Re: OSX machines suddenly can't connect to Win2003 PDC

2008-11-04 Thread Micheal Espinola Jr 
I meant to add: I use ADmitMac from Thursby Software for domain
participation for my Macs. I have not experienced any oddities with
them since applying MS08-067.

--
ME2



On Wed, Nov 5, 2008 at 2:19 AM, Micheal Espinola Jr
<[EMAIL PROTECTED]> wrote:
> Have you tried resetting the computer accounts of those Macs?
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 7:59 PM, Mike Gill <[EMAIL PROTECTED]> wrote:
>> Recently all our Apple computers (10.4 and 10.5) are unable to browse the
>> shares of our Windows 2003 domain which was working grate for a couple
>> years. Two of these machines are bound to the domain and the others are
>> owned by interns. I've double checked that the Domain Controller Security
>> Policy: Microsoft Network Server: digitally Sign Communications (always) is
>> set to Disabled and double checked the corresponding registry value also
>> set. DNS and reverses seem to be working just fine as I can ping to and from
>> the server from a Mac and resolve IP's on both ends. The event logs in
>> Windows don't indicate anything wrong. The console on my test Mac shows
>> mount_smbfs: negotiate phase failed: syserr = Connection Refused, in which
>> the resultant Googling sends me back to the digitally signed policy.
>>
>>
>>
>> If I use smbclient on the command line I can connect to the server and list
>> files. Trying to connect to the server using the finder gives me The alias
>> could not be opened… etc.
>>
>>
>>
>> The people using the Mac's can't narrow it down to when this happened, only
>> saying it's been like this for a couple weeks "they think". I'm wondering if
>> this is a side effect of the MS08-067 (out of band) patch released. Looking
>> for ideas from people, or a good Win/Mac/AD list.
>>
>>
>>
>> --
>> Mike Gill
>>
>>
>>
>>
>>
>>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OSX machines suddenly can't connect to Win2003 PDC

2008-11-04 Thread Micheal Espinola Jr 
Have you tried resetting the computer accounts of those Macs?

--
ME2



On Tue, Nov 4, 2008 at 7:59 PM, Mike Gill <[EMAIL PROTECTED]> wrote:
> Recently all our Apple computers (10.4 and 10.5) are unable to browse the
> shares of our Windows 2003 domain which was working grate for a couple
> years. Two of these machines are bound to the domain and the others are
> owned by interns. I've double checked that the Domain Controller Security
> Policy: Microsoft Network Server: digitally Sign Communications (always) is
> set to Disabled and double checked the corresponding registry value also
> set. DNS and reverses seem to be working just fine as I can ping to and from
> the server from a Mac and resolve IP's on both ends. The event logs in
> Windows don't indicate anything wrong. The console on my test Mac shows
> mount_smbfs: negotiate phase failed: syserr = Connection Refused, in which
> the resultant Googling sends me back to the digitally signed policy.
>
>
>
> If I use smbclient on the command line I can connect to the server and list
> files. Trying to connect to the server using the finder gives me The alias
> could not be opened… etc.
>
>
>
> The people using the Mac's can't narrow it down to when this happened, only
> saying it's been like this for a couple weeks "they think". I'm wondering if
> this is a side effect of the MS08-067 (out of band) patch released. Looking
> for ideas from people, or a good Win/Mac/AD list.
>
>
>
> --
> Mike Gill
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: USB printers on 2003 Server

2008-11-04 Thread Mark Boersma 
Easy, buy two of those little Linksys USB Ethernet print servers.  They
each get an ip address and become a network printer.  Set up the server
to be able to print to them and then share them out to the users.

 

Mark

-

Two rules to success in life:

1. Never tell people everything you know.

 

 

From: Eric Brouwer [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 5:06 PM
To: NT System Admin Issues
Subject: USB printers on 2003 Server

 

Good afternoon,

 

I have a Windows 2003 Server acting as my print server, among other
roles.  I have two specialty printers (DVD labeler and a bar code
printer) I need to make available to everyone.  Problem is, they are
both USB printers, and need to be located away from the server.  What's
the best way to install them on the server so I can add these printers
to my users computers?  Is this even possible?

 

Thanks,

 

Eric Brouwer

IT Manager

Forest Post Productions

[EMAIL PROTECTED]

(248) 855-4333

 

 

 

 


Please consider the environment before printing this email.


CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for 
the sole use of the intended recipients(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Strange Behavior

2008-11-04 Thread Angus Scott-Fleming 
On 4 Nov 2008 at 11:25, Robert Cato  wrote:

> 
> 
> I have about six workstations (xp sp3 fully patches using SCE) that are 
> behaving strange. 
> 
> W2K3 domain (native mode) 
> User will log out at the end of day or lunch. Upon return to their PC 
> they are logged in with screen locked (screen lock set by GPO). Have not 
> had a chance to see what happens first hand. I am called because the 
> user is unable to unlock/sign on. I am unable to force the user off by 
> signing on as domain or local administrator. A hard boot will allow the 
> user to sign in, but it returns. 
> 
> Anybody seen anything like this? 

I've seen apparent lockups caused by 100% CPU usage during a scheduled virus 
scan, or a virus scan that kicks in during idle times.  Check your AV/AS app to 
see if you can tune its CPU usage.  McAfee enterprise defaults to 100% CPU 
during scheduled scans, but you can turn that down to just 10%

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OSX machines suddenly can't connect to Win2003 PDC

2008-11-04 Thread Mike Gill 
Recently all our Apple computers (10.4 and 10.5) are unable to browse the
shares of our Windows 2003 domain which was working grate for a couple
years. Two of these machines are bound to the domain and the others are
owned by interns. I've double checked that the Domain Controller Security
Policy: Microsoft Network Server: digitally Sign Communications (always) is
set to Disabled and double checked the corresponding registry value also
set. DNS and reverses seem to be working just fine as I can ping to and from
the server from a Mac and resolve IP's on both ends. The event logs in
Windows don't indicate anything wrong. The console on my test Mac shows
mount_smbfs: negotiate phase failed: syserr = Connection Refused, in which
the resultant Googling sends me back to the digitally signed policy.

 

If I use smbclient on the command line I can connect to the server and list
files. Trying to connect to the server using the finder gives me The alias
could not be opened. etc.

 

The people using the Mac's can't narrow it down to when this happened, only
saying it's been like this for a couple weeks "they think". I'm wondering if
this is a side effect of the MS08-067 (out of band) patch released. Looking
for ideas from people, or a good Win/Mac/AD list.

 

-- 
Mike Gill

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: USB printers on 2003 Server

2008-11-04 Thread Ben Scott 
On Tue, Nov 4, 2008 at 5:05 PM, Eric Brouwer <[EMAIL PROTECTED]> wrote:
> I have a Windows 2003 Server acting as my print server, among other roles.
> I have two specialty printers (DVD labeler and a bar code printer) I need to
> make available to everyone.  Problem is, they are both USB printers ...

  If you haven't already, test them locally attached to the server
first.  Some printers just don't share well (or at all).  There's a
lot of crappy software out there.

> ... and need to be located away from the server.

  I used a device called a "USB Ethernet extender" in the past for
something like this.  It's a pair of small boxes.  Both have Ethernet
ports and get an IP address.  One plugs into the server and acts like
the printer.  One plugs into the printer and acts like the server.  I
guess they don't work with some kinds of USB devices, but it worked
for the test equipment we had in that scenario.

  It's been long enough that I've forgotten what brand/model we used
for that trick, but Google results seem promising:

http://www.google.com/search?q=usb+ethernet+extender

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

USB printers on 2003 Server

2008-11-04 Thread Eric Brouwer 
Good afternoon,

 

I have a Windows 2003 Server acting as my print server, among other roles.
I have two specialty printers (DVD labeler and a bar code printer) I need to
make available to everyone.  Problem is, they are both USB printers, and
need to be located away from the server.  What's the best way to install
them on the server so I can add these printers to my users computers?  Is
this even possible?

 

Thanks,

 

Eric Brouwer

IT Manager

Forest Post Productions

[EMAIL PROTECTED]

(248) 855-4333

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread Bill Songstad (WCUL) 
See if your Marketing, PR and Compliance officers have a problem with
something like this:

 

Dear ,  Thank you for contacting  with this
matter.  As you probably know, any unusual activity associated with a
financial institution website could be a serious matter and should be
reported promptly.  We at  are committed to keeping your
personal and financial information secure. 

 

We have analyzed your issue and have come up with the following
conclusions which we at  believe you should consider
carefully as your private financial information may be at risk.  

 

1)  After numerous checks from various locations both inside and outside
the Credit Union, we have determined that no system within the Credit
Union is redirecting your web browser to .

 

2)  The most likely causes for your inappropriate redirect fall into two
categories: 

a)  Your browser cache is corrupted and needs to be cleared.  Please
follow the instructions at  to clear your
cache.

b)  The computer you are using is infected with some sort of malware.
If clearing your browser cache in the step above did not solve your
problem, please consult with a trusted IT expert to determine the best
way to identify and remove the infection.

 

3)  If your computer is indeed infected with malware, it may be possible
for a hacker to have collected your login information for our site as
well as others.  We Strongly urge you to contact all the financial
institutions which you may have visited from your computer since the
infection began and change the passwords to your accounts.  We recommend
that this be done as soon as possible via phone or in person or from a
PC known to be secure.

 

If you have any questions at all, please contact our help desk at  and we will be happy to help you evaluate your options.

 

 

Bill 

 

 

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 10:07 AM
To: NT System Admin Issues
Subject: RE: Odd Redirects

 

Fiddler 

Thanks for that.

Looks like I will have to try and explain DNS poisoning to a user that

believes my sites has been hijacked and all his personnel financial

information is being leaked all over the Internet.  I don't have the

heart to tell him that my site has not been jacked but his personnel

financial information is most likely being leaked all over the Internet,

but by his PC not my website.   

