Re: label printer

[Angus Scott-Fleming]

On 15 Apr 2010 at 17:38, Ben Scott  wrote:

>   I'd start looking there, then.  You changed printer drivers, and now
> you have some new printer problems.  I doubt that's coincidence.
> 
>   I've seen all manner of weird problems come about due to printer
> drivers.  A buggy printer driver can affect other printers using other
> drivers on the same computer.  (HP's drivers started doing this to us.
>  It's one of the main reasons we're not buying HP printers anymore.)

Known problem, doesn't just affect other printers:

= Included Stuff Follows =
Ubersoft.net: Technology Is Not Your Friend
http://www.ubersoft.net/comic/hd/2010/03/standard-obfuscation-12

ALEX: So we need to come up with a game plan that will maximize the amount 
of stalling time we have.

MONK: The easiest thing to do would be to push off the problem to another 
company.

KING: Monk's right. We used to do that all the time.

ALEX: OK, so we blame the accleration problem on another company. But 
which company? And what is our specific response?

MONK: Let's go with Standard Obfuscation #12.

KING: Oo... one of the classics.

CUSTOMER: You're telling me my car is randomly accelerating due to a 
faulty HP printer driver?

ALEX: I'm afraid so.

= Included Stuff Ends =


--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Kurt Buff]

See the thread here:

http://www.securityfocus.com/archive/105/510384/30/0/threaded

In particular, the comments by Ansgar Wiechers.

There seems to be some room for debate on this subject.

On Thu, Apr 15, 2010 at 15:40, Crawford, Scott  wrote:
> Jesper Johansson talks about the difficulty in cracking pass phrases in part
> 2 of 3 of this series
>
>
>
> The Great Debates: Pass Phrases vs. Passwords.
>
> http://technet.microsoft.com/en-us/library/cc512613.aspx
>
>
>
>
>
> From: David Lum [mailto:david@nwea.org]
> Sent: Thursday, April 15, 2010 4:49 PM
> To: NT System Admin Issues
> Subject: RE: please don't change your password!
>
>
>
> Fortunately I have more than 60 days for each password (errr, passphrase
> Sherry!). What gets screwy is when I hop from network to network since I
> don’t use the same ones everywhere. My first long passwords were “This
> password is hard to guess” then changed to “This password is harder to
> guess”, “This password is even harder to guess”, LOL.
>
>
>
> I heard somewhere that dictionary attacks can figure out phrases, anyone
> able to shed any light on that? I do substitute letters with numbers/symbols
> on occasion but not everywhere.
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025
> // (Cell) 503.267.9764
>
>
>
> From: Brian Clark [mailto:brianclark2...@googlemail.com]
> Sent: Thursday, April 15, 2010 2:09 PM
> To: NT System Admin Issues
> Subject: Re: please don't change your password!
>
>
>
> Funny ones at that! Question is how often do you have to re enter them, as
> your tying is so good! ;)
>
>
>
> On 15 April 2010 22:03, Sherry Abercrombie  wrote:
>
> Actually, those are considered pass-phrases I do believe. ;)
>
>
>
> On Thu, Apr 15, 2010 at 3:57 PM, David Lum  wrote:
>
> I am very good at long “passwords”, and so is anyone that can type using
> correct punctuation. The biggest hindrance to long password use are systems
> that limit the length of the password.
>
>
>
> Examples of complex long passwords include:
>
>
>
> I would like a beer from the refrigerator. Now.
>
> Why don’t you close the door ALL the way?
>
> You’re not wearing that outside, are you?
>
> The person watching me can’t believe how long this password is.
>
>
>
> And when it’s time to change the long password:
>
>
>
> I would REALLY like a beer from the refrigerator. Now!
>
> Why don’t you close the door ALL the way next time?
>
> You’re not wearing that outside, are you? Seriously?
>
> The person watching me really can’t believe how long this password is.
>
>
>
> Etc…
>
>
>
> I love how big people eyes get when they see my tying in my 27 character
> Windows password, I HATE the systems that limit me to 15 or less.
>
>
>
> Dave
>
>
>
>
>
> From: Jon Harris [mailto:jk.har...@gmail.com]
> Sent: Thursday, April 15, 2010 1:45 PM
> To: NT System Admin Issues
> Subject: Re: please don't change your password!
>
>
>
> Sounds like someone trying to generate reader interest and FUD.  A quick
> search seems he likes controversial subjects/items.  Since passwords are the
> defacto standard for most Internet sites for protection of customers.  I see
> no reason for someone to keep the same password for ever.  Unless you are
> good at generating very long complex passwords.
>
>
>
> Jon
>
> On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark 
> wrote:
>
> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!
>
>
>
> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>
>
>
>
>
> Brian
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Kurt Buff]

I've been listening on a number of lists, and there are a couple of
things to consider, the second one of which I am evaluating for
bogosity:

1) Pass The Hash attacks.
http://oss.coresecurity.com/pshtoolkit/doc/index.html

2) Long passphrases are considered by some to be not much better than
relatively short passwords. The reasoning is thus: each word can be
considered a token, and the number of tokens is usually fairly small -
less than the number of letters in a longish password, frequently.

I find the second one a bit eccentric - after all, punctuation in the
middle of the sentence, and numbers almost anywhere in it, will
definitely skew the complexity to the right quite a bit.

Worthy of some more thought, however

Kurt

On Thu, Apr 15, 2010 at 14:49, David Lum  wrote:
> Fortunately I have more than 60 days for each password (errr, passphrase
> Sherry!). What gets screwy is when I hop from network to network since I
> don’t use the same ones everywhere. My first long passwords were “This
> password is hard to guess” then changed to “This password is harder to
> guess”, “This password is even harder to guess”, LOL.
>
>
>
> I heard somewhere that dictionary attacks can figure out phrases, anyone
> able to shed any light on that? I do substitute letters with numbers/symbols
> on occasion but not everywhere.
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 // (Cell) 503.267.9764
>
>
>
> From: Brian Clark [mailto:brianclark2...@googlemail.com]
> Sent: Thursday, April 15, 2010 2:09 PM
> To: NT System Admin Issues
> Subject: Re: please don't change your password!
>
>
>
> Funny ones at that! Question is how often do you have to re enter them, as
> your tying is so good! ;)
>
>
>
> On 15 April 2010 22:03, Sherry Abercrombie  wrote:
>
> Actually, those are considered pass-phrases I do believe. ;)
>
>
>
> On Thu, Apr 15, 2010 at 3:57 PM, David Lum  wrote:
>
> I am very good at long “passwords”, and so is anyone that can type using
> correct punctuation. The biggest hindrance to long password use are systems
> that limit the length of the password.
>
>
>
> Examples of complex long passwords include:
>
>
>
> I would like a beer from the refrigerator. Now.
>
> Why don’t you close the door ALL the way?
>
> You’re not wearing that outside, are you?
>
> The person watching me can’t believe how long this password is.
>
>
>
> And when it’s time to change the long password:
>
>
>
> I would REALLY like a beer from the refrigerator. Now!
>
> Why don’t you close the door ALL the way next time?
>
> You’re not wearing that outside, are you? Seriously?
>
> The person watching me really can’t believe how long this password is.
>
>
>
> Etc…
>
>
>
> I love how big people eyes get when they see my tying in my 27 character
> Windows password, I HATE the systems that limit me to 15 or less.
>
>
>
> Dave
>
>
>
>
>
> From: Jon Harris [mailto:jk.har...@gmail.com]
> Sent: Thursday, April 15, 2010 1:45 PM
> To: NT System Admin Issues
> Subject: Re: please don't change your password!
>
>
>
> Sounds like someone trying to generate reader interest and FUD.  A quick
> search seems he likes controversial subjects/items.  Since passwords are the
> defacto standard for most Internet sites for protection of customers.  I see
> no reason for someone to keep the same password for ever.  Unless you are
> good at generating very long complex passwords.
>
>
>
> Jon
>
> On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark 
> wrote:
>
> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!
>
>
>
> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>
>
>
>
>
> Brian
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Kurt Buff]

The three laws of thermodynamics:

1) You can't win
2) You can't break even
3) You can't get out of the game

Heh.

On Thu, Apr 15, 2010 at 14:36, Ben Scott  wrote:
> On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark
>  wrote:
>> After a long week doing a SBS migration I didn't know how to take this
>> article and needed to share it!!
>
>  Long winded.  Slightly sensationalist.  For all he beaks about
> security people not having hard data to back up their advice, he
> doesn't present hard data to back up his advice.
>
>  That said, there are some good points to make:
>
>  Cost/benefit (ROI) is the end-all, be-all of everything.  First,
> last, and always.  Everything has a cost.  The Laws of Thermodynamics
> tell us this, and you cannot escape it.  Ever.  If your planning
> doesn't take cost/benefit into account, you're going to loose.
>
>  More specifically: "There's no such thing as security; only managed
> risk."  Security measures should be intended to counter specific
> threats.  The reduction in risk should justify the cost.
>
>  More specifically still: Some of the rules I've seen about how often
> one should change one's password are ridiculous.  Every 90 or 30 days?
>  Seriously?  I would much rather someone craft a strong password and
> change it less often, than resort to writing them down or choosing
> weak or systematic passwords because they are forced to change them so
> often.  If you really are *that* scared of password cracking, you
> shouldn't be using passwords at all.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Backups

[Angus Scott-Fleming]

On 15 Apr 2010 at 12:37, John Aldrich  wrote:

> The main concern I have for cloud-based backup is the ongoing cost. I mean,
> yeah, the initial cost of a tape drive/library is pretty high but a
> cloud-based backup service is somewhat like blackmail -- you pay and you pay
> and you pay. :-) 

Agree.  Most companies have multiple physical sites, and those which are small 
enough not to have owners with broadband Internet at home.  Seems to me your 
offsite backup site ought to be configured as a backup mirror at another 
company site or the owner's home.  No per-month storage costs, no per-gigabyte 
transfer fees, just the cost of setting up the box and the pipeline costs.

> Either way, though you'll have to pay. I guess even if you go with tape,
> you'll have to replace tapes as they wear out and eventually you'll need the
> next generation of tape drives that hold more 
> data, etc 

Unless you just backup to removable disks, which make expensive archive media 
but don't wear the way tapes do.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Problem with Dell laptop

[Jim Majorowicz]

I don't know about the hardware you're working with, but I know in most
cases stuff like this is related to the way XP seems to handle items placed
on the USB bus.  I've observed situations where if you connect an item and
configure it one port, shut the system down and move it to another port, XP
will have disabled the first listing of the item and created a second (exact
copy) of the item.  There may be instances where software is expecting to
find things in the first item and doesn't even look in the second.

