpoint Protection
Like what? A tool to help uninstall McAfee? That would be nice... On Mon, Jul 28, 2008 at 6:23 PM, Stu Sjouwerman [EMAIL PROTECTED] wrote: Hey, and don't forget Sunbelt's Ninja for the exchange server. http://www.sunbeltsoftware.com/Business/Ninja-Email-Security/ While we are talking, VIPRE Enterprise on the desktop will prevent those insanely long boot times as well. http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ Simon, ask for a quote. Will make you an offer you cannot refuse. Warm regards, Stu From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:30 PM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. You like having a single point of failure for your AV software? I am the complete opposite to you. I hate having the same brand on Exchange and the desktops and will avoid it where possible. In your current scenario you have one defence system - as both the desktop and Exchange AV will be working on the same set of definition files. It gets past one it will get past the other and your machines will be infected. I will leave the Symantec bashing out of it, but will say that I see more infected systems that are protected by Symantec than any others. What you should be looking for is to have something different on the Exchange server to provide dual levels of protection. Something like GFI Mail Security, Microsoft Forefront or the list host's product. Something using multiple definition files that are not the same as what you are using now. The idea being that if one doesn't catch, the other will. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 21:44 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection So I guess what I'm really asking here, now that I'm not trying to bash Symantec, is this: Are there enough improvements with the new version (mainly overhead, bloat, etc.) to recommend upgrading to it? My users' main complaint is that their computer takes so long to completely boot up in the morning, and this is because Symantec is doing a startup scan and takes a huge portion of CPU cycles, which bogs down the entire system. I personally would love to tell them not to upgrade, but wait until the contract ends, and dump Symantec like a hot potato. But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. Joe Heaton From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008 6:55 AM . ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RE: Symantec Endpoint Protection
Oh give me a tool to remove Symantec 9 and 10 and I will have a PO tomorrow. Ok, well maybe end of the week.. -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 10:09 PM To: NT System Admin Issues Subject: Re: Symantec Endpoint Protection Like what? A tool to help uninstall McAfee? That would be nice... On Mon, Jul 28, 2008 at 6:23 PM, Stu Sjouwerman [EMAIL PROTECTED] wrote: Hey, and don't forget Sunbelt's Ninja for the exchange server. http://www.sunbeltsoftware.com/Business/Ninja-Email-Security/ While we are talking, VIPRE Enterprise on the desktop will prevent those insanely long boot times as well. http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ Simon, ask for a quote. Will make you an offer you cannot refuse. Warm regards, Stu From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 6:30 PM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. You like having a single point of failure for your AV software? I am the complete opposite to you. I hate having the same brand on Exchange and the desktops and will avoid it where possible. In your current scenario you have one defence system - as both the desktop and Exchange AV will be working on the same set of definition files. It gets past one it will get past the other and your machines will be infected. I will leave the Symantec bashing out of it, but will say that I see more infected systems that are protected by Symantec than any others. What you should be looking for is to have something different on the Exchange server to provide dual levels of protection. Something like GFI Mail Security, Microsoft Forefront or the list host's product. Something using multiple definition files that are not the same as what you are using now. The idea being that if one doesn't catch, the other will. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 21:44 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection So I guess what I'm really asking here, now that I'm not trying to bash Symantec, is this: Are there enough improvements with the new version (mainly overhead, bloat, etc.) to recommend upgrading to it? My users' main complaint is that their computer takes so long to completely boot up in the morning, and this is because Symantec is doing a startup scan and takes a huge portion of CPU cycles, which bogs down the entire system. I personally would love to tell them not to upgrade, but wait until the contract ends, and dump Symantec like a hot potato. But I do like that we have the one brand for both desktop AV and Exchange AV, and would like to keep it that way. Joe Heaton From: Michael Hoffman [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I liked the product, it's just that at launch it was too heavy to run on anything but a dedicated box. As all our clients have SBS we just renewed and kept them on v.10. The new version is a lot lighter, but I'm still nervous about older servers and we are looking at a more blended defence. I'll probably keep renewing my clients for one more year and then see. Mike From: Michael Ross [mailto:[EMAIL PROTECTED] Sent: 28 July 2008 19:11 To: NT System Admin Issues Subject: RE: Symantec Endpoint Protection I have v11.. and the latest greatest rendition, MP2 MR1.. fantastic.. But for email servers, id use trend micro's scanmail. IMHO. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 12:34 PM To: NT System Admin Issues Subject: Symantec Endpoint Protection Anyone using this that is happy with it? Also, is there anyone here that doesn't think Symantec is a big pile? I personally hate the product, and wish that I made the decisions around here, but I don't, so I have to come up with objective reviews of SEP, and whether or not we should upgrade from v.10 to the Symantec Mulit-tier protection system, with SEP, SAV Mobile and Mail Security. Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.6/1577 - Release Date: 7/28/2008
RE: Server Colidation via VMWare
Wow, thanks for sharing. I actually just came accross that today while I was googling around for neato VI pluggins. I will deffidently bookmark and try it! Sam From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:34 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare During my attempts with SQL all SQL services were set to disabled and machine restarted. I also tried doing a cold boot but nothing seemed to help. Same thing with the IISv6 with FTP. I did not try removing all the IP's from these machines as I had enough issues getting everything working together in the first place. Jon On Mon, Jul 28, 2008 at 8:22 PM, Sam Cayze [EMAIL PROTECTED] wrote: Good note. Anything that is running any services like that should be set to run in Windows Diagnostics Mode via MSCONFIG, or at least manually stop all non-default services. Or, use the Cold Boot CD option in VMware convertor. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Monday, July 28, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Server Colidation via VMWare It can't or didn't do all machines. I know I had a lot of issues trying to use it with SQL being on the machine. I also had issues with IISv6/FTP with multiple sites as well. Jon On Fri, Jul 25, 2008 at 11:38 AM, David Lum [EMAIL PROTECTED] wrote: Yes there is a P2V tool that VMWare has - it lets you make a P2V image w/out taking the target system offline - it loads a liitle app then takes a snapshot, it's very slick! IIRC it comes with ESX, but I might be mistaken. Dave Lum - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 ..remember that, in the past, those who foolishly sought power by riding the back of the tiger ended up inside - JFK From: Roger Wright [mailto:[EMAIL PROTECTED] Sent: Friday, July 25, 2008 8:36 AM To: NT System Admin Issues Subject: Server Colidation via VMWare We want to take a closer look at server consolidation using VMWare's ESX products, especially in light of the recent announcement making the product available free. We have several servers on old hardware that would be nearly impossible to rebuild so we're thinking they're ideal candidates for VM's if there's an automated process to migrate P2V. Is such a tool available, and at low-cost? Roger Wright Network Administrator 727.572.7076 x388 _ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~