 

-Original Message-

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 

Sent: Tuesday, November 04, 2008 1:04 PM

To: NT System Admin Issues

Subject: RE: Odd Redirects

 

Here is what I see from Fiddler on the url stream getting to that site.

All http /1.1 with 200 Error codes except for

http://www.imcu.org/includes/images/1p.gif which popped a 404 not found.

NO redirects seen to the malicious site, which seems to look like dns

poisoning on your end. Check dns, and check ya host files, and check

another from another computer than doesn't have BHO's in IE. 

 

Z

 

 

http://www.fiddler2.com/fiddler2/updatecheck.asp?isBeta=False

http://www.imcu.org/css/imcu_text_link_styles.css

http://www.imcu.org/SpryAssets/SpryTabbedPanels.js

http://www.imcu.org/SpryAssets/SpryTabbedPanels.css

http://www.imcu.org/images/bg_leftside.jpg

http://www.imcu.org/images/1p.gif

http://www.imcu.org/images/header-a.jpg

http://www.imcu.org/images/small_promo_homeloans.jpg

http://www.imcu.org/images/small_promo_auto_center.jpg

http://www.netit.financial-net.com:443

http://www.imcu.org/images/BG-logon2.jpg

http://www.imcu.org/ContentImageHandler.ashx?imageId=7144

http://www.imcu.org/images/title_latest_news.gif

http://www.imcu.org/images/title_rate_check.gif

http://www.imcu.org/ContentImageHandler.ashx?imageId=3571

http://www.imcu.org/ContentImageHandler.ashx?imageId=3787

http://www.imcu.org/images/small_promo_deposit_services.jpg

http://www.imcu.org/includes/images/1p.gif

http://www.netit.financial-net.com:443

http://www.netit.financial-net.com:443

http://www.imcu.org/images/logo-ncua.jpg

http://www.imcu.org/images/logo-eq-housing.jpg

http://www.imcu.org/images/bg_rightside.jpg

http://www.imcu.org/images/red_texture.gif

http://www.imcu.org/images/nav.jpg

 

 

Edward E. Ziots

Network Engineer

Lifespan Organization

Email: [EMAIL PROTECTED]

Phone: 401-639-3505

MCSE, MCP+I, ME, CCA, Security +, Network +

 

-Original Message-

From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 

Sent: Tuesday, November 04, 2008 1:00 PM

To: NT System Admin Issues

Subject: Re: Odd Redirects

 

A walk-through?

 

--

ME2

 

 

 

On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>

wrote:

> How do I explain that to joe user?

> 

> 

> 

> 

> 

> From: Sean Rector [mailto:[EMAIL PROTECTED]

> Sent: Tuesday, November 04, 2008 12:40 PM

> To: NT System Admin Issues

> Subject: RE: Odd Redirects

> 

> 

> 

> Check 4 hosts file?  DNS poisoning...

> 

> 

> 

> Sean Rector, MCSE

>

General hardware setup recommends for a SQL 2005 database

2008-11-04 Thread Chad Leeper 
Z,

1.  30 concurrent users for an accounting/warehousing application.
2.  OLTP
3.  We will be pulling reports from within the application but, I feel that is 
not what you are referring to here.


Thanks for your response


Few questions: 

1) 30 Concurrent users correct, or just a max of 30 users. 
2) Are the transactions OLAP or OLTP in nature. 
3) Will you be doing reporting off this database server (not
recommended)

Here are some things to keep in mind. 
1) Split your Disk into LUN's for the database and logs and temp DB (
not partitions but physical LUN's (RAID 1+) for Data, RAID 1+0 for Logs,
RAID 5 for temp)
2) Use multiple controllers, with a high level of cache 512MB or higher
if using local disk to help on transactions. 
3) Consider having a temp DB for each physical processor in your system.


Dual and Quad Core Processors with 8-16GB of RAM and Windows 2003/2008
Enterprise along with SQL 2000 Std/Enterprise would be a good starting
point, but you can probably get away with less with your setup with
Win2003 STD and SQL 2005 STD. 

HTH
Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED] 
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Chad Leeper [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 11:37 AM
To: NT System Admin Issues
Subject: General hardware setup recommends for a SQL 2005 database
server

Hi all,

I am building a 2005 SQL database server that will be supporting 30
users.  The front-end for this database will be on a separate box.
Does anyone have any hardware recommendations.  i.e. number drives, ram,
etc?

I prefer HP hardware but, I welcome any input.

Thanks,

/Chad

Think green. Please consider the environment before printing 

* CONFIDENTIALITY NOTE:
The information contained in this transmission is privileged and
confidential information intended only for the use of the individual or
entity named above. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this communication is strictly prohibited. If you have
received this transmission in error, do not read it. Please immediately
reply to the sender that you have received this communication in error
and then delete it. Thank you. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



Think green. Please consider the environment before printing 
*
 CONFIDENTIALITY NOTE: The information contained in this transmission is 
privileged and confidential information intended only for the use of the 
individual or entity named above. If the reader of this message is not the 
intended recipient, you are hereby notified that any dissemination, 
distribution or copying of this communication is strictly prohibited. If you 
have received this transmission in error, do not read it. Please immediately 
reply to the sender that you have received this communication in error and then 
delete it. Thank you. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Going back to XP?

2008-11-04 Thread Webster 
From: Tim Vander Kooi [mailto:[EMAIL PROTECTED] 
Subject: RE: Going back to XP?

 

I use every single program you mention, with the exception of Peachtree, and
I can tell you conclusively that they all work just fine with Vista.

 

Peachtree runs just fine on Vista.  I run an older version, 2005, and have
had no issues with it.  I use PDFCreator to generate PDF copies of invoices
and reports and then e-mail those out.  I haven't had any problems with
Vista that I didn't create by experimenting way too much.

 

Webster

From: Evan Brastow [mailto:[EMAIL PROTECTED] 
Subject: RE: Going back to XP?

 

Stephan, as for going back to XP, I think the issues with Vista have been
long and well documented in the press and on this list for quite a while.

 

. to Peachtree. How can I be sure all of those things will run on Vista
reliably? Heck, even some games I run on weekends here may not run (now THAT
would be a tragedy!)


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Insane Play

2008-11-04 Thread Sam Cayze 
Alley-oop!

 

From: Adam Hitchcock [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 2:46 PM
To: NT System Admin Issues
Subject: Insane Play

 

http://www.yardbarker.com/high_school/articles/Video_Stupid_Crazy_Touchd
own/362398 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Insane Play

2008-11-04 Thread RichardMcClary 
It's back now...

I still like the one 40 years ago which started an undefeated season for 
my high school.  It wasn't crazy, just stupid!

Cape Central was up by 5 with the clock stopped and 7 seconds on the 
clock.  It was first and goal.  The Cape QB, rather than taking a knee and 
running off the field with 10 happy team mates, instead pitched out to our 
defensive end.  85 yards later, his home crowd let him know he really 
should never try that again...
--
Richard McClary, Systems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL  61802
217-337-9761
http://www.aspca.org


Durf <[EMAIL PROTECTED]> wrote on 11/04/2008 02:48:10 PM:

> Apparently these Trojans are not detectable by ordinary means!  (The
> video is gone)
> 
> --Durf

> On Tue, Nov 4, 2008 at 3:45 PM, Adam Hitchcock <[EMAIL PROTECTED]
> > wrote:
> http://www.yardbarker.
> com/high_school/articles/Video_Stupid_Crazy_Touchdown/362398 
> 
> 
> 
> 
> 
> -- 
> --
> Give a man a fish, and he'll eat for a day. 
> Give a fish a man, and he'll eat for weeks!
> 
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Insane Play

2008-11-04 Thread Micheal Espinola Jr 
http://www.youtube.com/watch?v=0K2OSOZnhqc

--
ME2



On Tue, Nov 4, 2008 at 3:48 PM, Durf <[EMAIL PROTECTED]> wrote:
> Apparently these Trojans are not detectable by ordinary means!  (The video
> is gone)
>
> --Durf
>
> On Tue, Nov 4, 2008 at 3:45 PM, Adam Hitchcock <[EMAIL PROTECTED]>
> wrote:
>>
>>
>> http://www.yardbarker.com/high_school/articles/Video_Stupid_Crazy_Touchdown/362398
>>
>>
>>
>>
>
>
> --
> --
> Give a man a fish, and he'll eat for a day.
> Give a fish a man, and he'll eat for weeks!
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Insane Play

2008-11-04 Thread Durf 
Apparently these Trojans are not detectable by ordinary means!  (The video
is gone)

--Durf

On Tue, Nov 4, 2008 at 3:45 PM, Adam Hitchcock <[EMAIL PROTECTED]>wrote:

>
> http://www.yardbarker.com/high_school/articles/Video_Stupid_Crazy_Touchdown/362398
>
>
>
>
>
>


-- 
--
Give a man a fish, and he'll eat for a day.
Give a fish a man, and he'll eat for weeks!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Insane Play

2008-11-04 Thread Micheal Espinola Jr 
hahahaha...  brilliant play!  Risky, but brilliant!

--
ME2



On Tue, Nov 4, 2008 at 3:45 PM, Adam Hitchcock <[EMAIL PROTECTED]> wrote:
> http://www.yardbarker.com/high_school/articles/Video_Stupid_Crazy_Touchdown/362398
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Insane Play

2008-11-04 Thread Adam Hitchcock 
http://www.yardbarker.com/high_school/articles/Video_Stupid_Crazy_Touchdown/362398

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Jim Majorowicz 
*snickers* The thought I had when I saw his reply was, "Geez, this makes me
fell old."  The same way the "Yes, Paul McCartney was in a band before
Wings." Jokes make you feel old..