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 8:42 AM
To: NT System Admin Issues
Subject: Problem with Dell laptop

 

We have a Dell XPS M1730 here which is having some odd issues lately, mostly
related to USB, but also the DVDRW drive is not recognized by Roxio 10. The
USB issue is multi-faceted as follows: 1) We have a USB "Hard Lock" key for
some software that we use for carpet designing (kind of like CAD/CAM for
carpet design! ) and it is ONLY recognized if it's in one USB port.
However, when trying to run a related piece of software that also requires
that specific hard-lock key, it says it can't find the hard-lock. 2) There
is a Wacom tablet that plugs into the USB port on that laptop, and sometimes
it'll pop up a message saying "tablet driver not running." I seem to have
fixed that by swapping the USB port that the tablet plugs into with the one
we have the external floppy drive hooked up to.

 

The main issue at this point is two fold: 1) Why does Roxio not recognize
that the DVD R/W drive is there and 2) Why does the Hard Lock key work
sometimes and not others? I think the design department is contacting the
software manufacturer regarding the problem, but if it's a Windows XP or
laptop problem, that's my problem. J

 

Any ideas???

 

John-AldrichTile-Tools

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Vipre 4.0 message

[justino garcia]

thanks
thank you

On Thu, Apr 15, 2010 at 3:09 PM, Alex Eckelberry  wrote:

> If you have malicious web filtering enabled, these will be filtered from
> emails as well as phishing sites.
>
> -Original Message-
> From: jgarciaitl...@gmail.com [mailto:jgarciaitl...@gmail.com]
> Sent: Thursday, April 15, 2010 1:16 PM
> To: NT System Admin Issues
> Subject: Re: Vipre 4.0 message
>
> Will do
> Once get on a computer.
> Sent via BlackBerry from T-Mobile
>
> -Original Message-
> From: "James Kerr" 
> Date: Thu, 15 Apr 2010 13:06:40
> To: NT System Admin Issues
> Subject: Re: Vipre 4.0 message
>
> Better to ask this over on the Vipre support forum on sunbelts site.
>
> James
>
>
> - Original Message -
> From: 
> To: "NT System Admin Issues" 
> Sent: Thursday, April 15, 2010 9:25 AM
> Subject: Vipre 4.0 message
>
>
> > Email Antivirus "Cleaned" Alert from
> >
> > A known bad url was replaced by VIPRE(s) <- what is this (phising
> ???)
> >
> > I have set viper to quarantine
> > But viper cleaned this.
> >
> > Any idea why???
> > Sent via BlackBerry from T-Mobile
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

steve I told peopel I work with let nuke it, then add better security via
GPO and viper enterprise perium with firewall and webfliter. and maybe
sandbox i.e. for paragon, and no admin rights.

wha tyou think

On Thu, Apr 15, 2010 at 8:33 PM, Steven M. Caesare wrote:

> +1
>
> Nuke it from orbit... it's the only way to be sure.
>
> -sc
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Thursday, April 15, 2010 5:47 PM
> To: NT System Admin Issues
> Subject: Re: how to clean (malware) from a rooted terminal server?
>
> On Thu, Apr 15, 2010 at 5:39 PM, justino garcia
>  wrote:
> > how to clean a rooted terminal server?
>
>  Boot from trusted media, copy off anything you want to save.  Then
> erase all hard disks, and reinstall the operating system and all
> software from scratch.
>
>  Once an attacker has gained system privilege on your computer, it's
> not your computer anymore.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: how to clean (malware) from a rooted terminal server?

[Steven M. Caesare]

+1

Nuke it from orbit... it's the only way to be sure.

-sc

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Thursday, April 15, 2010 5:47 PM
To: NT System Admin Issues
Subject: Re: how to clean (malware) from a rooted terminal server?

On Thu, Apr 15, 2010 at 5:39 PM, justino garcia
 wrote:
> how to clean a rooted terminal server?

  Boot from trusted media, copy off anything you want to save.  Then
erase all hard disks, and reinstall the operating system and all
software from scratch.

  Once an attacker has gained system privilege on your computer, it's
not your computer anymore.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Ready nas netgear 75 MBs

[Jim von Stein]

I'm using one for that. Win2K3 server backing up using BackupExec 10 through
an HP4000 (100 MB). The largest backup in my log was 15 GB and took 1 hr. 42
min. to run (inlcuding verification). If I'm calculating correctly, that's
about 2.3 MB/s. That's fast enough for my purposes, but might not be for
yours.

Jim von Stein
Information Services Administrator
SOASTC


-Original Message-
From: jgarciaitl...@gmail.com [mailto:jgarciaitl...@gmail.com] 
Sent: Wednesday, April 14, 2010 10:19 PM
To: NT System Admin Issues
Subject: Ready nas netgear 75 MBs

Anyone used a Ready nas from neatgear pro (for backups) says can do 75 to
95MBs ???
Sent via BlackBerry from T-Mobile

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

they do offer a system checker tool, maybe I can use .msi or get their
activeX control.
they said that system is internet explorer only, and that maybe by the end
of the year it will work with firefox chrome or opera, but that still don't
mean that they won't do crazy things, i.e. is fine if you can lock it down.
So maybe I can do the .msi and still lock it down. they had no whitepaper
how to deploy thier site, and still have the system lock down (like a white
list).

On Thu, Apr 15, 2010 at 7:12 PM, Webster  wrote:

>  Can you get the ActiveX control and package it as an MSI file?  If so,
> deploy it to the servers that way.  Hopefully these stupid, lazy people do
> not update their crap often.
>
>
>
>
>
> Webster
>
>
>
> *From:* justino garcia [mailto:jgarciaitl...@gmail.com]
> *Subject:* Re: how to clean (malware) from a rooted terminal server?
>
>
>
> I would like to have this website http://sar.fnismls.com/ for some
> printing and exporting, they told me requires active X, thier support did
> not have much of a clue what all was required, or how to use that website
> and still keep the system locked.
>
> On Thu, Apr 15, 2010 at 6:48 PM, Micheal Espinola Jr <
> michealespin...@gmail.com> wrote:
>
> You can temporarily escalate privs to install ActiveX components.  Does it
> truly require admin always to run them for this particular app?
>
> As a footnote: Someone may "require" you to do something; but that doesn't
> mean you should, or have to do it.
>
>
>
>  On Thu, Apr 15, 2010 at 3:45 PM, justino garcia 
> wrote:
>
> ben scot this program (web app Requires active X and sysadmin I was told by
> thier support team).  http://www.fnismls.com/products/paragon.htm
>
> On Thu, Apr 15, 2010 at 6:29 PM, Ben Scott  wrote:
>
> On Thu, Apr 15, 2010 at 6:14 PM, justino garcia 
> wrote:
> > Also how would I setup GPO policy or a policy were one website paragon
> > should be the only website to run in administrator mode.
>
>  You're surfing the web as a system privileged user?!?
>
>  That's security suicide.  Don't do it.
>
>
>
>
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Steven Peck]

I would request my management call the police if I witnessed an attempted
illegal act. Installing a key logger on company assets?  Fired.

Because the 'lawyer' didn't want to go through the expense of a getting it
legally?  I'd go talk to a lawyer just long enough to know what my legal
exposure was just knowing he attempted it.  I'd seriously consider telling
her lawyer about on general principal of being offended someone tried to get
me to participate in a potentially illegal act.

Steven

On Thu, Apr 15, 2010 at 3:49 PM, Micheal Espinola Jr <
michealespin...@gmail.com> wrote:

> I can read into this that you are well aware that you just did something
> highly unethical.
>
> --
> ME2
>
>
> On Thu, Apr 15, 2010 at 11:15 AM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
>>  One of my users is in the middle of a nasty divorce with his wife. He’s
>> trying to install a keylogger on his company laptop so he can get access to
>> her email (she uses his company-provided laptop at home) and prove she’s
>> been cheating. Obviously Vipre doesn’t want to let him install it, but I
>> overrode Vipre and told it to unquarantine it. My question is, did I do the
>> right thing or should I make him uninstall it?
>>
>>
>>
>> [image: John-Aldrich][image: Tile-Tools]
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: how to clean (malware) from a rooted terminal server?

[Dennis Hoefer]

-Original Message-
From: "Ben Scott" 
To: "NT System Admin Issues" 
Sent: 4/15/10 5:30 PM
Subject: Re: how to clean (malware) from a rooted terminal server?

On Thu, Apr 15, 2010 at 6:14 PM, justino garcia  wrote:
> Also how would I setup GPO policy or a policy were one website paragon
> should be the only website to run in administrator mode.

  You're surfing the web as a system privileged user?!?

  That's security suicide.  Don't do it.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: label printer

[Brad Graybiel]

Question's

A: Has any software updates been installed lately?
B: Are you using native Datamax drivers?
C: What happens when you do a test print?
D: What happens when you do a self test print on the printers thamselves?
E: What interface are you using? I.E. Parallel, Ethernet, Serial, USB?
F: Has there been a replacment of the network workstations creating the
problems lately? I.E. Unpgrade to Windows 7?



On Thu, Apr 15, 2010 at 3:24 PM, paul d  wrote:

> I've got a problem for you printer guru's out there.
> Here's the setup:
>
> Windows 2003 print server
> 3 flavors of Datamax label printers
>
> Here's an example of how the printer works in our environment:
>  ER doc orders a Lab test.  Order is entered into the system and a label
> prints out in Lab.
>
> This has been going on for years (10+) and with very few problems.
> However, recently the label printer will print a label and go into Pause
> mode.  Or, it will just print garbage or do a hex dump.  These all usually
> happen when a label is supposed to print.  Recently we've started
> experiencing the same situation with the label printers in Radiology.
>
> We entered into a contract to have all our non-label printers to be leased
> from a company (we used to just buy them) and have been replacing the
> current printers with these new printers.  That, of course, means changing
> the drivers on the print server.
>
> I have been tearing my hair out (figuratively; at my age, it's a struggle
> just to keep what I have) trying to resolve this issue.  I've got 4 of them
> suckers and 3 are acting up.  Any help from the community would be greatly
> appreciated.
>
> --
> The New Busy is not the too busy. Combine all your e-mail accounts with
> Hotmail. Get 
> busy.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: how to clean (malware) from a rooted terminal server?

[Webster]

Can you get the ActiveX control and package it as an MSI file?  If so,
deploy it to the servers that way.  Hopefully these stupid, lazy people do
not update their crap often.

 

 

Webster

 

From: justino garcia [mailto:jgarciaitl...@gmail.com] 
Subject: Re: how to clean (malware) from a rooted terminal server?

 

I would like to have this website http://sar.fnismls.com/ for some printing
and exporting, they told me requires active X, thier support did not have
much of a clue what all was required, or how to use that website and still
keep the system locked.

On Thu, Apr 15, 2010 at 6:48 PM, Micheal Espinola Jr
 wrote:

You can temporarily escalate privs to install ActiveX components.  Does it
truly require admin always to run them for this particular app?

As a footnote: Someone may "require" you to do something; but that doesn't
mean you should, or have to do it.






On Thu, Apr 15, 2010 at 3:45 PM, justino garcia 
wrote:

ben scot this program (web app Requires active X and sysadmin I was told by
thier support team).  http://www.fnismls.com/products/paragon.htm

On Thu, Apr 15, 2010 at 6:29 PM, Ben Scott  wrote:

On Thu, Apr 15, 2010 at 6:14 PM, justino garcia 
wrote:
> Also how would I setup GPO policy or a policy were one website paragon
> should be the only website to run in administrator mode.

 You're surfing the web as a system privileged user?!?

 That's security suicide.  Don't do it.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

I would like to have this website http://sar.fnismls.com/ for some printing
and exporting, they told me requires active X, thier support did not have
much of a clue what all was required, or how to use that website and still
keep the system locked.

On Thu, Apr 15, 2010 at 6:48 PM, Micheal Espinola Jr <
michealespin...@gmail.com> wrote:

> You can temporarily escalate privs to install ActiveX components.  Does it
> truly require admin always to run them for this particular app?
>
> As a footnote: Someone may "require" you to do something; but that doesn't
> mean you should, or have to do it.
>
> --
> ME2
>
>
>
> On Thu, Apr 15, 2010 at 3:45 PM, justino garcia 
> wrote:
>
>> ben scot this program (web app Requires active X and sysadmin I was told
>> by thier support team).  http://www.fnismls.com/products/paragon.htm
>>
>>  On Thu, Apr 15, 2010 at 6:29 PM, Ben Scott  wrote:
>>
>>>  On Thu, Apr 15, 2010 at 6:14 PM, justino garcia <
>>> jgarciaitl...@gmail.com> wrote:
>>> > Also how would I setup GPO policy or a policy were one website paragon
>>> > should be the only website to run in administrator mode.
>>>
>>>   You're surfing the web as a system privileged user?!?
>>>
>>>  That's security suicide.  Don't do it.
>>>
>>> -- Ben
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>>
>> --
>> Justin
>> IT-TECH
>>
>>
>>
>>
>>
>>
>
>
>
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Micheal Espinola Jr]

I can read into this that you are well aware that you just did something
highly unethical.

--
ME2


On Thu, Apr 15, 2010 at 11:15 AM, John Aldrich  wrote:

>  One of my users is in the middle of a nasty divorce with his wife. He’s
> trying to install a keylogger on his company laptop so he can get access to
> her email (she uses his company-provided laptop at home) and prove she’s
> been cheating. Obviously Vipre doesn’t want to let him install it, but I
> overrode Vipre and told it to unquarantine it. My question is, did I do the
> right thing or should I make him uninstall it?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: how to clean (malware) from a rooted terminal server?

[Micheal Espinola Jr]

You can temporarily escalate privs to install ActiveX components.  Does it
truly require admin always to run them for this particular app?

As a footnote: Someone may "require" you to do something; but that doesn't
mean you should, or have to do it.

--
ME2


On Thu, Apr 15, 2010 at 3:45 PM, justino garcia wrote:

> ben scot this program (web app Requires active X and sysadmin I was told by
> thier support team).  http://www.fnismls.com/products/paragon.htm
>
>  On Thu, Apr 15, 2010 at 6:29 PM, Ben Scott  wrote:
>
>>  On Thu, Apr 15, 2010 at 6:14 PM, justino garcia 
>> wrote:
>> > Also how would I setup GPO policy or a policy were one website paragon
>> > should be the only website to run in administrator mode.
>>
>>   You're surfing the web as a system privileged user?!?
>>
>>  That's security suicide.  Don't do it.
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
> --
> Justin
> IT-TECH
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

ben scot this program (web app Requires active X and sysadmin I was told by
thier support team).  http://www.fnismls.com/products/paragon.htm

On Thu, Apr 15, 2010 at 6:29 PM, Ben Scott  wrote:

> On Thu, Apr 15, 2010 at 6:14 PM, justino garcia 
> wrote:
> > Also how would I setup GPO policy or a policy were one website paragon
> > should be the only website to run in administrator mode.
>
>   You're surfing the web as a system privileged user?!?
>
>  That's security suicide.  Don't do it.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>



-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

Webster, I just called the vendor (paragon MLS), and they told me that thier
website (requires activeX) and thus requries a bunch of  active X
controllers to be isntalled, and updated. So the machine needs admin access
for i.e. to do this, I asked if any whitepapers on what needs to be added to
a whitelist, but he say they don't have one. SO I not sure what would you
suggest to allow them to fully use that websitem, but still lock down
Internet exlporer. http://www.fnismls.com/products/paragon.htm is the
company.

On Thu, Apr 15, 2010 at 6:28 PM, Webster  wrote:

>  For Terminal Servers or Citrix servers, websites don’t run as admins,
> users run as admins.  Actually, users should, in theory, NEVER run as an
> admin on these types of servers.  I wrote an article on how to do a basic
> Terminal Server/Citrix Server lockdown group policy.  You can find it at
> http://www.dabcc.com/Webster .  Every environment is different but my
> article should give you a good starting off point to either create a GPO or
> to compare your current GPO against.
>
>
>
>
>
> Webster
>
>
>
> *From:* justino garcia [mailto:jgarciaitl...@gmail.com]
> *Subject:* Re: how to clean (malware) from a rooted terminal server?
>
>
>
> OH now they want proof before rebulding that it has malware (more over a
> rootkit), so that if it does then we do rebulid.
>
>
>
> Also how would I setup GPO policy or a policy were one website paragon
> should be the only website to run in administrator mode.
>
> On Thu, Apr 15, 2010 at 5:58 PM, justino garcia 
> wrote:
>
> Thanks people, I hope this suggestion are heard, issue is they have avast
> until feb 2012, but let see.
>
> Also can I have my policy master server For viper (which I have customer
> on, but with enterprise 4.0), also have both a mix of enterprise 4.0
> and premium 4.0???
>
> On Thu, Apr 15, 2010 at 5:51 PM, Sherry Abercrombie 
> wrote:
>
> And then lock it down tighter.  A user had to have downloaded something
> that caused this.  We do not allow that on our Citrix servers.
>
> On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott  wrote:
>
>  On Thu, Apr 15, 2010 at 5:39 PM, justino garcia 
> wrote:
>
> > how to clean a rooted terminal server?
>
>  Boot from trusted media, copy off anything you want to save.  Then
>
> erase all hard disks, and reinstall the operating system and all
> software from scratch.
>
>  Once an attacker has gained system privilege on your computer, it's
> not your computer anymore.
>
>
>
>
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: please don't change your password!

[Crawford, Scott]

Jesper Johansson talks about the difficulty in cracking pass phrases in
part 2 of 3 of this series

 

The Great Debates: Pass Phrases vs. Passwords.

http://technet.microsoft.com/en-us/library/cc512613.aspx

 

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, April 15, 2010 4:49 PM
To: NT System Admin Issues
Subject: RE: please don't change your password!

 

Fortunately I have more than 60 days for each password (errr, passphrase
Sherry!). What gets screwy is when I hop from network to network since I
don't use the same ones everywhere. My first long passwords were "This
password is hard to guess" then changed to "This password is harder to
guess", "This password is even harder to guess", LOL.

 

I heard somewhere that dictionary attacks can figure out phrases, anyone
able to shed any light on that? I do substitute letters with
numbers/symbols on occasion but not everywhere.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

From: Brian Clark [mailto:brianclark2...@googlemail.com] 
Sent: Thursday, April 15, 2010 2:09 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

 

Funny ones at that! Question is how often do you have to re enter them,
as your tying is so good! ;)



 

On 15 April 2010 22:03, Sherry Abercrombie  wrote:

Actually, those are considered pass-phrases I do believe. ;) 

 

On Thu, Apr 15, 2010 at 3:57 PM, David Lum  wrote:

I am very good at long "passwords", and so is anyone that can type using
correct punctuation. The biggest hindrance to long password use are
systems that limit the length of the password.

 

Examples of complex long passwords include:

 

I would like a beer from the refrigerator. Now.

Why don't you close the door ALL the way?

You're not wearing that outside, are you?

The person watching me can't believe how long this password is.

 

And when it's time to change the long password:

 

I would REALLY like a beer from the refrigerator. Now!

Why don't you close the door ALL the way next time?

You're not wearing that outside, are you? Seriously?

The person watching me really can't believe how long this password is.

 

Etc...

 

I love how big people eyes get when they see my tying in my 27 character
Windows password, I HATE the systems that limit me to 15 or less.

 

Dave

 

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Thursday, April 15, 2010 1:45 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

 

Sounds like someone trying to generate reader interest and FUD.  A quick
search seems he likes controversial subjects/items.  Since passwords are
the defacto standard for most Internet sites for protection of
customers.  I see no reason for someone to keep the same password for
ever.  Unless you are good at generating very long complex passwords.

 

Jon

On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark
 wrote:

After a long week doing a SBS migration I didn't know how to take this
article and needed to share it!! 

 

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_no
t_change_your_password/?page=1

 

 

Brian 

 

 

 

 

 

 

 





-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[Ben Scott]

On Thu, Apr 15, 2010 at 6:14 PM, justino garcia  wrote:
> Also how would I setup GPO policy or a policy were one website paragon
> should be the only website to run in administrator mode.

  You're surfing the web as a system privileged user?!?

  That's security suicide.  Don't do it.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: how to clean (malware) from a rooted terminal server?

[Webster]

For Terminal Servers or Citrix servers, websites don't run as admins, users
run as admins.  Actually, users should, in theory, NEVER run as an admin on
these types of servers.  I wrote an article on how to do a basic Terminal
Server/Citrix Server lockdown group policy.  You can find it at
http://www.dabcc.com/Webster .  Every environment is different but my
article should give you a good starting off point to either create a GPO or
to compare your current GPO against.

 

 

Webster

 

From: justino garcia [mailto:jgarciaitl...@gmail.com] 
Subject: Re: how to clean (malware) from a rooted terminal server?