 

From: Steven M. Caesare [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 7:24 AM
To: NT System Admin Issues
Subject: RE: Is the list down? No message so far this morning.

 

Paul also was in a little band called "Bad Company"..

 

He does compliment Queen well.

 

-sc

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:54 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

 

Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
rather good.

2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>

?!  Where did you pick up a time machine? I want one!

--
ME2




On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> I vote for going home early so I can get plenty to drink before I go to
see
> Queen in concert tonight. That's the only voting I have on my mind today
:-)
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>

>> Hopefully, everyone is voting.
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
>> wrote:
>> >
>> >

>> > Todd Lemmiksoo
>> > Network Administrator
>> >
>> > All-Mode Communications, Inc.
>> > 1725 Dryden Road
>> > Freeville, New York  13068
>> > (607) 347-4164 x440
>> > 1-877-ALLMODE  (toll free)
>> > http://www.all-mode.com
>> >
>> >
>> >
>> >
>>

>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: ESET mail info

2008-11-04 Thread Stefan Jafs 
Yes, thanks I just found it, it's so confusing I was looking in the
E-Mail client setup area!

 

Tanks

 

___

Stefan Jafs

 

From: Webster [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:53 PM
To: NT System Admin Issues
Subject: RE: ESET mail info

 

From: Stefan Jafs [mailto:[EMAIL PROTECTED] 
Subject: ESET mail info

 

Ok, I upgraded or I'm in the midst of upgrading 200+ PC's from 2.7 to
3.0.

And of course the ESEt tech support is horrible!! But I did not feel
comfortable of moving to Vipre yet L.

 

I'm trying to figure out where the following "__ Information
from ESET NOD32 Antivirus, version of virus signature database 3582
(20081104) __

The message was checked by ESET NOD32 Antivirus

 

 

Comes from, I can't figure out how to turn it off in the "Configuration
Editor" so I turned it of in ESET on my PC but it's still there! Any
ideas?

 

This was just answered a little while ago by Andy O.

 

ESET Kernel > Setup > Email Protection > Append tag messages...

 

- Andy O. 

 

 

 

 



This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: ESET mail info

2008-11-04 Thread Webster 
From: Stefan Jafs [mailto:[EMAIL PROTECTED] 
Subject: ESET mail info

 

Ok, I upgraded or I'm in the midst of upgrading 200+ PC's from 2.7 to 3.0.

And of course the ESEt tech support is horrible!! But I did not feel
comfortable of moving to Vipre yet L.

 

I'm trying to figure out where the following "__ Information from
ESET NOD32 Antivirus, version of virus signature database 3582 (20081104)
__

The message was checked by ESET NOD32 Antivirus

 

 

Comes from, I can't figure out how to turn it off in the "Configuration
Editor" so I turned it of in ESET on my PC but it's still there! Any ideas?

 

This was just answered a little while ago by Andy O.

 

ESET Kernel > Setup > Email Protection > Append tag messages...

 

- Andy O. 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Odd Redirects

2008-11-04 Thread Ziots, Edward 
NO problem, 

Also if you wanna dig into the guts of HTTP and see what is going on, I
highly recommend HTTP the Definite Guide by O'Reilly Books. It's a
killer book and has helped me so far troubleshoot a lot of PC browser to
web-server disconnects. 

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:07 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Fiddler 
Thanks for that.
Looks like I will have to try and explain DNS poisoning to a user that
believes my sites has been hijacked and all his personnel financial
information is being leaked all over the Internet.  I don't have the
heart to tell him that my site has not been jacked but his personnel
financial information is most likely being leaked all over the Internet,
but by his PC not my website.   

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:04 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Here is what I see from Fiddler on the url stream getting to that site.
All http /1.1 with 200 Error codes except for
http://www.imcu.org/includes/images/1p.gif which popped a 404 not found.
NO redirects seen to the malicious site, which seems to look like dns
poisoning on your end. Check dns, and check ya host files, and check
another from another computer than doesn't have BHO's in IE. 

Z


http://www.fiddler2.com/fiddler2/updatecheck.asp?isBeta=False
http://www.imcu.org/css/imcu_text_link_styles.css
http://www.imcu.org/SpryAssets/SpryTabbedPanels.js
http://www.imcu.org/SpryAssets/SpryTabbedPanels.css
http://www.imcu.org/images/bg_leftside.jpg
http://www.imcu.org/images/1p.gif
http://www.imcu.org/images/header-a.jpg
http://www.imcu.org/images/small_promo_homeloans.jpg
http://www.imcu.org/images/small_promo_auto_center.jpg
http://www.netit.financial-net.com:443
http://www.imcu.org/images/BG-logon2.jpg
http://www.imcu.org/ContentImageHandler.ashx?imageId=7144
http://www.imcu.org/images/title_latest_news.gif
http://www.imcu.org/images/title_rate_check.gif
http://www.imcu.org/ContentImageHandler.ashx?imageId=3571
http://www.imcu.org/ContentImageHandler.ashx?imageId=3787
http://www.imcu.org/images/small_promo_deposit_services.jpg
http://www.imcu.org/includes/images/1p.gif
http://www.netit.financial-net.com:443
http://www.netit.financial-net.com:443
http://www.imcu.org/images/logo-ncua.jpg
http://www.imcu.org/images/logo-eq-housing.jpg
http://www.imcu.org/images/bg_rightside.jpg
http://www.imcu.org/images/red_texture.gif
http://www.imcu.org/images/nav.jpg


Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Strange Behavior

2008-11-04 Thread Robert Cato 
PowerToys not installed.

Nothing significant/correlating in the event viewer.

Don't have good details on the process leading up to the issue. One user
is insistent that they rebooted upon leaving for the day, but walked
away before getting confirmation that the process started or
completed. UPHClean is being installed on a couple of the machines to see if
that helps.


Discussing the problem with another tech savvy user in the building revealed
that it happened on his home PC a couple of times in the past week.

Will let you know what if/when we find resolution.

Robert

On Tue, Nov 4, 2008 at 12:16 PM, Miller Bonnie L. <
[EMAIL PROTECTED]> wrote:

>  Sounds like the account is not really getting logged out—do they stay to
> watch that part?  If it is still trying to log out when the screen saver
> kicks on it could then be locking the station.  And, they probably can't log
> on while it's logging them out.
>
>
>
> If you can confirm that, the question becomes, why do these machines or
> user accounts not get fully logged out?  Do you have UPHClean installed?
>
>
>
> -Bonnie
>
>
>
> *From:* Robert Cato [mailto:[EMAIL PROTECTED]
> *Sent:* Tuesday, November 04, 2008 8:25 AM
> *To:* NT System Admin Issues
> *Subject:* Strange Behavior
>
>
>
>
>
> I have about six workstations (xp sp3 fully patches using SCE) that are
> behaving strange.
>
>
>
> W2K3 domain (native mode)
>
> User will log out at the end of day or lunch. Upon return to their PC they
> are logged in with screen locked (screen lock set by GPO). Have not had a
> chance to see what happens first hand. I am called because the user is
> unable to unlock/sign on. I am unable to force the user off by signing on as
> domain or local administrator. A hard boot will allow the user to sign in,
> but it returns.
>
>
>
> Anybody seen anything like this?
>
>
>
> I have been googling and searching around Sans with no luck.
>
>
>
> TIA,
> Robert
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
The BigE.
;-)
They about lost their minds with I took in off the desktops and made
them look for it in Programs.


It's good to be the King...

-Original Message-
From: Troy Meyer [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:21 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

It's all good.

What is funny is the solution is going to be having the user stop typing
in the address wrong or stop using an HTML link that is outdated.  It's
always those little things that we take for granted.

Geez we still get calls that the "Big Blue E" is broken.


-troy

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 10:13 AM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Sorry for the smart @$$ remarks.  I am not supposed to create single
instance answers.  I am supposed to create generic answers for a broad
array of problems and then narrow them down.  Mostly I am not supposed
to talk with the customer's just keep our internal network up and
running.  Let the support staff help the customers with problems like
these.

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 1:13 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

+1

--
ME2



On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer <[EMAIL PROTECTED]>
wrote:
> Are we missing something here, what exactly are you asking?  Are all
of your clients unable to access the site?  Then you are obviously
looking at a higher level issue with name resolution and you need to
check out your internal dns servers.  Launch an nslookup and see what ip
it responds to for that server.  Then change the server in nslookup to
4.2.2.1 and try again.
>
> If only one user is having the issue can you walk them through
checking for entries in the c:\windows\system32\drivers\etc\hosts file.
>
> If you wanted to script the checking of that hosts file for entries,
you certainly could, but is it worth it for one user?  Will it solve a
malware issue that added invalid entries into a host file?
>
> Unfortunately I don't think there is a fix all script out there that
magically detects the issue and resolves the problem, if there was, we
all would be doing something else.
>
> -troy
>
> -Original Message-
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:58 AM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
> Maybe.  I have 35k+ customers. I am looking for something scripted for
> the front line Service Reps to give them.  And you PC has been jacked
> isn't one of the things my customers like to hear...
> :-)
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 1:00 PM
> To: NT System Admin Issues
> Subject: Re: Odd Redirects
>
> A walk-through?
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
> wrote:
>> How do I explain that to joe user?
>>
>>
>>
>> 
>>
>> From: Sean Rector [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:40 PM
>> To: NT System Admin Issues
>> Subject: RE: Odd Redirects
>>
>>
>>
>> Check 4 hosts file?  DNS poisoning...
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:27 PM
>> To: NT System Admin Issues
>> Subject: Odd Redirects
>>
>>
>>
>> I have a customer that is trying to get to www.imcu.org.  They are
> getting
>> redirected to www.manta.com.
>>
>> If the go to www.imcu.com they are fine.  I can get to both .org and
> .com
>> with no issues.
>>
>> What is redirecting them to manta.com? What can I tell them to do to
> stop
>> this behavior?
>>
>> So far I have told them to delete temporary files and cookies as well
> as
>> ipconfig /flushdns but what
>>
>> is the real problem with their pc???
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Data Security is everyone's responsibility.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Information Technology Manager
>> Virginia Opera Association
>>
>> E-Mail: [EMAIL PROTECTED]
>> Phone:(757) 213-4548 (direct line)
>> {*}
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: Odd Redirects

2008-11-04 Thread Troy Meyer 
It's all good.