 

OH now they want proof before rebulding that it has malware (more over a
rootkit), so that if it does then we do rebulid.

 

Also how would I setup GPO policy or a policy were one website paragon
should be the only website to run in administrator mode.

On Thu, Apr 15, 2010 at 5:58 PM, justino garcia 
wrote:

Thanks people, I hope this suggestion are heard, issue is they have avast
until feb 2012, but let see.

Also can I have my policy master server For viper (which I have customer on,
but with enterprise 4.0), also have both a mix of enterprise 4.0 and premium
4.0???

On Thu, Apr 15, 2010 at 5:51 PM, Sherry Abercrombie 
wrote:

And then lock it down tighter.  A user had to have downloaded something that
caused this.  We do not allow that on our Citrix servers.  

On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott  wrote:

On Thu, Apr 15, 2010 at 5:39 PM, justino garcia 
wrote:

> how to clean a rooted terminal server?

 Boot from trusted media, copy off anything you want to save.  Then
erase all hard disks, and reinstall the operating system and all
software from scratch.

 Once an attacker has gained system privilege on your computer, it's
not your computer anymore.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

OH now they want proof before rebulding that it has malware (more over a
rootkit), so that if it does then we do rebulid.

Also how would I setup GPO policy or a policy were one website paragon
should be the only website to run in administrator mode.

On Thu, Apr 15, 2010 at 5:58 PM, justino garcia wrote:

> Thanks people, I hope this suggestion are heard, issue is they have avast
> until feb 2012, but let see.
> Also can I have my policy master server For viper (which I have customer
> on, but with enterprise 4.0), also have both a mix of enterprise 4.0
> and premium 4.0???
>
> On Thu, Apr 15, 2010 at 5:51 PM, Sherry Abercrombie wrote:
>
>> And then lock it down tighter.  A user had to have downloaded something
>> that caused this.  We do not allow that on our Citrix servers.
>>
>> On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott  wrote:
>>
>>> On Thu, Apr 15, 2010 at 5:39 PM, justino garcia 
>>> wrote:
>>>  > how to clean a rooted terminal server?
>>>
>>>   Boot from trusted media, copy off anything you want to save.  Then
>>> erase all hard disks, and reinstall the operating system and all
>>> software from scratch.
>>>
>>>  Once an attacker has gained system privilege on your computer, it's
>>> not your computer anymore.
>>>
>>> -- Ben
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>>
>> --
>> Sherry Abercrombie
>>
>> "Any sufficiently advanced technology is indistinguishable from magic."
>> Arthur C. Clarke
>>
>>
>>
>>
>>
>>
>
>
> --
> Justin
> IT-TECH
>
>
>
>
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: please don't change your password!

[David Lum]

Thanks for the credit John!

From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Thursday, April 15, 2010 1:50 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

Although this research isn't the first to suggest it...
Courtesy of David Lum 11/2/09

http://isc.sans.org/diary.html?storyid=7510

Thoughts, comments? Oh and do read the comments.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




On Thu, Apr 15, 2010 at 4:44 PM, Jon Harris 
mailto:jk.har...@gmail.com>> wrote:
Sounds like someone trying to generate reader interest and FUD.  A quick search 
seems he likes controversial subjects/items.  Since passwords are the defacto 
standard for most Internet sites for protection of customers.  I see no reason 
for someone to keep the same password for ever.  Unless you are good at 
generating very long complex passwords.

Jon
On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark 
mailto:brianclark2...@googlemail.com>> wrote:
After a long week doing a SBS migration I didn't know how to take this article 
and needed to share it!!

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1


Brian















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Helpdesk software

[David L Herrick]

+1 for Trackit

 

From: Jay Dale [mailto:jay.d...@3-gig.com] 
Sent: Thursday, April 15, 2010 12:23 PM
To: NT System Admin Issues
Subject: Helpdesk software

 

Hey all,

 

I'm looking for some kind of helpdesk software we can utilize not only
for our internal ticket tracking and submittal, but also for customers
of ours to submit via email or a link on our KB site.  I've noticed a
couple like ManageEngine, Numara Track-IT, and InverseFlow. 

 

Has anyone had experience with these, and would recommend them?  Or
would recommend something similar to what we require?

 

Thanks,

 

Jay

 

Jay Dale

I.T. Manager, 3GiG

Mobile: 713.299.2541

Email: jay.d...@3-gig.com   

 

Confidentiality Notice: This e-mail, including any attached files, may
contain confidential and/or privileged information for the sole use of
the intended recipient. If you are not the intended recipient, you are
hereby notified that any review, dissemination or copying of this e-mail
and attachments, if any, or the information contained herein, is
strictly prohibited. If you are not the intended recipient (or
authorized to receive information for the intended recipient), please
contact the sender by reply e-mail and delete all copies of this
message.

 

 

 

 



This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you 
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of Names in the News. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company 
cannot accept responsibility for any loss or damage that arise from the 
use of this email or attachments. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[justino garcia]

Thanks people, I hope this suggestion are heard, issue is they have avast
until feb 2012, but let see.
Also can I have my policy master server For viper (which I have customer on,
but with enterprise 4.0), also have both a mix of enterprise 4.0
and premium 4.0???

On Thu, Apr 15, 2010 at 5:51 PM, Sherry Abercrombie wrote:

> And then lock it down tighter.  A user had to have downloaded something
> that caused this.  We do not allow that on our Citrix servers.
>
> On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott  wrote:
>
>> On Thu, Apr 15, 2010 at 5:39 PM, justino garcia 
>> wrote:
>> > how to clean a rooted terminal server?
>>
>>   Boot from trusted media, copy off anything you want to save.  Then
>> erase all hard disks, and reinstall the operating system and all
>> software from scratch.
>>
>>  Once an attacker has gained system privilege on your computer, it's
>> not your computer anymore.
>>
>> -- Ben
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>


-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[Sherry Abercrombie]

And then lock it down tighter.  A user had to have downloaded something that
caused this.  We do not allow that on our Citrix servers.

On Thu, Apr 15, 2010 at 4:47 PM, Ben Scott  wrote:

> On Thu, Apr 15, 2010 at 5:39 PM, justino garcia 
> wrote:
> > how to clean a rooted terminal server?
>
>   Boot from trusted media, copy off anything you want to save.  Then
> erase all hard disks, and reinstall the operating system and all
> software from scratch.
>
>  Once an attacker has gained system privilege on your computer, it's
> not your computer anymore.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>



-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: please don't change your password!

[David Lum]

Fortunately I have more than 60 days for each password (errr, passphrase 
Sherry!). What gets screwy is when I hop from network to network since I don't 
use the same ones everywhere. My first long passwords were "This password is 
hard to guess" then changed to "This password is harder to guess", "This 
password is even harder to guess", LOL.

I heard somewhere that dictionary attacks can figure out phrases, anyone able 
to shed any light on that? I do substitute letters with numbers/symbols on 
occasion but not everywhere.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Brian Clark [mailto:brianclark2...@googlemail.com]
Sent: Thursday, April 15, 2010 2:09 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

Funny ones at that! Question is how often do you have to re enter them, as your 
tying is so good! ;)



On 15 April 2010 22:03, Sherry Abercrombie 
mailto:saber...@gmail.com>> wrote:
Actually, those are considered pass-phrases I do believe. ;)

On Thu, Apr 15, 2010 at 3:57 PM, David Lum 
mailto:david@nwea.org>> wrote:
I am very good at long "passwords", and so is anyone that can type using 
correct punctuation. The biggest hindrance to long password use are systems 
that limit the length of the password.

Examples of complex long passwords include:

I would like a beer from the refrigerator. Now.
Why don't you close the door ALL the way?
You're not wearing that outside, are you?
The person watching me can't believe how long this password is.

And when it's time to change the long password:

I would REALLY like a beer from the refrigerator. Now!
Why don't you close the door ALL the way next time?
You're not wearing that outside, are you? Seriously?
The person watching me really can't believe how long this password is.

Etc...

I love how big people eyes get when they see my tying in my 27 character 
Windows password, I HATE the systems that limit me to 15 or less.

Dave


From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Thursday, April 15, 2010 1:45 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

Sounds like someone trying to generate reader interest and FUD.  A quick search 
seems he likes controversial subjects/items.  Since passwords are the defacto 
standard for most Internet sites for protection of customers.  I see no reason 
for someone to keep the same password for ever.  Unless you are good at 
generating very long complex passwords.

Jon
On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark 
mailto:brianclark2...@googlemail.com>> wrote:
After a long week doing a SBS migration I didn't know how to take this article 
and needed to share it!!

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1


Brian















--
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: how to clean (malware) from a rooted terminal server?

[Ben Scott]

On Thu, Apr 15, 2010 at 5:39 PM, justino garcia  wrote:
> how to clean a rooted terminal server?

  Boot from trusted media, copy off anything you want to save.  Then
erase all hard disks, and reinstall the operating system and all
software from scratch.

  Once an attacker has gained system privilege on your computer, it's
not your computer anymore.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Helpdesk software

[Roger Wright]

Not sure what your budget is, but Web+Center from
www.inet-sciences.com has a very cost-effect solution.


Die dulci fruere!

Roger Wright
___




On Thu, Apr 15, 2010 at 3:23 PM, Jay Dale  wrote:
> Hey all,
>
>
>
> I’m looking for some kind of helpdesk software we can utilize not only for
> our internal ticket tracking and submittal, but also for customers of ours
> to submit via email or a link on our KB site.  I’ve noticed a couple like
> ManageEngine, Numara Track-IT, and InverseFlow.
>
>
>
> Has anyone had experience with these, and would recommend them?  Or would
> recommend something similar to what we require?
>
>
>
> Thanks,
>
>
>
> Jay
>
>
>
> Jay Dale
>
> I.T. Manager, 3GiG
>
> Mobile: 713.299.2541
>
> Email: jay.d...@3-gig.com
>
>
>
> Confidentiality Notice: This e-mail, including any attached files, may
> contain confidential and/or privileged information for the sole use of the
> intended recipient. If you are not the intended recipient, you are hereby
> notified that any review, dissemination or copying of this e-mail and
> attachments, if any, or the information contained herein, is strictly
> prohibited. If you are not the intended recipient (or authorized to receive
> information for the intended recipient), please contact the sender by reply
> e-mail and delete all copies of this message.
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: label printer

[Ben Scott]

On Thu, Apr 15, 2010 at 3:24 PM, paul d  wrote:
> We entered into a contract to have all our non-label printers to be leased
> from a company (we used to just buy them) and have been replacing the
> current printers with these new printers.  That, of course, means changing
> the drivers on the print server.