What is funny is the solution is going to be having the user stop typing in the 
address wrong or stop using an HTML link that is outdated.  It's always those 
little things that we take for granted.

Geez we still get calls that the "Big Blue E" is broken.


-troy

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 10:13 AM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Sorry for the smart @$$ remarks.  I am not supposed to create single
instance answers.  I am supposed to create generic answers for a broad
array of problems and then narrow them down.  Mostly I am not supposed
to talk with the customer's just keep our internal network up and
running.  Let the support staff help the customers with problems like
these.

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 1:13 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

+1

--
ME2



On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer <[EMAIL PROTECTED]>
wrote:
> Are we missing something here, what exactly are you asking?  Are all
of your clients unable to access the site?  Then you are obviously
looking at a higher level issue with name resolution and you need to
check out your internal dns servers.  Launch an nslookup and see what ip
it responds to for that server.  Then change the server in nslookup to
4.2.2.1 and try again.
>
> If only one user is having the issue can you walk them through
checking for entries in the c:\windows\system32\drivers\etc\hosts file.
>
> If you wanted to script the checking of that hosts file for entries,
you certainly could, but is it worth it for one user?  Will it solve a
malware issue that added invalid entries into a host file?
>
> Unfortunately I don't think there is a fix all script out there that
magically detects the issue and resolves the problem, if there was, we
all would be doing something else.
>
> -troy
>
> -Original Message-
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:58 AM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
> Maybe.  I have 35k+ customers. I am looking for something scripted for
> the front line Service Reps to give them.  And you PC has been jacked
> isn't one of the things my customers like to hear...
> :-)
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 1:00 PM
> To: NT System Admin Issues
> Subject: Re: Odd Redirects
>
> A walk-through?
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
> wrote:
>> How do I explain that to joe user?
>>
>>
>>
>> 
>>
>> From: Sean Rector [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:40 PM
>> To: NT System Admin Issues
>> Subject: RE: Odd Redirects
>>
>>
>>
>> Check 4 hosts file?  DNS poisoning...
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:27 PM
>> To: NT System Admin Issues
>> Subject: Odd Redirects
>>
>>
>>
>> I have a customer that is trying to get to www.imcu.org.  They are
> getting
>> redirected to www.manta.com.
>>
>> If the go to www.imcu.com they are fine.  I can get to both .org and
> .com
>> with no issues.
>>
>> What is redirecting them to manta.com? What can I tell them to do to
> stop
>> this behavior?
>>
>> So far I have told them to delete temporary files and cookies as well
> as
>> ipconfig /flushdns but what
>>
>> is the real problem with their pc???
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Data Security is everyone's responsibility.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Information Technology Manager
>> Virginia Opera Association
>>
>> E-Mail: [EMAIL PROTECTED]
>> Phone:(757) 213-4548 (direct line)
>> {*}
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Odd Redirects

2008-11-04 Thread Micheal Espinola Jr 
np - I understand.  I also meant my response to be
"walkthrough/copy/boilerplate".  Of course you want a very carefully
crafted response to customer issues such as these. In some cases it
simply cannot be explained to a customer, and you have to walk them
through a visualization of their issue.

--
ME2



On Tue, Nov 4, 2008 at 1:13 PM, David McSpadden <[EMAIL PROTECTED]> wrote:
> Sorry for the smart @$$ remarks.  I am not supposed to create single
> instance answers.  I am supposed to create generic answers for a broad
> array of problems and then narrow them down.  Mostly I am not supposed
> to talk with the customer's just keep our internal network up and
> running.  Let the support staff help the customers with problems like
> these.
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 1:13 PM
> To: NT System Admin Issues
> Subject: Re: Odd Redirects
>
> +1
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer <[EMAIL PROTECTED]>
> wrote:
>> Are we missing something here, what exactly are you asking?  Are all
> of your clients unable to access the site?  Then you are obviously
> looking at a higher level issue with name resolution and you need to
> check out your internal dns servers.  Launch an nslookup and see what ip
> it responds to for that server.  Then change the server in nslookup to
> 4.2.2.1 and try again.
>>
>> If only one user is having the issue can you walk them through
> checking for entries in the c:\windows\system32\drivers\etc\hosts file.
>>
>> If you wanted to script the checking of that hosts file for entries,
> you certainly could, but is it worth it for one user?  Will it solve a
> malware issue that added invalid entries into a host file?
>>
>> Unfortunately I don't think there is a fix all script out there that
> magically detects the issue and resolves the problem, if there was, we
> all would be doing something else.
>>
>> -troy
>>
>> -Original Message-
>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 9:58 AM
>> To: NT System Admin Issues
>> Subject: RE: Odd Redirects
>>
>> Maybe.  I have 35k+ customers. I am looking for something scripted for
>> the front line Service Reps to give them.  And you PC has been jacked
>> isn't one of the things my customers like to hear...
>> :-)
>>
>> -Original Message-
>> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 1:00 PM
>> To: NT System Admin Issues
>> Subject: Re: Odd Redirects
>>
>> A walk-through?
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
>> wrote:
>>> How do I explain that to joe user?
>>>
>>>
>>>
>>> 
>>>
>>> From: Sean Rector [mailto:[EMAIL PROTECTED]
>>> Sent: Tuesday, November 04, 2008 12:40 PM
>>> To: NT System Admin Issues
>>> Subject: RE: Odd Redirects
>>>
>>>
>>>
>>> Check 4 hosts file?  DNS poisoning...
>>>
>>>
>>>
>>> Sean Rector, MCSE
>>>
>>>
>>>
>>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>>> Sent: Tuesday, November 04, 2008 12:27 PM
>>> To: NT System Admin Issues
>>> Subject: Odd Redirects
>>>
>>>
>>>
>>> I have a customer that is trying to get to www.imcu.org.  They are
>> getting
>>> redirected to www.manta.com.
>>>
>>> If the go to www.imcu.com they are fine.  I can get to both .org and
>> .com
>>> with no issues.
>>>
>>> What is redirecting them to manta.com? What can I tell them to do to
>> stop
>>> this behavior?
>>>
>>> So far I have told them to delete temporary files and cookies as well
>> as
>>> ipconfig /flushdns but what
>>>
>>> is the real problem with their pc???
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Data Security is everyone's responsibility.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Information Technology Manager
>>> Virginia Opera Association
>>>
>>> E-Mail: [EMAIL PROTECTED]
>>> Phone:(757) 213-4548 (direct line)
>>> {*}
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
Sorry for the smart @$$ remarks.  I am not supposed to create single
instance answers.  I am supposed to create generic answers for a broad
array of problems and then narrow them down.  Mostly I am not supposed
to talk with the customer's just keep our internal network up and
running.  Let the support staff help the customers with problems like
these.

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:13 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

+1

--
ME2



On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer <[EMAIL PROTECTED]>
wrote:
> Are we missing something here, what exactly are you asking?  Are all
of your clients unable to access the site?  Then you are obviously
looking at a higher level issue with name resolution and you need to
check out your internal dns servers.  Launch an nslookup and see what ip
it responds to for that server.  Then change the server in nslookup to
4.2.2.1 and try again.
>
> If only one user is having the issue can you walk them through
checking for entries in the c:\windows\system32\drivers\etc\hosts file.
>
> If you wanted to script the checking of that hosts file for entries,
you certainly could, but is it worth it for one user?  Will it solve a
malware issue that added invalid entries into a host file?
>
> Unfortunately I don't think there is a fix all script out there that
magically detects the issue and resolves the problem, if there was, we
all would be doing something else.
>
> -troy
>
> -Original Message-
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:58 AM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
> Maybe.  I have 35k+ customers. I am looking for something scripted for
> the front line Service Reps to give them.  And you PC has been jacked
> isn't one of the things my customers like to hear...
> :-)
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 1:00 PM
> To: NT System Admin Issues
> Subject: Re: Odd Redirects
>
> A walk-through?
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
> wrote:
>> How do I explain that to joe user?
>>
>>
>>
>> 
>>
>> From: Sean Rector [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:40 PM
>> To: NT System Admin Issues
>> Subject: RE: Odd Redirects
>>
>>
>>
>> Check 4 hosts file?  DNS poisoning...
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:27 PM
>> To: NT System Admin Issues
>> Subject: Odd Redirects
>>
>>
>>
>> I have a customer that is trying to get to www.imcu.org.  They are
> getting
>> redirected to www.manta.com.
>>
>> If the go to www.imcu.com they are fine.  I can get to both .org and
> .com
>> with no issues.
>>
>> What is redirecting them to manta.com? What can I tell them to do to
> stop
>> this behavior?
>>
>> So far I have told them to delete temporary files and cookies as well
> as
>> ipconfig /flushdns but what
>>
>> is the real problem with their pc???
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Data Security is everyone's responsibility.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Information Technology Manager
>> Virginia Opera Association
>>
>> E-Mail: [EMAIL PROTECTED]
>> Phone:(757) 213-4548 (direct line)
>> {*}
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
Isn't one of the PC's that I administrate.  Just one customer and I have
had difficult dealings with him in the past.  He thinks everyone is out
to get him and I am giving his information away to the top bidder.  If I
get a free hour or two I will give him a call and let him know his PC is
screwed and he should put fdisk on a bootable floppy and then reformat
the 0 partition of his PC.


-Original Message-
From: Troy Meyer [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:07 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Are we missing something here, what exactly are you asking?  Are all of
your clients unable to access the site?  Then you are obviously looking
at a higher level issue with name resolution and you need to check out
your internal dns servers.  Launch an nslookup and see what ip it
responds to for that server.  Then change the server in nslookup to
4.2.2.1 and try again.

If only one user is having the issue can you walk them through checking
for entries in the c:\windows\system32\drivers\etc\hosts file.

If you wanted to script the checking of that hosts file for entries, you
certainly could, but is it worth it for one user?  Will it solve a
malware issue that added invalid entries into a host file?

Unfortunately I don't think there is a fix all script out there that
magically detects the issue and resolves the problem, if there was, we
all would be doing something else.

-troy

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:58 AM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Maybe.  I have 35k+ customers. I am looking for something scripted for
the front line Service Reps to give them.  And you PC has been jacked
isn't one of the things my customers like to hear...
:-)

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Odd Redirects

2008-11-04 Thread Micheal Espinola Jr 
+1

--
ME2



On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer <[EMAIL PROTECTED]> wrote:
> Are we missing something here, what exactly are you asking?  Are all of your 
> clients unable to access the site?  Then you are obviously looking at a 
> higher level issue with name resolution and you need to check out your 
> internal dns servers.  Launch an nslookup and see what ip it responds to for 
> that server.  Then change the server in nslookup to 4.2.2.1 and try again.
>
> If only one user is having the issue can you walk them through checking for 
> entries in the c:\windows\system32\drivers\etc\hosts file.
>
> If you wanted to script the checking of that hosts file for entries, you 
> certainly could, but is it worth it for one user?  Will it solve a malware 
> issue that added invalid entries into a host file?
>
> Unfortunately I don't think there is a fix all script out there that 
> magically detects the issue and resolves the problem, if there was, we all 
> would be doing something else.
>
> -troy
>
> -Original Message-
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:58 AM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
> Maybe.  I have 35k+ customers. I am looking for something scripted for
> the front line Service Reps to give them.  And you PC has been jacked
> isn't one of the things my customers like to hear...
> :-)
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 1:00 PM
> To: NT System Admin Issues
> Subject: Re: Odd Redirects
>
> A walk-through?
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
> wrote:
>> How do I explain that to joe user?
>>
>>
>>
>> 
>>
>> From: Sean Rector [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:40 PM
>> To: NT System Admin Issues
>> Subject: RE: Odd Redirects
>>
>>
>>
>> Check 4 hosts file?  DNS poisoning...
>>
>>
>>
>> Sean Rector, MCSE
>>
>>
>>
>> From: David McSpadden [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 04, 2008 12:27 PM
>> To: NT System Admin Issues
>> Subject: Odd Redirects
>>
>>
>>
>> I have a customer that is trying to get to www.imcu.org.  They are
> getting
>> redirected to www.manta.com.
>>
>> If the go to www.imcu.com they are fine.  I can get to both .org and
> .com
>> with no issues.
>>
>> What is redirecting them to manta.com? What can I tell them to do to
> stop
>> this behavior?
>>
>> So far I have told them to delete temporary files and cookies as well
> as
>> ipconfig /flushdns but what
>>
>> is the real problem with their pc???
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Data Security is everyone's responsibility.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Information Technology Manager
>> Virginia Opera Association
>>
>> E-Mail: [EMAIL PROTECTED]
>> Phone:(757) 213-4548 (direct line)
>> {*}
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
Fiddler 
Thanks for that.
Looks like I will have to try and explain DNS poisoning to a user that
believes my sites has been hijacked and all his personnel financial
information is being leaked all over the Internet.  I don't have the
heart to tell him that my site has not been jacked but his personnel
financial information is most likely being leaked all over the Internet,
but by his PC not my website.   

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:04 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Here is what I see from Fiddler on the url stream getting to that site.
All http /1.1 with 200 Error codes except for
http://www.imcu.org/includes/images/1p.gif which popped a 404 not found.
NO redirects seen to the malicious site, which seems to look like dns
poisoning on your end. Check dns, and check ya host files, and check
another from another computer than doesn't have BHO's in IE. 

Z


http://www.fiddler2.com/fiddler2/updatecheck.asp?isBeta=False
http://www.imcu.org/css/imcu_text_link_styles.css
http://www.imcu.org/SpryAssets/SpryTabbedPanels.js
http://www.imcu.org/SpryAssets/SpryTabbedPanels.css
http://www.imcu.org/images/bg_leftside.jpg
http://www.imcu.org/images/1p.gif
http://www.imcu.org/images/header-a.jpg
http://www.imcu.org/images/small_promo_homeloans.jpg
http://www.imcu.org/images/small_promo_auto_center.jpg
http://www.netit.financial-net.com:443
http://www.imcu.org/images/BG-logon2.jpg
http://www.imcu.org/ContentImageHandler.ashx?imageId=7144
http://www.imcu.org/images/title_latest_news.gif
http://www.imcu.org/images/title_rate_check.gif
http://www.imcu.org/ContentImageHandler.ashx?imageId=3571
http://www.imcu.org/ContentImageHandler.ashx?imageId=3787
http://www.imcu.org/images/small_promo_deposit_services.jpg
http://www.imcu.org/includes/images/1p.gif
http://www.netit.financial-net.com:443
http://www.netit.financial-net.com:443
http://www.imcu.org/images/logo-ncua.jpg
http://www.imcu.org/images/logo-eq-housing.jpg
http://www.imcu.org/images/bg_rightside.jpg
http://www.imcu.org/images/red_texture.gif
http://www.imcu.org/images/nav.jpg


Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread Troy Meyer 
Are we missing something here, what exactly are you asking?  Are all of your 
clients unable to access the site?  Then you are obviously looking at a higher 
level issue with name resolution and you need to check out your internal dns 
servers.  Launch an nslookup and see what ip it responds to for that server.  
Then change the server in nslookup to 4.2.2.1 and try again.

If only one user is having the issue can you walk them through checking for 
entries in the c:\windows\system32\drivers\etc\hosts file.

If you wanted to script the checking of that hosts file for entries, you 
certainly could, but is it worth it for one user?  Will it solve a malware 
issue that added invalid entries into a host file?

Unfortunately I don't think there is a fix all script out there that magically 
detects the issue and resolves the problem, if there was, we all would be doing 
something else.

-troy

-Original Message-
From: David McSpadden [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:58 AM
To: NT System Admin Issues
Subject: RE: Odd Redirects

Maybe.  I have 35k+ customers. I am looking for something scripted for
the front line Service Reps to give them.  And you PC has been jacked
isn't one of the things my customers like to hear...
:-)

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread Ziots, Edward 
Here is what I see from Fiddler on the url stream getting to that site.
All http /1.1 with 200 Error codes except for
http://www.imcu.org/includes/images/1p.gif which popped a 404 not found.
NO redirects seen to the malicious site, which seems to look like dns
poisoning on your end. Check dns, and check ya host files, and check
another from another computer than doesn't have BHO's in IE. 

Z


http://www.fiddler2.com/fiddler2/updatecheck.asp?isBeta=False
http://www.imcu.org/css/imcu_text_link_styles.css
http://www.imcu.org/SpryAssets/SpryTabbedPanels.js
http://www.imcu.org/SpryAssets/SpryTabbedPanels.css
http://www.imcu.org/images/bg_leftside.jpg
http://www.imcu.org/images/1p.gif
http://www.imcu.org/images/header-a.jpg
http://www.imcu.org/images/small_promo_homeloans.jpg
http://www.imcu.org/images/small_promo_auto_center.jpg
http://www.netit.financial-net.com:443
http://www.imcu.org/images/BG-logon2.jpg
http://www.imcu.org/ContentImageHandler.ashx?imageId=7144
http://www.imcu.org/images/title_latest_news.gif
http://www.imcu.org/images/title_rate_check.gif
http://www.imcu.org/ContentImageHandler.ashx?imageId=3571
http://www.imcu.org/ContentImageHandler.ashx?imageId=3787
http://www.imcu.org/images/small_promo_deposit_services.jpg
http://www.imcu.org/includes/images/1p.gif
http://www.netit.financial-net.com:443
http://www.netit.financial-net.com:443
http://www.imcu.org/images/logo-ncua.jpg
http://www.imcu.org/images/logo-eq-housing.jpg
http://www.imcu.org/images/bg_rightside.jpg
http://www.imcu.org/images/red_texture.gif
http://www.imcu.org/images/nav.jpg


Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
Maybe.  I have 35k+ customers. I am looking for something scripted for
the front line Service Reps to give them.  And you PC has been jacked
isn't one of the things my customers like to hear...
:-)

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 1:00 PM
To: NT System Admin Issues
Subject: Re: Odd Redirects

A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]>
wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning...
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are
getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and
.com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to
stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well
as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Odd Redirects

2008-11-04 Thread Micheal Espinola Jr 
A walk-through?

--
ME2



On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden <[EMAIL PROTECTED]> wrote:
> How do I explain that to joe user?
>
>
>
> 
>
> From: Sean Rector [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:40 PM
> To: NT System Admin Issues
> Subject: RE: Odd Redirects
>
>
>
> Check 4 hosts file?  DNS poisoning…
>
>
>
> Sean Rector, MCSE
>
>
>
> From: David McSpadden [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 12:27 PM
> To: NT System Admin Issues
> Subject: Odd Redirects
>
>
>
> I have a customer that is trying to get to www.imcu.org.  They are getting
> redirected to www.manta.com.
>
> If the go to www.imcu.com they are fine.  I can get to both .org and .com
> with no issues.
>
> What is redirecting them to manta.com? What can I tell them to do to stop
> this behavior?
>
> So far I have told them to delete temporary files and cookies as well as
> ipconfig /flushdns but what
>
> is the real problem with their pc???
>
>
>
>
>
>
>
>
>
> Data Security is everyone's responsibility.
>
>
>
>
>
>
>
>
>
> Information Technology Manager
> Virginia Opera Association
>
> E-Mail: [EMAIL PROTECTED]
> Phone:(757) 213-4548 (direct line)
> {*}
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread David McSpadden 
How do I explain that to joe user?