  I'd start looking there, then.  You changed printer drivers, and now
you have some new printer problems.  I doubt that's coincidence.

  I've seen all manner of weird problems come about due to printer
drivers.  A buggy printer driver can affect other printers using other
drivers on the same computer.  (HP's drivers started doing this to us.
 It's one of the main reasons we're not buying HP printers anymore.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

how to clean (malware) from a rooted terminal server?

[justino garcia]

how to clean a rooted terminal server?
I have a what I belive a terminal server that been rooted, (or has malware),
Avast for terminal server is installed with lastest DEF, but it seems not to
be effective at cleaning it all. I used malwarebytes, and spybot, and it
seem they keep comming every other week. (this server is shared with about
25 users, it a terminal server, that user connect via thin clients, or from
home via remote desktop.)


Any suggestion how to removal malware, on a terminal server, or should I
just (backup data) and restore ?
-- 
Justin
IT-TECH

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Ben Scott]

On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark
 wrote:
> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!

  Long winded.  Slightly sensationalist.  For all he beaks about
security people not having hard data to back up their advice, he
doesn't present hard data to back up his advice.

  That said, there are some good points to make:

  Cost/benefit (ROI) is the end-all, be-all of everything.  First,
last, and always.  Everything has a cost.  The Laws of Thermodynamics
tell us this, and you cannot escape it.  Ever.  If your planning
doesn't take cost/benefit into account, you're going to loose.

  More specifically: "There's no such thing as security; only managed
risk."  Security measures should be intended to counter specific
threats.  The reduction in risk should justify the cost.

  More specifically still: Some of the rules I've seen about how often
one should change one's password are ridiculous.  Every 90 or 30 days?
 Seriously?  I would much rather someone craft a strong password and
change it less often, than resort to writing them down or choosing
weak or systematic passwords because they are forced to change them so
often.  If you really are *that* scared of password cracking, you
shouldn't be using passwords at all.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Any insight for me?

[Kurt Buff]

Yeah. Seems like a reasonable thing.

Get the domain, park it, use it for some specific project if needed.

Thanks all - that was illuminating.

Kurt

On Thu, Apr 15, 2010 at 12:54, James Kerr  wrote:
> I would buy it, park it at godaddy and forward it to our main site. I wish I
> could buy the .com version of our main domain of which we own .org and .net,
> that would be cool but they want $2800 for it, so screw that, we dont need
> it that bad. We are a .org anyway.
>
> - Original Message -
> From: Sean Martin
> To: NT System Admin Issues
> Sent: Thursday, April 15, 2010 3:40 PM
> Subject: Re: Any insight for me?
> That's a good point. We own most of the iterations of our primary domain
> (.com, .net, .coop, .org, .biz, etc.) for that very reason. We just redirect
> them to our primary site.
>
> - Sean
> On Thu, Apr 15, 2010 at 11:24 AM, Steven M. Caesare 
> wrote:
>>
>> +1.
>>
>>
>>
>> I’ll also say $800 is pretty cheap for a domain resale. I sold one I had
>> registered for a small biz for significantly more than that. For $800 I
>> suspect it would be worth it just to keep from potentially polluting your
>> public name on on the interweb.
>>
>>
>>
>> -sc
>>
>>
>>
>> From: Blackman, Woody [mailto:wblack...@occ.cccd.edu]
>> Sent: Thursday, April 15, 2010 3:15 PM
>> To: NT System Admin Issues
>> Subject: RE: Any insight for me?
>>
>>
>>
>> I agree with Sean, unless you have a driving need it is just an extra
>> complication.  However, I think having the .NET domain is useful to
>> differentiate Intra/Extranet services (portals/partners).  Low cost with
>> high value for providing process design clarity.
>>
>>
>>
>> From: Sean Martin [mailto:seanmarti...@gmail.com]
>> Sent: Thursday, April 15, 2010 12:06 PM
>> To: NT System Admin Issues
>> Subject: Re: Any insight for me?
>>
>>
>>
>> There's no need for a public domain name internally. If you're going to go
>> through the trouble of changing it (which I have no personal experience
>> with) just use something like .local.
>>
>>
>>
>> It sounds like the availability of the public domain name is your driving
>> force behind this idea. If you're not experiencing any issues with your
>> current configuration, and it's not preventing you from any future changes,
>> I'd say leave it alone.
>>
>>
>>
>> We operate a split dns environment and it works just fine.
>>
>>
>>
>> YMMV
>>
>>
>>
>> - Sean
>>
>> On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:
>>
>> All,
>>
>> I have an interesting situation that has presented a need for a decision:
>>
>> I work for a medium sized company of around 250 people in three
>> countries - US HQ, and much smaller offices in England and Australia.
>>
>> We have the .com domain for our company, but since joining the firm
>> some years ago another company had the .net domain.
>>
>> I recently checked, and found that the .net domain is for sale - at
>> nearly $800.00. That's pretty steep, but I'm considering recommending
>> that we get it.
>>
>> We currently use our .com domain both internally and externally, with
>> a split brain DNS, but I wouldn't mind at all using the .net domain
>> internally.
>>
>> I believe that to fully implement the .net domain internally would
>> require a domain rename, and we do use Exchange 2003, with a DC and an
>> Exchange server in each office (2 DCs in the US office, one
>> virtualized.)
>>
>> So, what are your thoughts on this? How much pain would be involved in
>> making such a transition, and do you think it would be worth the
>> effort? What (aside from not needing a split-brain DNS) would be the
>> benefits, if any?
>>
>> Thanks,
>>
>> Kurt
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: label printer

[Micheal Espinola Jr]

Sounds very much like a driver issue.

--
ME2


On Thu, Apr 15, 2010 at 12:24 PM, paul d  wrote:

>  I've got a problem for you printer guru's out there.
> Here's the setup:
>
> Windows 2003 print server
> 3 flavors of Datamax label printers
>
> Here's an example of how the printer works in our environment:
>  ER doc orders a Lab test.  Order is entered into the system and a label
> prints out in Lab.
>
> This has been going on for years (10+) and with very few problems.
> However, recently the label printer will print a label and go into Pause
> mode.  Or, it will just print garbage or do a hex dump.  These all usually
> happen when a label is supposed to print.  Recently we've started
> experiencing the same situation with the label printers in Radiology.
>
> We entered into a contract to have all our non-label printers to be leased
> from a company (we used to just buy them) and have been replacing the
> current printers with these new printers.  That, of course, means changing
> the drivers on the print server.
>
> I have been tearing my hair out (figuratively; at my age, it's a struggle
> just to keep what I have) trying to resolve this issue.  I've got 4 of them
> suckers and 3 are acting up.  Any help from the community would be greatly
> appreciated.
>
> --
> The New Busy is not the too busy. Combine all your e-mail accounts with
> Hotmail. Get 
> busy.
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: please don't change your password!

[Blackman, Woody]

This is all based on a 2007 study of website access accounts (see 
link).

Below is part of the response I sent my CIO when he forwarded it to me earlier 
today...

The person who conducted the study is quoted as saying..." Start with 
bullet-proof passwords, he said, even if your employer requires you to 
periodically reinvent them or use too many. "


From: Brian Clark [mailto:brianclark2...@googlemail.com]
Sent: Thursday, April 15, 2010 1:38 PM
To: NT System Admin Issues
Subject: please don't change your password!

After a long week doing a SBS migration I didn't know how to take this article 
and needed to share it!!

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1


Brian





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Brian Clark]

Funny ones at that! Question is how often do you have to re enter them, as
your tying is so good! ;)



On 15 April 2010 22:03, Sherry Abercrombie  wrote:

> Actually, those are considered pass-phrases I do believe. ;)
>
>
> On Thu, Apr 15, 2010 at 3:57 PM, David Lum  wrote:
>
>>  I am very good at long “passwords”, and so is anyone that can type using
>> correct punctuation. The biggest hindrance to long password use are systems
>> that limit the length of the password.
>>
>>
>>
>> Examples of complex long passwords include:
>>
>>
>>
>> I would like a beer from the refrigerator. Now.
>>
>> Why don’t you close the door ALL the way?
>>
>> You’re not wearing that outside, are you?
>>
>> The person watching me can’t believe how long this password is.
>>
>>
>>
>> And when it’s time to change the long password:
>>
>>
>>
>> I would REALLY like a beer from the refrigerator. Now!
>>
>> Why don’t you close the door ALL the way next time?
>>
>> You’re not wearing that outside, are you? Seriously?
>>
>> The person watching me really can’t believe how long this password is.
>>
>>
>>
>> Etc…
>>
>>
>>
>> I love how big people eyes get when they see my tying in my 27 character
>> Windows password, I HATE the systems that limit me to 15 or less.
>>
>>
>>
>> Dave
>>
>>
>>
>>
>>
>> *From:* Jon Harris [mailto:jk.har...@gmail.com]
>> *Sent:* Thursday, April 15, 2010 1:45 PM
>> *To:* NT System Admin Issues
>> *Subject:* Re: please don't change your password!
>>
>>
>>
>> Sounds like someone trying to generate reader interest and FUD.  A quick
>> search seems he likes controversial subjects/items.  Since passwords are the
>> defacto standard for most Internet sites for protection of customers.  I see
>> no reason for someone to keep the same password for ever.  Unless you are
>> good at generating very long complex passwords.
>>
>>
>>
>> Jon
>>
>> On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark <
>> brianclark2...@googlemail.com> wrote:
>>
>> After a long week doing a SBS migration I didn't know how to take this
>> article and needed to share it!!
>>
>>
>>
>>
>> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>>
>>
>>
>>
>>
>> Brian
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: label printer

[paul d]

No. Perforated labels.

From: s_kistenmac...@hotmail.com
To: ntsysadmin@lyris.sunbelt-software.com
Subject: RE: label printer
Date: Thu, 15 Apr 2010 15:45:00 -0400



















Do these have “cutters” back in the day when the
cutters would get gummed up, the printers would do some bizarre things. 

 





From: paul d
[mailto:pdw1...@hotmail.com] 

Sent: Thursday, April 15, 2010 3:25 PM

To: NT System Admin Issues

Subject: label printer





 

I've got a problem for you printer guru's
out there.  

Here's the setup:

 

Windows 2003 print server

3 flavors of Datamax label printers



Here's an example of how the printer works in our environment:

 ER doc orders a Lab test.  Order is entered into the system and a
label prints out in Lab.  



This has been going on for years (10+) and with very few problems. 
However, recently the label printer will print a label and go into Pause mode. 
Or, it will just print garbage or do a hex dump.  These all usually happen
when a label is supposed to print.  Recently we've started experiencing
the same situation with the label printers in Radiology.