 



From: Sean Rector [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 12:40 PM
To: NT System Admin Issues
Subject: RE: Odd Redirects

 

Check 4 hosts file?  DNS poisoning...

 

Sean Rector, MCSE

 

From: David McSpadden [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 12:27 PM
To: NT System Admin Issues
Subject: Odd Redirects

 

I have a customer that is trying to get to www.imcu.org
 .  They are getting redirected to www.manta.com
 .

If the go to www.imcu.com   they are fine.  I can
get to both .org and .com with no issues.

What is redirecting them to manta.com? What can I tell them to do to
stop this behavior?

So far I have told them to delete temporary files and cookies as well as
ipconfig /flushdns but what

is the real problem with their pc???

 

 

 

 

Data Security is everyone's responsibility.

 

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: [EMAIL PROTECTED] 

Phone:(757) 213-4548 (direct line)
{*}

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Odd Redirects

2008-11-04 Thread Sean Rector 
Check 4 hosts file?  DNS poisoning...

 

Sean Rector, MCSE

 

From: David McSpadden [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 12:27 PM
To: NT System Admin Issues
Subject: Odd Redirects

 

I have a customer that is trying to get to www.imcu.org
 .  They are getting redirected to www.manta.com
 .

If the go to www.imcu.com   they are fine.  I can
get to both .org and .com with no issues.

What is redirecting them to manta.com? What can I tell them to do to
stop this behavior?

So far I have told them to delete temporary files and cookies as well as
ipconfig /flushdns but what

is the real problem with their pc???

 

 

 

 

Data Security is everyone's responsibility.

 

 

 

 

Virginia Opera's 2008-2009 Season ... "Viva la passione!"
IL TROVATORE - THE ELIXIR OF LOVE - TOSCA - THE BARBER OF SEVILLE
Visit us online at www.vaopera.org or call 1-866-OPERA-VA (1-866-673-7282).
Subscribe or purchase tickets online now!
 
This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Odd Redirects

2008-11-04 Thread David McSpadden 
I have a customer that is trying to get to www.imcu.org
 .  They are getting redirected to www.manta.com
 .

If the go to www.imcu.com   they are fine.  I can
get to both .org and .com with no issues.

What is redirecting them to manta.com? What can I tell them to do to
stop this behavior?

So far I have told them to delete temporary files and cookies as well as
ipconfig /flushdns but what

is the real problem with their pc???

 

 

 

 

Data Security is everyone's responsibility.

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Strange Behavior

2008-11-04 Thread Miller Bonnie L . 
Sounds like the account is not really getting logged out—do they stay to watch 
that part?  If it is still trying to log out when the screen saver kicks on it 
could then be locking the station.  And, they probably can’t log on while it’s 
logging them out.

If you can confirm that, the question becomes, why do these machines or user 
accounts not get fully logged out?  Do you have UPHClean installed?

-Bonnie

From: Robert Cato [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 8:25 AM
To: NT System Admin Issues
Subject: Strange Behavior


I have about six workstations (xp sp3 fully patches using SCE) that are 
behaving strange.

W2K3 domain (native mode)
User will log out at the end of day or lunch. Upon return to their PC they are 
logged in with screen locked (screen lock set by GPO). Have not had a chance to 
see what happens first hand. I am called because the user is unable to 
unlock/sign on. I am unable to force the user off by signing on as domain or 
local administrator. A hard boot will allow the user to sign in, but it returns.

Anybody seen anything like this?

I have been googling and searching around Sans with no luck.

TIA,
Robert





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: General hardware setup recommends for a SQL 2005 database server

2008-11-04 Thread Klint Price - ArizonaITPro 

It all depends on the database design, and the nature of the application.

I have SQL servers that are running fine on Dual Xeons with 4 GB of RAM, 
that service 400 users, with a 35 GB database attached to a SAN.  I also 
have a SQL box that craps out on the same hardware, even though the DB 
is only 2 GB in size due to the crappy programming (nested views).


How much data are we talking here, and how does the application flow?

Klint


Ziots, Edward wrote:
Few questions: 

1) 30 Concurrent users correct, or just a max of 30 users. 
2) Are the transactions OLAP or OLTP in nature. 
3) Will you be doing reporting off this database server (not

recommended)

Here are some things to keep in mind. 
1) Split your Disk into LUN's for the database and logs and temp DB (

not partitions but physical LUN's (RAID 1+) for Data, RAID 1+0 for Logs,
RAID 5 for temp)
2) Use multiple controllers, with a high level of cache 512MB or higher
if using local disk to help on transactions. 
3) Consider having a temp DB for each physical processor in your system.



Dual and Quad Core Processors with 8-16GB of RAM and Windows 2003/2008
Enterprise along with SQL 2000 Std/Enterprise would be a good starting
point, but you can probably get away with less with your setup with
Win2003 STD and SQL 2005 STD. 


HTH
Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Chad Leeper [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 11:37 AM

To: NT System Admin Issues
Subject: General hardware setup recommends for a SQL 2005 database
server

Hi all,

I am building a 2005 SQL database server that will be supporting 30
users.  The front-end for this database will be on a separate box.
Does anyone have any hardware recommendations.  i.e. number drives, ram,
etc?

I prefer HP hardware but, I welcome any input.

Thanks,

/Chad

Think green. Please consider the environment before printing 


* CONFIDENTIALITY NOTE:
The information contained in this transmission is privileged and
confidential information intended only for the use of the individual or
entity named above. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this communication is strictly prohibited. If you have
received this transmission in error, do not read it. Please immediately
reply to the sender that you have received this communication in error
and then delete it. Thank you. 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
  



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Strange Behavior

2008-11-04 Thread Jake Gardner 
Event logs?  Do you have any auditing turned on?  
 
Thanks,
 
Jake Gardner
TTC Network Administrator
Ext. 246
 



From: Robert Cato [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 11:25 AM
To: NT System Admin Issues
Subject: Strange Behavior


 
I have about six workstations (xp sp3 fully patches using SCE) that are
behaving strange. 
 
W2K3 domain (native mode)
User will log out at the end of day or lunch. Upon return to their PC
they are logged in with screen locked (screen lock set by GPO). Have not
had a chance to see what happens first hand. I am called because the
user is unable to unlock/sign on. I am unable to force the user off by
signing on as domain or local administrator. A hard boot will allow the
user to sign in, but it returns.
 
Anybody seen anything like this?
 
I have been googling and searching around Sans with no luck.
 
TIA,
Robert

 

 


***Teletronics Technology Corporation*** 
This e-mail is confidential and may also be privileged.  If you are not the 
addressee or authorized by the addressee to receive this e-mail, you may not 
disclose, copy, distribute, or use this e-mail. If you have received this 
e-mail in error, please notify the sender immediately by reply e-mail or by 
telephone at 267-352-2020 and destroy this message and any copies.  Thank you.

***



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Strange Behavior

2008-11-04 Thread Klint Price - ArizonaITPro 

PowerToys setting the user to log in automatically?




Robert Cato wrote:
 
I have about six workstations (xp sp3 fully patches using SCE) that 
are behaving strange.
 
W2K3 domain (native mode)
User will log out at the end of day or lunch. Upon return to their PC 
they are logged in with screen locked (screen lock set by GPO). Have 
not had a chance to see what happens first hand. I am called because 
the user is unable to unlock/sign on. I am unable to force the user 
off by signing on as domain or local administrator. A hard boot will 
allow the user to sign in, but it returns.
 
Anybody seen anything like this?
 
I have been googling and searching around Sans with no luck.
 
TIA,

Robert

 

 



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread Micheal Espinola Jr 
Oh, no kidding!  Sounds like a blast - have fun!

--
ME2



On Tue, Nov 4, 2008 at 9:54 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
> rather good.
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>
>> ?!  Where did you pick up a time machine? I want one!
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]>
>> wrote:
>> > I vote for going home early so I can get plenty to drink before I go to
>> > see
>> > Queen in concert tonight. That's the only voting I have on my mind today
>> > :-)
>> >
>> > 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>> >>
>> >> Hopefully, everyone is voting.
>> >>
>> >> --
>> >> ME2
>> >>
>> >>
>> >>
>> >> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo
>> >> <[EMAIL PROTECTED]>
>> >> wrote:
>> >> >
>> >> >
>> >> > Todd Lemmiksoo
>> >> > Network Administrator
>> >> >
>> >> > All-Mode Communications, Inc.
>> >> > 1725 Dryden Road
>> >> > Freeville, New York  13068
>> >> > (607) 347-4164 x440
>> >> > 1-877-ALLMODE  (toll free)
>> >> > http://www.all-mode.com
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> >> ~   ~
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: General hardware setup recommends for a SQL 2005 database server

2008-11-04 Thread Ziots, Edward 
Few questions: 

1) 30 Concurrent users correct, or just a max of 30 users. 
2) Are the transactions OLAP or OLTP in nature. 
3) Will you be doing reporting off this database server (not
recommended)

Here are some things to keep in mind. 
1) Split your Disk into LUN's for the database and logs and temp DB (
not partitions but physical LUN's (RAID 1+) for Data, RAID 1+0 for Logs,
RAID 5 for temp)
2) Use multiple controllers, with a high level of cache 512MB or higher
if using local disk to help on transactions. 
3) Consider having a temp DB for each physical processor in your system.


Dual and Quad Core Processors with 8-16GB of RAM and Windows 2003/2008
Enterprise along with SQL 2000 Std/Enterprise would be a good starting
point, but you can probably get away with less with your setup with
Win2003 STD and SQL 2005 STD. 