We entered into a contract to have all our non-label printers to be leased from
a company (we used to just buy them) and have been replacing the current
printers with these new printers.  That, of course, means changing the
drivers on the print server.



I have been tearing my hair out (figuratively; at my age, it's a struggle just
to keep what I have) trying to resolve this issue.  I've got 4 of them
suckers and 3 are acting up.  Any help from the community would be greatly
appreciated.







The
New Busy is not the too busy. Combine all your e-mail accounts with Hotmail. 
Get busy. 

 

 


 



 

  
_
Hotmail has tools for the New Busy. Search, chat and e-mail from your inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_1
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Sherry Abercrombie]

Actually, those are considered pass-phrases I do believe. ;)

On Thu, Apr 15, 2010 at 3:57 PM, David Lum  wrote:

>  I am very good at long “passwords”, and so is anyone that can type using
> correct punctuation. The biggest hindrance to long password use are systems
> that limit the length of the password.
>
>
>
> Examples of complex long passwords include:
>
>
>
> I would like a beer from the refrigerator. Now.
>
> Why don’t you close the door ALL the way?
>
> You’re not wearing that outside, are you?
>
> The person watching me can’t believe how long this password is.
>
>
>
> And when it’s time to change the long password:
>
>
>
> I would REALLY like a beer from the refrigerator. Now!
>
> Why don’t you close the door ALL the way next time?
>
> You’re not wearing that outside, are you? Seriously?
>
> The person watching me really can’t believe how long this password is.
>
>
>
> Etc…
>
>
>
> I love how big people eyes get when they see my tying in my 27 character
> Windows password, I HATE the systems that limit me to 15 or less.
>
>
>
> Dave
>
>
>
>
>
> *From:* Jon Harris [mailto:jk.har...@gmail.com]
> *Sent:* Thursday, April 15, 2010 1:45 PM
> *To:* NT System Admin Issues
> *Subject:* Re: please don't change your password!
>
>
>
> Sounds like someone trying to generate reader interest and FUD.  A quick
> search seems he likes controversial subjects/items.  Since passwords are the
> defacto standard for most Internet sites for protection of customers.  I see
> no reason for someone to keep the same password for ever.  Unless you are
> good at generating very long complex passwords.
>
>
>
> Jon
>
> On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark <
> brianclark2...@googlemail.com> wrote:
>
> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!
>
>
>
>
> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>
>
>
>
>
> Brian
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: please don't change your password!

[David Lum]

I am very good at long "passwords", and so is anyone that can type using 
correct punctuation. The biggest hindrance to long password use are systems 
that limit the length of the password.

Examples of complex long passwords include:

I would like a beer from the refrigerator. Now.
Why don't you close the door ALL the way?
You're not wearing that outside, are you?
The person watching me can't believe how long this password is.

And when it's time to change the long password:

I would REALLY like a beer from the refrigerator. Now!
Why don't you close the door ALL the way next time?
You're not wearing that outside, are you? Seriously?
The person watching me really can't believe how long this password is.

Etc...

I love how big people eyes get when they see my tying in my 27 character 
Windows password, I HATE the systems that limit me to 15 or less.

Dave


From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Thursday, April 15, 2010 1:45 PM
To: NT System Admin Issues
Subject: Re: please don't change your password!

Sounds like someone trying to generate reader interest and FUD.  A quick search 
seems he likes controversial subjects/items.  Since passwords are the defacto 
standard for most Internet sites for protection of customers.  I see no reason 
for someone to keep the same password for ever.  Unless you are good at 
generating very long complex passwords.

Jon
On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark 
mailto:brianclark2...@googlemail.com>> wrote:
After a long week doing a SBS migration I didn't know how to take this article 
and needed to share it!!

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1


Brian










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Micheal Espinola Jr]

Please don't stop the music!

--
ME2


On Thu, Apr 15, 2010 at 1:37 PM, Brian Clark
wrote:

> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!
>
>
> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>
>
> Brian
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Broken VM...

[Cameron]

Can you connect with the console  and check the status of the VM? . I've created XP
boxes from scratch and have had no issues doing so. If it is VMWare then
their forums are pretty good.

On Thu, Apr 15, 2010 at 3:42 PM, Steven M. Caesare wrote:

>  And firewall?
>
>
>
> I’ve seen them “revert” to setting on occasion… I’ve always suspected it to
> be tied to a hotfix/update install, but it’s happen infrequently enough that
> I’ve never delved in to it?
>
>
>
> -sc
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Thursday, April 15, 2010 3:41 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Broken VM...
>
>
>
> What does the eventlog say?
>
>
>
> Also, I expect that this is some sort of VMWare host?
>
>
> -ASB: http://XeeSM.com/AndrewBaker 
>
>  On Thu, Apr 15, 2010 at 3:28 PM,  wrote:
>
>
> ...will not accept remote connection requests.  The dialog box just sort-of
> sits on the user's screen for about a minute before clunking out with a
> "This computer cannot connect to the remote computer" message.
>
> The VM is XP Professional, SP3.  It was built by doing a P2V from a new
> Dell, and all had been working well until about a month ago.  We had this
> same issue then.  I got it working by setting it back a week in System
> Restore.
>
> It's broken again, and a reboot, a file system check, and 3 system restore
> attempts cannot get it back up.
>
> Unfortunately, making a new XP VM is not an option (without finding an
> available machine wiping it, and doing another P2V anyway).  I have simply
> never gotten any of the tricks you folks suggested way back in January to
> get the XP setup to recognize the virtual disk.  (I guess we could set
> everything up on Win2003 Server...?)
>
> Any ideas as to how to fix remote connections on any machine, especially a
> VM?
>
> Thanks...
> --
> Richard D. McClary
> Systems Administrator, Information Technology Group
> *ASPCA®*
> 1717 S. Philo Rd, Ste 36
> Urbana, IL  61802
>
> richardmccl...@aspca.org
>
> P: 217-337-9761
> C: 217-417-1182
> F: 217-337-9761
> www.aspca.org
>
>
> The information contained in this e-mail, and any attachments hereto, is
> from The American Society for the Prevention of Cruelty to Animals® (ASPCA
> ®) and is intended only for use by the addressee(s) named herein and may
> contain legally privileged and/or confidential information. If you are not
> the intended recipient of this e-mail, you are hereby notified that any
> dissemination, distribution, copying or use of the contents of this e-mail,
> and any attachments hereto, is strictly prohibited. If you have received
> this e-mail in error, please immediately notify me by reply email and
> permanently delete the original and any copy of this e-mail and any printout
> thereof.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Jonathan Link]

Although this research isn't the first to suggest it...
Courtesy of David Lum 11/2/09

http://isc.sans.org/diary.html?storyid=7510

Thoughts, comments? Oh and do read the comments.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764




On Thu, Apr 15, 2010 at 4:44 PM, Jon Harris  wrote:

> Sounds like someone trying to generate reader interest and FUD.  A quick
> search seems he likes controversial subjects/items.  Since passwords are the
> defacto standard for most Internet sites for protection of customers.  I see
> no reason for someone to keep the same password for ever.  Unless you are
> good at generating very long complex passwords.
>
> Jon
>
>   On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark <
> brianclark2...@googlemail.com> wrote:
>
>> After a long week doing a SBS migration I didn't know how to take this
>> article and needed to share it!!
>>
>>
>> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>>
>>
>> Brian
>>
>>
>>
>>
>>
>>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: please don't change your password!

[Jon Harris]

Sounds like someone trying to generate reader interest and FUD.  A quick
search seems he likes controversial subjects/items.  Since passwords are the
defacto standard for most Internet sites for protection of customers.  I see
no reason for someone to keep the same password for ever.  Unless you are
good at generating very long complex passwords.

Jon

On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark
wrote:

> After a long week doing a SBS migration I didn't know how to take this
> article and needed to share it!!
>
>
> http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1
>
>
> Brian
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

please don't change your password!

[Brian Clark]

After a long week doing a SBS migration I didn't know how to take this
article and needed to share it!!

http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_not_change_your_password/?page=1


Brian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Document scanning

[Sherry Abercrombie]

Could be copier hardware certainly.  Good idea on testing with Vipre on just
one of the affected machines.  Not saying that Vipre is the cause, just the
fact that you believed the issue started at about the same time of Vipre
implementation means Vipre needs to be looked at as a possible cause.
Always better to approach a problem like this from more than one angle.

On Thu, Apr 15, 2010 at 3:24 PM, John Aldrich
wrote:

>  Yeah… what was happening was a **part** of the PDF would be there in the
> directory, but the rest would never show up, so you’d have to power-cycle
> the MFP and re-scan, at which time it would normally go through. I’ve never
> seen it lock up twice in a row after rebooting, so that, along with the fact
> that it’s not **every** time you scan, would make me think copier
> hardware, but who knows? J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Sherry Abercrombie [mailto:saber...@gmail.com]
> *Sent:* Thursday, April 15, 2010 4:09 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Document scanning
>
>
>
> Definitely could be causing an issue.  It could be "holding" the file while
> it's being scanned and the printer/scanner cannot complete the file transfer
> in a timely manner.  I've seen the on access scan by Vipre effectively lock
> up a machine for a couple of minutes, even on stuff in Admin Known Good.  I
> would put this print server into a different policy group in Vipre and make
> those changes on that policy group only, that way it doesn't affect other
> machines.  Then see what happens.
>
> FWIW, I do not have those checked on servers, AP is enabled but those
> options are not checked.  I do however have those checked on workstations.
>
> On Thu, Apr 15, 2010 at 3:00 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> Yes. Both are checked. Think that’s the problem? As I say, it’s not **
> every** time a scan is done, but about every 10-15 scans.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Sherry Abercrombie [mailto:saber...@gmail.com]
> *Sent:* Thursday, April 15, 2010 3:45 PM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* Re: Document scanning
>
>
>
> Is the "Check files (or all files) when they are opened or changed" checked
> under active protection?
>
> On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> We have two Kyocera MFP machines that, obviously, scan/print and copy. When
> they scan, they default to scanning to a PDF and putting that PDF onto a
> public share on our servers. Recently, the two MFP machines have started
> locking up when scanning. Not every time, but something like every 10 or 15
> scans it’ll lock up such that we have to power-cycle it.
>
> As best I can recall, it started **after** we installed Vipre on the
> server. I seriously doubt that it’s a Vipre issue, but I’m trying to work
> both ends of this by asking here while the copier folks are working on the
> machines. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[John Aldrich]

Yeah. what was happening was a *part* of the PDF would be there in the
directory, but the rest would never show up, so you'd have to power-cycle
the MFP and re-scan, at which time it would normally go through. I've never
seen it lock up twice in a row after rebooting, so that, along with the fact
that it's not *every* time you scan, would make me think copier hardware,
but who knows? J

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 4:09 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Definitely could be causing an issue.  It could be "holding" the file while
it's being scanned and the printer/scanner cannot complete the file transfer
in a timely manner.  I've seen the on access scan by Vipre effectively lock
up a machine for a couple of minutes, even on stuff in Admin Known Good.  I
would put this print server into a different policy group in Vipre and make
those changes on that policy group only, that way it doesn't affect other
machines.  Then see what happens.  