HTH
Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Chad Leeper [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 11:37 AM
To: NT System Admin Issues
Subject: General hardware setup recommends for a SQL 2005 database
server

Hi all,

I am building a 2005 SQL database server that will be supporting 30
users.  The front-end for this database will be on a separate box.
Does anyone have any hardware recommendations.  i.e. number drives, ram,
etc?

I prefer HP hardware but, I welcome any input.

Thanks,

/Chad

Think green. Please consider the environment before printing 

* CONFIDENTIALITY NOTE:
The information contained in this transmission is privileged and
confidential information intended only for the use of the individual or
entity named above. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this communication is strictly prohibited. If you have
received this transmission in error, do not read it. Please immediately
reply to the sender that you have received this communication in error
and then delete it. Thank you. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

General hardware setup recommends for a SQL 2005 database server

2008-11-04 Thread Chad Leeper 
Hi all,

I am building a 2005 SQL database server that will be supporting 30 users.  The 
front-end for this database will be on a separate box.
Does anyone have any hardware recommendations.  i.e. number drives, ram, etc?

I prefer HP hardware but, I welcome any input.

Thanks,

/Chad

Think green. Please consider the environment before printing 
*
 CONFIDENTIALITY NOTE: The information contained in this transmission is 
privileged and confidential information intended only for the use of the 
individual or entity named above. If the reader of this message is not the 
intended recipient, you are hereby notified that any dissemination, 
distribution or copying of this communication is strictly prohibited. If you 
have received this transmission in error, do not read it. Please immediately 
reply to the sender that you have received this communication in error and then 
delete it. Thank you. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Strange Behavior

2008-11-04 Thread Robert Cato 
I have about six workstations (xp sp3 fully patches using SCE) that are
behaving strange.

W2K3 domain (native mode)
User will log out at the end of day or lunch. Upon return to their PC they
are logged in with screen locked (screen lock set by GPO). Have not had a
chance to see what happens first hand. I am called because the user is
unable to unlock/sign on. I am unable to force the user off by signing on as
domain or local administrator. A hard boot will allow the user to sign in,
but it returns.

Anybody seen anything like this?

I have been googling and searching around Sans with no luck.

TIA,
Robert

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Alerts on Install or Elevation of Priviledges

2008-11-04 Thread David Lum 
This is an older e-mail but what Carl says is s true. More than once I have 
started an e-mail to this list going step-by-step through the a problem I'm 
having and while detailing the problems and things I've tested, I will "close 
the loop" on something I missed and presto, problem solved before I ever hit 
"SEND".

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

-Original Message-
From: Carl Houseman [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 28, 2008 8:49 AM
To: NT System Admin Issues
Subject: RE: Alerts on Install or Elevation of Priviledges

That's information that I didn't have before...

Also unknown, what exactly is being installed, and whether said product
requires administrator account access to be used or installed.

If you want help, explain *everything* that you know about a problem - leave
out no details.  You may find that by fully documenting a problem, you end
up solving it yourself.

Carl

-Original Message-
From: Andy Ognenoff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 28, 2008 11:40 AM
To: NT System Admin Issues
Subject: RE: Alerts on Install or Elevation of Priviledges

Yep...I know, but the password wasn't reset.

 - Andy O.

>-Original Message-
>From: Carl Houseman [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, October 28, 2008 10:37 AM
>To: NT System Admin Issues
>Subject: RE: Alerts on Install or Elevation of Priviledges
>
>With physical access to a machine, any local account password can be reset.
>Even disabling the local administrator account isn't sufficient.
>
>http://home.eunet.no/pnordahl/ntpasswd/


-Original Message-
From: Andy Ognenoff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 28, 2008 10:55 AM
To: NT System Admin Issues
Subject: Alerts on Install or Elevation of Priviledges

I have a user that is somehow installing stuff but his account is only a
standard restricted user. This is a standalone laptop, not on the domain at
all. Anyone know of a way I could send myself an alert via email if he
installs something or logs on as a different account than he should?

Only thing I can think of is that he somehow got a hold of the local admin
password but I can't see how - yes we disable the LM hash.

 - Andy O.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread John Cook 
I heard nothing but raves about their show in Jacksonville earlier in the year!

John W. Cook
Systems Administrator
Partnership For Strong Families
315 SE 2nd Ave
Gainesville, Fl 32601
Office (352) 393-2741 x320
Cell (352) 215-6944
Fax (352) 393-2746
MCSE, MCTS, MCP+I,CompTIA A+, N+

From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:54 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are rather 
good.
2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
?!  Where did you pick up a time machine? I want one!

--
ME2



On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> I vote for going home early so I can get plenty to drink before I go to see
> Queen in concert tonight. That's the only voting I have on my mind today :-)
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>
>> Hopefully, everyone is voting.
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL 
>> PROTECTED]>
>> wrote:
>> >
>> >
>> > Todd Lemmiksoo
>> > Network Administrator
>> >
>> > All-Mode Communications, Inc.
>> > 1725 Dryden Road
>> > Freeville, New York  13068
>> > (607) 347-4164 x440
>> > 1-877-ALLMODE  (toll free)
>> > http://www.all-mode.com
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~







CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Steven M. Caesare 
Paul also was in a little band called "Bad Company"

 

He does compliment Queen well.

 

-sc

 

From: James Rankin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:54 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

 

Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
rather good.

2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>

?!  Where did you pick up a time machine? I want one!

--
ME2




On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]>
wrote:
> I vote for going home early so I can get plenty to drink before I go
to see
> Queen in concert tonight. That's the only voting I have on my mind
today :-)
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>

>> Hopefully, everyone is voting.
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo
<[EMAIL PROTECTED]>
>> wrote:
>> >
>> >

>> > Todd Lemmiksoo
>> > Network Administrator
>> >
>> > All-Mode Communications, Inc.
>> > 1725 Dryden Road
>> > Freeville, New York  13068
>> > (607) 347-4164 x440
>> > 1-877-ALLMODE  (toll free)
>> > http://www.all-mode.com
>> >
>> >
>> >
>> >
>>

>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread Micheal Espinola Jr 
?!  Where did you pick up a time machine? I want one!

--
ME2



On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]> wrote:
> I vote for going home early so I can get plenty to drink before I go to see
> Queen in concert tonight. That's the only voting I have on my mind today :-)
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>
>> Hopefully, everyone is voting.
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
>> wrote:
>> >
>> >
>> > Todd Lemmiksoo
>> > Network Administrator
>> >
>> > All-Mode Communications, Inc.
>> > 1725 Dryden Road
>> > Freeville, New York  13068
>> > (607) 347-4164 x440
>> > 1-877-ALLMODE  (toll free)
>> > http://www.all-mode.com
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

ESET mail info

2008-11-04 Thread Stefan Jafs 
Ok, I upgraded or I'm in the midst of upgrading 200+ PC's from 2.7 to
3.0.

And of course the ESEt tech support is horrible!! But I did not feel
comfortable of moving to Vipre yet L.

 

I'm trying to figure out where the following "__ Information
from ESET NOD32 Antivirus, version of virus signature database 3582
(20081104) __

The message was checked by ESET NOD32 Antivirus

 

 

Comes from, I can't figure out how to turn it off in the "Configuration
Editor" so I turned it of in ESET on my PC but it's still there! Any
ideas?

 

__
Stefan Jafs 

 




This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Amico 
Corpoartion company. Warning: Although precautions have been taken to make sure 
no viruses are present in this email, the company cannot accept responsibility 
for any loss or damage that arise from the use of this email or attachments.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Todd Lemmiksoo 
My thought also! 

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:25 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

Hopefully, everyone is voting.

--
ME2



On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
wrote:
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread James Rankin 
Woot! I have been waiting 22 years since I last saw them on the Magic tour
in 86...

2008/11/4 Vicky Spelshaus <[EMAIL PROTECTED]>

> Nobody can replace Freddie, but yes - they are pretty good.  I've seen
> them.
>
>
> On Tue, Nov 4, 2008 at 8:54 AM, James Rankin <[EMAIL PROTECTED]>wrote:
>
>> Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
>> rather good.
>>
>>
>> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>
>>> ?!  Where did you pick up a time machine? I want one!
>>>
>>> --
>>> ME2
>>>
>>>
>>>
>>> On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]>
>>> wrote:
>>> > I vote for going home early so I can get plenty to drink before I go to
>>> see
>>> > Queen in concert tonight. That's the only voting I have on my mind
>>> today :-)
>>> >
>>> > 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>>> >>
>>> >> Hopefully, everyone is voting.
>>> >>
>>> >> --
>>> >> ME2
>>> >>
>>> >>
>>> >>
>>> >> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <
>>> [EMAIL PROTECTED]>
>>> >> wrote:
>>> >> >
>>> >> >
>>> >> > Todd Lemmiksoo
>>> >> > Network Administrator
>>> >> >
>>> >> > All-Mode Communications, Inc.
>>> >> > 1725 Dryden Road
>>> >> > Freeville, New York  13068
>>> >> > (607) 347-4164 x440
>>> >> > 1-877-ALLMODE  (toll free)
>>> >> > http://www.all-mode.com
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >>
>>>  >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> >> ~   ~
>>> >
>>> >
>>> >
>>> >
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Organization and good planning are just crutches for people that can't
> handle stress and caffeine. - unknown
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread Vicky Spelshaus 
Nobody can replace Freddie, but yes - they are pretty good.  I've seen them.

On Tue, Nov 4, 2008 at 8:54 AM, James Rankin <[EMAIL PROTECTED]> wrote:

> Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
> rather good.
>
>
> 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>
>> ?!  Where did you pick up a time machine? I want one!
>>
>> --
>> ME2
>>
>>
>>
>> On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]>
>> wrote:
>> > I vote for going home early so I can get plenty to drink before I go to
>> see
>> > Queen in concert tonight. That's the only voting I have on my mind today
>> :-)
>> >
>> > 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
>> >>
>> >> Hopefully, everyone is voting.
>> >>
>> >> --
>> >> ME2
>> >>
>> >>
>> >>
>> >> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <
>> [EMAIL PROTECTED]>
>> >> wrote:
>> >> >
>> >> >
>> >> > Todd Lemmiksoo
>> >> > Network Administrator
>> >> >
>> >> > All-Mode Communications, Inc.
>> >> > 1725 Dryden Road
>> >> > Freeville, New York  13068
>> >> > (607) 347-4164 x440
>> >> > 1-877-ALLMODE  (toll free)
>> >> > http://www.all-mode.com
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>>  >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> >> ~   ~
>> >
>> >
>> >
>> >
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
>
>
>


-- 
Organization and good planning are just crutches for people that can't
handle stress and caffeine. - unknown

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Ziots, Edward 
Voted...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:25 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

Hopefully, everyone is voting.

--
ME2



On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
wrote:
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread James Rankin 
Queen on tour, with Paul Rogers of Free as vocalist. Apparently they are
rather good.

2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>

> ?!  Where did you pick up a time machine? I want one!
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 9:26 AM, James Rankin <[EMAIL PROTECTED]>
> wrote:
> > I vote for going home early so I can get plenty to drink before I go to
> see
> > Queen in concert tonight. That's the only voting I have on my mind today
> :-)
> >
> > 2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>
> >>
> >> Hopefully, everyone is voting.
> >>
> >> --
> >> ME2
> >>
> >>
> >>
> >> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]
> >
> >> wrote:
> >> >
> >> >
> >> > Todd Lemmiksoo
> >> > Network Administrator
> >> >
> >> > All-Mode Communications, Inc.
> >> > 1725 Dryden Road
> >> > Freeville, New York  13068
> >> > (607) 347-4164 x440
> >> > 1-877-ALLMODE  (toll free)
> >> > http://www.all-mode.com
> >> >
> >> >
> >> >
> >> >
> >>
> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> >> ~   ~
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Erik Goldoff 
before your post today, my last message received for this list was around
3:50pm yesterday (East Coast USA time)
 

Erik Goldoff


IT  Consultant

Systems, Networks, & Security 

 

  _  

From: Todd Lemmiksoo [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:19 AM
To: NT System Admin Issues
Subject: Is the list down? No message so far this morning.





Todd Lemmiksoo 
Network Administrator 

All-Mode Communications, Inc. 
1725 Dryden Road 
Freeville, New York  13068 
(607) 347-4164 x440 
1-877-ALLMODE  (toll free) 
  http://www.all-mode.com 


 


 

No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.175 / Virus Database: 270.8.5/1758 - Release Date: 11/4/2008
8:26 AM



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Eric Brouwer 
If you have to ask, it probably is the wrong list.

As far as I'm concerned, this list is one of the most valuable tools at my
disposal.

-Original Message-
From: Oblas, Ed [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:28 AM
To: NT System Admin Issues
Subject: RE: Is the list down? No message so far this morning.

This list is not what I expected.  How do I unsubscribe from the list?

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:26 AM
To: NT System Admin Issues
Subject: RE: Is the list down? No message so far this morning.

Voted...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:25 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

Hopefully, everyone is voting.

--
ME2



On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
wrote:
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread James Rankin 
Whoa, sorry dude! It's normally quite useful...

2008/11/4 Oblas, Ed <[EMAIL PROTECTED]>

> This list is not what I expected.  How do I unsubscribe from the list?
>
> -Original Message-
> From: Ziots, Edward [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:26 AM
> To: NT System Admin Issues
> Subject: RE: Is the list down? No message so far this morning.
>
> Voted...
>
> Z
>
> Edward E. Ziots
> Network Engineer
> Lifespan Organization
> Email: [EMAIL PROTECTED]
> Phone: 401-639-3505
> MCSE, MCP+I, ME, CCA, Security +, Network +
>
> -Original Message-
> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:25 AM
> To: NT System Admin Issues
> Subject: Re: Is the list down? No message so far this morning.
>
> Hopefully, everyone is voting.
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
> wrote:
> >
> >
> > Todd Lemmiksoo
> > Network Administrator
> >
> > All-Mode Communications, Inc.
> > 1725 Dryden Road
> > Freeville, New York  13068
> > (607) 347-4164 x440
> > 1-877-ALLMODE  (toll free)
> > http://www.all-mode.com
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Michael B. Smith 
Everyone is standing in line to vote in the USA.

 

J

 

Regards,

 

Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP

My blog: http://TheEssentialExchange.com/blogs/michael

Link with me at: http://www.linkedin.com/in/theessentialexchange

 

From: Todd Lemmiksoo [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:19 AM
To: NT System Admin Issues
Subject: Is the list down? No message so far this morning.

 

 

Todd Lemmiksoo 
Network Administrator 

All-Mode Communications, Inc. 
1725 Dryden Road 
Freeville, New York  13068 
(607) 347-4164 x440 
1-877-ALLMODE  (toll free) 
  http://www.all-mode.com 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Oblas, Ed 
This list is not what I expected.  How do I unsubscribe from the list?

-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:26 AM
To: NT System Admin Issues
Subject: RE: Is the list down? No message so far this morning.

Voted...

Z

Edward E. Ziots
Network Engineer
Lifespan Organization
Email: [EMAIL PROTECTED]
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +

-Original Message-
From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 9:25 AM
To: NT System Admin Issues
Subject: Re: Is the list down? No message so far this morning.

Hopefully, everyone is voting.

--
ME2



On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
wrote:
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning. (UNCLASSIFIED)

2008-11-04 Thread Kent, Larry CTR USA IMCOM 
Classification:  UNCLASSIFIED 
Caveats: NONE
 
Pong...

  _  

From: Ziots, Edward [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:23 AM
To: NT System Admin Issues
Subject: RE: Is the list down? No message so far this morning.



Ping..

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

Email: [EMAIL PROTECTED]

Phone: 401-639-3505

MCSE, MCP+I, ME, CCA, Security +, Network +

  _  

From: Todd Lemmiksoo [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:19 AM
To: NT System Admin Issues
Subject: Is the list down? No message so far this morning.

 

 

Todd Lemmiksoo 
Network Administrator 

All-Mode Communications, Inc. 
1725 Dryden Road 
Freeville, New York  13068 
(607) 347-4164 x440 
1-877-ALLMODE  (toll free) 
  http://www.all-mode.com 

 

 

 


 


 

 
Classification:  UNCLASSIFIED 
Caveats: NONE

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread James Rankin 
I vote for going home early so I can get plenty to drink before I go to see
Queen in concert tonight. That's the only voting I have on my mind today :-)

2008/11/4 Micheal Espinola Jr <[EMAIL PROTECTED]>

> Hopefully, everyone is voting.
>
> --
> ME2
>
>
>
> On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]>
> wrote:
> >
> >
> > Todd Lemmiksoo
> > Network Administrator
> >
> > All-Mode Communications, Inc.
> > 1725 Dryden Road
> > Freeville, New York  13068
> > (607) 347-4164 x440
> > 1-877-ALLMODE  (toll free)
> > http://www.all-mode.com
> >
> >
> >
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread Micheal Espinola Jr 
Hopefully, everyone is voting.

--
ME2



On Tue, Nov 4, 2008 at 9:19 AM, Todd Lemmiksoo <[EMAIL PROTECTED]> wrote:
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Is the list down? No message so far this morning.

2008-11-04 Thread Micheal Espinola Jr 
Pong..

--
ME2



On Tue, Nov 4, 2008 at 9:22 AM, Ziots, Edward <[EMAIL PROTECTED]> wrote:
> Ping..
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> Network Engineer
>
> Lifespan Organization
>
> Email: [EMAIL PROTECTED]
>
> Phone: 401-639-3505
>
> MCSE, MCP+I, ME, CCA, Security +, Network +
>
> 
>
> From: Todd Lemmiksoo [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 04, 2008 9:19 AM
> To: NT System Admin Issues
> Subject: Is the list down? No message so far this morning.
>
>
>
>
>
> Todd Lemmiksoo
> Network Administrator
>
> All-Mode Communications, Inc.
> 1725 Dryden Road
> Freeville, New York  13068
> (607) 347-4164 x440
> 1-877-ALLMODE  (toll free)
> http://www.all-mode.com
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: NTBACKUP ISSUE

2008-11-04 Thread David McSpadden 
Don't forget to create it in NTBackup first then go to the .bks and add
your excludes from them.

 



From: Eric Wittersheim [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 03, 2008 10:33 AM
To: NT System Admin Issues
Subject: Re: NTBACKUP ISSUE

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Is the list down? No message so far this morning.

2008-11-04 Thread Ziots, Edward 
Ping..

 

Z

 

Edward E. Ziots

Network Engineer

Lifespan Organization

Email: [EMAIL PROTECTED]

Phone: 401-639-3505

MCSE, MCP+I, ME, CCA, Security +, Network +



From: Todd Lemmiksoo [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 04, 2008 9:19 AM
To: NT System Admin Issues
Subject: Is the list down? No message so far this morning.

 

 

Todd Lemmiksoo 
Network Administrator 

All-Mode Communications, Inc. 
1725 Dryden Road 
Freeville, New York  13068 
(607) 347-4164 x440 
1-877-ALLMODE  (toll free) 
http://www.all-mode.com   

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Is the list down? No message so far this morning.

2008-11-04 Thread Todd Lemmiksoo 


Todd Lemmiksoo
Network Administrator

All-Mode Communications, Inc.
1725 Dryden Road
Freeville, New York  13068
(607) 347-4164 x440
1-877-ALLMODE  (toll free)
http://www.all-mode.com


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~