FWIW, I do not have those checked on servers, AP is enabled but those
options are not checked.  I do however have those checked on workstations.  

On Thu, Apr 15, 2010 at 3:00 PM, John Aldrich 
wrote:

Yes. Both are checked. Think that's the problem? As I say, it's not *every*
time a scan is done, but about every 10-15 scans.

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM


To: NT System Admin Issues

Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich 
wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 






-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[John Aldrich]

Thanks. I did so, and since there are two machines locking up on scanning,
we can test to see whether the "fix" was Vipre related or something the tech
did. J

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 4:09 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Definitely could be causing an issue.  It could be "holding" the file while
it's being scanned and the printer/scanner cannot complete the file transfer
in a timely manner.  I've seen the on access scan by Vipre effectively lock
up a machine for a couple of minutes, even on stuff in Admin Known Good.  I
would put this print server into a different policy group in Vipre and make
those changes on that policy group only, that way it doesn't affect other
machines.  Then see what happens.  

FWIW, I do not have those checked on servers, AP is enabled but those
options are not checked.  I do however have those checked on workstations.  

On Thu, Apr 15, 2010 at 3:00 PM, John Aldrich 
wrote:

Yes. Both are checked. Think that's the problem? As I say, it's not *every*
time a scan is done, but about every 10-15 scans.

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM


To: NT System Admin Issues

Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich 
wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 






-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Ethics issue

[Kurt Buff]

On Thu, Apr 15, 2010 at 11:15, John Aldrich
 wrote:
>
> One of my users is in the middle of a nasty divorce with his wife. He’s 
> trying to install
> a keylogger on his company laptop so he can get access to her email (she uses 
> his
> company-provided laptop at home) and prove she’s been cheating. Obviously 
> Vipre
> doesn’t want to let him install it, but I overrode Vipre and told it to 
> unquarantine it. My
> question is, did I do the right thing or should I make him uninstall it?

You think it's OK for non-company employees use company equipment?

Perhaps you haven't considered the possibility of being called in
front of a jury to explain why what you didn't isn't facilitation of a
felony - wiretapping or some Federal hacking charge or other. The
aggrieved party would be the wife, and she might want to press a civil
claim as well. This is a bit unlikely, but not completely out of the
realm of possibility. Zealous prosecutors do exist.

Better talk with your company lawyer on this one.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Document scanning

[N Parr]

We scan literally thousands of files on various Canon IR copiers to
shares on a daily basis and have never had an issue.  But there's a lot
variables in this equation.  But from what I can tell the Canon's store
the scans locally and then write them out to the share all at once.  I
could see where there may be an issue if the file was getting written
and held open the entire time and Viper was also trying to scan.



From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Thursday, April 15, 2010 2:57 PM
To: NT System Admin Issues
Subject: RE: Document scanning


Boybusy week for you! :)
I would exclude the share from Vipre and see if the problem persists.
I assume you don't have a problem w/ making photocopies?  Only scanning?
We have a document imaging system here that I had to make exclusions
for.. Vipre was killing it.
$.02




From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 3:35 PM
To: NT System Admin Issues
Subject: Document scanning



We have two Kyocera MFP machines that, obviously, scan/print and copy.
When they scan, they default to scanning to a PDF and putting that PDF
onto a public share on our servers. Recently, the two MFP machines have
started locking up when scanning. Not every time, but something like
every 10 or 15 scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the
server. I seriously doubt that it's a Vipre issue, but I'm trying to
work both ends of this by asking here while the copier folks are working
on the machines. J

 

  

 

 

 


.


 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[John Aldrich]

We have *some* HP machines, but mostly a Dell shop. There were a few things
that Vipre "caught" that were not actual malware, but as they were
non-critical, "came with the machine" apps (previous IT Manager bought
Walmart Specials and never imaged 'em with a default O/S) I didn't bother
releasing them from Quarantine.

 

John-AldrichTile-Tools

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Thursday, April 15, 2010 4:05 PM
To: NT System Admin Issues
Subject: RE: Document scanning

 

Me neither... but that is because I have EVERYTHING set to "notify only".

Did you live through the Vipre HP laptop false-positive nightmare?

;)

 

 

 

 

  _  

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 4:02 PM
To: NT System Admin Issues
Subject: RE: Document scanning

FWIW, there is no record of *anything* ever being quarantined on that
machine.

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich 
wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 


.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Document scanning

[Sherry Abercrombie]

Definitely could be causing an issue.  It could be "holding" the file while
it's being scanned and the printer/scanner cannot complete the file transfer
in a timely manner.  I've seen the on access scan by Vipre effectively lock
up a machine for a couple of minutes, even on stuff in Admin Known Good.  I
would put this print server into a different policy group in Vipre and make
those changes on that policy group only, that way it doesn't affect other
machines.  Then see what happens.

FWIW, I do not have those checked on servers, AP is enabled but those
options are not checked.  I do however have those checked on workstations.

On Thu, Apr 15, 2010 at 3:00 PM, John Aldrich
wrote:

>  Yes. Both are checked. Think that’s the problem? As I say, it’s not **
> every** time a scan is done, but about every 10-15 scans.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Sherry Abercrombie [mailto:saber...@gmail.com]
> *Sent:* Thursday, April 15, 2010 3:45 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Document scanning
>
>
>
> Is the "Check files (or all files) when they are opened or changed" checked
> under active protection?
>
> On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> We have two Kyocera MFP machines that, obviously, scan/print and copy. When
> they scan, they default to scanning to a PDF and putting that PDF onto a
> public share on our servers. Recently, the two MFP machines have started
> locking up when scanning. Not every time, but something like every 10 or 15
> scans it’ll lock up such that we have to power-cycle it.
>
> As best I can recall, it started **after** we installed Vipre on the
> server. I seriously doubt that it’s a Vipre issue, but I’m trying to work
> both ends of this by asking here while the copier folks are working on the
> machines. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
> --
> Sherry Abercrombie
>
> "Any sufficiently advanced technology is indistinguishable from magic."
> Arthur C. Clarke
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[David Mazzaccaro]

Me neither... but that is because I have EVERYTHING set to "notify
only".
Did you live through the Vipre HP laptop false-positive nightmare?
;)
 
 
 



From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 4:02 PM
To: NT System Admin Issues
Subject: RE: Document scanning



FWIW, there is no record of *anything* ever being quarantined on that
machine.

 

  

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed"
checked under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich <
jaldr...@blueridgecarpet.com> wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy.
When they scan, they default to scanning to a PDF and putting that PDF
onto a public share on our servers. Recently, the two MFP machines have
started locking up when scanning. Not every time, but something like
every 10 or 15 scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the
server. I seriously doubt that it's a Vipre issue, but I'm trying to
work both ends of this by asking here while the copier folks are working
on the machines. J

 



 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 


.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

re: modifying subnet assignment by script

[Christopher Bodnar]

Fixed it in case anyone is interested. There are a few problems with the 
original. Biggest problem is that the "/" in the subnet name needed to be 
escaped. Also the "_"  character was a typo, and there was a "," missing in 
front of "cn=Subnets" . 


strNewSiteName = "TESTSite1" 
strSubnetName = "10.170.2.0\/24"

Set objRootDSE = GetObject("LDAP://RootDSE")
strConfigurationNC = objRootDSE.Get("configurationNamingContext")

Set objSiteSettings = GetObject("LDAP://cn=" & strSubnetName & 
",cn=Subnets,cn=Sites," & strConfigurationNC)

objSiteSettings.Put "siteObject", "cn=" & strNewSiteName & ",cn=Sites," & 
strConfigurationNC
objSiteSettings.SetInfo
WScript.Echo("Site Membership updated successfully!")
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Document scanning

[John Aldrich]

Ok. Thanks. I talked to the copier tech about it and he said that if it were
up to him, he'd wait and see if the part-swapping he's doing at the
direction of the factory fixes things. If not, I'll try that. I'd never
heard of antivirus causing problems like that and I would have thought it
would be *every* document that got scanned if Vipre were the issue, but I
guess not.

 

John-AldrichTile-Tools

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Thursday, April 15, 2010 3:57 PM
To: NT System Admin Issues
Subject: RE: Document scanning

 

Boybusy week for you! :)

I would exclude the share from Vipre and see if the problem persists.

I assume you don't have a problem w/ making photocopies?  Only scanning?

We have a document imaging system here that I had to make exclusions for..
Vipre was killing it.

$.02

 

  _  

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 3:35 PM
To: NT System Admin Issues
Subject: Document scanning

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 


.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[David Mazzaccaro]

FYI - I NEVER check those boxes...I do have AP enabled, but not those
check boxes.
 
 



From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 4:01 PM
To: NT System Admin Issues
Subject: RE: Document scanning



Yes. Both are checked. Think that's the problem? As I say, it's not
*every* time a scan is done, but about every 10-15 scans.

 

  

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed"
checked under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich <
jaldr...@blueridgecarpet.com> wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy.
When they scan, they default to scanning to a PDF and putting that PDF
onto a public share on our servers. Recently, the two MFP machines have
started locking up when scanning. Not every time, but something like
every 10 or 15 scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the
server. I seriously doubt that it's a Vipre issue, but I'm trying to
work both ends of this by asking here while the copier folks are working
on the machines. J

 



 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 


.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Helpdesk software

[Kurt Buff]

http://www.bestpractical.com/rt

On Thu, Apr 15, 2010 at 12:23, Jay Dale  wrote:
> Hey all,
>
>
>
> I’m looking for some kind of helpdesk software we can utilize not only for
> our internal ticket tracking and submittal, but also for customers of ours
> to submit via email or a link on our KB site.  I’ve noticed a couple like
> ManageEngine, Numara Track-IT, and InverseFlow.
>
>
>
> Has anyone had experience with these, and would recommend them?  Or would
> recommend something similar to what we require?
>
>
>
> Thanks,
>
>
>
> Jay
>
>
>
> Jay Dale
>
> I.T. Manager, 3GiG
>
> Mobile: 713.299.2541
>
> Email: jay.d...@3-gig.com
>
>
>
> Confidentiality Notice: This e-mail, including any attached files, may
> contain confidential and/or privileged information for the sole use of the
> intended recipient. If you are not the intended recipient, you are hereby
> notified that any review, dissemination or copying of this e-mail and
> attachments, if any, or the information contained herein, is strictly
> prohibited. If you are not the intended recipient (or authorized to receive
> information for the intended recipient), please contact the sender by reply
> e-mail and delete all copies of this message.
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Document scanning

[John Aldrich]

FWIW, there is no record of *anything* ever being quarantined on that
machine.

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich 
wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[John Aldrich]

Yes. Both are checked. Think that's the problem? As I say, it's not *every*
time a scan is done, but about every 10-15 scans.

 

John-AldrichTile-Tools

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Thursday, April 15, 2010 3:45 PM
To: NT System Admin Issues
Subject: Re: Document scanning

 

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich 
wrote:

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Document scanning

[David Mazzaccaro]

Boybusy week for you! :)
I would exclude the share from Vipre and see if the problem persists.
I assume you don't have a problem w/ making photocopies?  Only scanning?
We have a document imaging system here that I had to make exclusions
for.. Vipre was killing it.
$.02




From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 3:35 PM
To: NT System Admin Issues
Subject: Document scanning



We have two Kyocera MFP machines that, obviously, scan/print and copy.
When they scan, they default to scanning to a PDF and putting that PDF
onto a public share on our servers. Recently, the two MFP machines have
started locking up when scanning. Not every time, but something like
every 10 or 15 scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the
server. I seriously doubt that it's a Vipre issue, but I'm trying to
work both ends of this by asking here while the copier folks are working
on the machines. J

 

  

 

 

 


.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Any insight for me?

[James Kerr]

I would buy it, park it at godaddy and forward it to our main site. I wish I 
could buy the .com version of our main domain of which we own .org and .net, 
that would be cool but they want $2800 for it, so screw that, we dont need it 
that bad. We are a .org anyway.
  - Original Message - 
  From: Sean Martin 
  To: NT System Admin Issues 
  Sent: Thursday, April 15, 2010 3:40 PM
  Subject: Re: Any insight for me?


  That's a good point. We own most of the iterations of our primary domain 
(.com, .net, .coop, .org, .biz, etc.) for that very reason. We just redirect 
them to our primary site.

  - Sean

  On Thu, Apr 15, 2010 at 11:24 AM, Steven M. Caesare  
wrote:

+1.



I’ll also say $800 is pretty cheap for a domain resale. I sold one I had 
registered for a small biz for significantly more than that. For $800 I suspect 
it would be worth it just to keep from potentially polluting your public name 
on on the interweb.



-sc



From: Blackman, Woody [mailto:wblack...@occ.cccd.edu] 
Sent: Thursday, April 15, 2010 3:15 PM 


To: NT System Admin Issues

Subject: RE: Any insight for me? 




I agree with Sean, unless you have a driving need it is just an extra 
complication.  However, I think having the .NET domain is useful to 
differentiate Intra/Extranet services (portals/partners).  Low cost with high 
value for providing process design clarity.



From: Sean Martin [mailto:seanmarti...@gmail.com] 
Sent: Thursday, April 15, 2010 12:06 PM
To: NT System Admin Issues
Subject: Re: Any insight for me?



There's no need for a public domain name internally. If you're going to go 
through the trouble of changing it (which I have no personal experience with) 
just use something like .local. 



It sounds like the availability of the public domain name is your driving 
force behind this idea. If you're not experiencing any issues with your current 
configuration, and it's not preventing you from any future changes, I'd say 
leave it alone.



We operate a split dns environment and it works just fine.



YMMV



- Sean

On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:

All,

I have an interesting situation that has presented a need for a decision:

I work for a medium sized company of around 250 people in three
countries - US HQ, and much smaller offices in England and Australia.

We have the .com domain for our company, but since joining the firm
some years ago another company had the .net domain.

I recently checked, and found that the .net domain is for sale - at
nearly $800.00. That's pretty steep, but I'm considering recommending
that we get it.

We currently use our .com domain both internally and externally, with
a split brain DNS, but I wouldn't mind at all using the .net domain
internally.

I believe that to fully implement the .net domain internally would
require a domain rename, and we do use Exchange 2003, with a DC and an
Exchange server in each office (2 DCs in the US office, one
virtualized.)

So, what are your thoughts on this? How much pain would be involved in
making such a transition, and do you think it would be worth the
effort? What (aside from not needing a split-brain DNS) would be the
benefits, if any?

Thanks,

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~





 

 


 






 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: 3Par vs NetApp

[Rob Bonfiglio]

Thanks for the input.  We're trying to get a meeting scheduled with 3Par,
I'll make sure those are both on my list of things to ask.  We do have a
number of Solaris machines, as well we Windows machines.  And expandability
is always a concern.

On Thu, Apr 15, 2010 at 12:03 PM, Maglinger, Paul wrote:

>  Not familiar with 3Par, but if you are running a mixed environment of
> Windows and UNIX machines sharing the same files make sure your new solution
> works as well as the NetApp does.
>
> The only downside to NetApp that I see is that to expand your storage by
> adding physical disks, you have to have the free rack space for the new
> drives and then move the data over to them.  HP EVA systems you can replace
> physical drives one at a time – slow because it has to level each time, but
> effective if you don’t have the spare room.  It would be interesting to hear
> how 3Par takes care of it.
>
>
>
> -Paul
>
>
>
> *From:* Rob Bonfiglio [mailto:robbonfig...@gmail.com]
> *Sent:* Thursday, April 15, 2010 10:45 AM
> *To:* NT System Admin Issues
> *Subject:* 3Par vs NetApp
>
>
>
> Does anyone have any thoughts on comparing 3Par solutions with NetApp?  We
> currently have NetApp, and we need to replace it.  The price for the new
> NetApp is much higher than we want it to be though, so we are looking at
> other solutions.  We are looking for 50TB usable space.
>
>
>
> How do the management apps compare between the two solutions?
>
> How easy is the 3Par to expand?  (We are probably looking at the F400
> series)
>
> Will 3 Par use SAS drives?  I saw FC, SATA, and Solid State listed, but not
> SAS.
>
>
>
> I'm willing to listen to any thoughts that any of you have.
>
>
>
> Thanks!
>
>
>
> Rob
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: label printer

[Steve Kistenmacher]

Do these have "cutters" back in the day when the cutters would get gummed
up, the printers would do some bizarre things. 

 

From: paul d [mailto:pdw1...@hotmail.com] 
Sent: Thursday, April 15, 2010 3:25 PM
To: NT System Admin Issues
Subject: label printer

 

I've got a problem for you printer guru's out there.  
Here's the setup:
 
Windows 2003 print server
3 flavors of Datamax label printers

Here's an example of how the printer works in our environment:
 ER doc orders a Lab test.  Order is entered into the system and a label
prints out in Lab.  

This has been going on for years (10+) and with very few problems.  However,
recently the label printer will print a label and go into Pause mode.  Or,
it will just print garbage or do a hex dump.  These all usually happen when
a label is supposed to print.  Recently we've started experiencing the same
situation with the label printers in Radiology.

We entered into a contract to have all our non-label printers to be leased
from a company (we used to just buy them) and have been replacing the
current printers with these new printers.  That, of course, means changing
the drivers on the print server.

I have been tearing my hair out (figuratively; at my age, it's a struggle
just to keep what I have) trying to resolve this issue.  I've got 4 of them
suckers and 3 are acting up.  Any help from the community would be greatly
appreciated.

  _  

The New Busy is not the too busy. Combine all your e-mail accounts with
Hotmail. Get busy.
  

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Document scanning

[Sherry Abercrombie]

Is the "Check files (or all files) when they are opened or changed" checked
under active protection?

On Thu, Apr 15, 2010 at 2:35 PM, John Aldrich
wrote:

>  We have two Kyocera MFP machines that, obviously, scan/print and copy.
> When they scan, they default to scanning to a PDF and putting that PDF onto
> a public share on our servers. Recently, the two MFP machines have started
> locking up when scanning. Not every time, but something like every 10 or 15
> scans it’ll lock up such that we have to power-cycle it.
>
> As best I can recall, it started **after** we installed Vipre on the
> server. I seriously doubt that it’s a Vipre issue, but I’m trying to work
> both ends of this by asking here while the copier folks are working on the
> machines. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Broken VM...

[Steven M. Caesare]

And firewall?

 

I've seen them "revert" to setting on occasion... I've always suspected
it to be tied to a hotfix/update install, but it's happen infrequently
enough that I've never delved in to it?

 

-sc

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, April 15, 2010 3:41 PM
To: NT System Admin Issues
Subject: Re: Broken VM...

 

What does the eventlog say?

 

Also, I expect that this is some sort of VMWare host?


-ASB: http://XeeSM.com/AndrewBaker



On Thu, Apr 15, 2010 at 3:28 PM,  wrote:


...will not accept remote connection requests.  The dialog box just
sort-of sits on the user's screen for about a minute before clunking out
with a "This computer cannot connect to the remote computer" message. 

The VM is XP Professional, SP3.  It was built by doing a P2V from a new
Dell, and all had been working well until about a month ago.  We had
this same issue then.  I got it working by setting it back a week in
System Restore. 

It's broken again, and a reboot, a file system check, and 3 system
restore attempts cannot get it back up. 

Unfortunately, making a new XP VM is not an option (without finding an
available machine wiping it, and doing another P2V anyway).  I have
simply never gotten any of the tricks you folks suggested way back in
January to get the XP setup to recognize the virtual disk.  (I guess we
could set everything up on Win2003 Server...?) 

Any ideas as to how to fix remote connections on any machine, especially
a VM? 

Thanks...
-- 
Richard D. McClary 
Systems Administrator, Information Technology Group 
ASPCA(r) 
1717 S. Philo Rd, Ste 36 
Urbana, IL  61802 
  
richardmccl...@aspca.org 
  
P: 217-337-9761 
C: 217-417-1182 
F: 217-337-9761 
www.aspca.org   
  

The information contained in this e-mail, and any attachments hereto, is
from The American Society for the Prevention of Cruelty to Animals(r)
(ASPCA(r)) and is intended only for use by the addressee(s) named herein
and may contain legally privileged and/or confidential information. If
you are not the intended recipient of this e-mail, you are hereby
notified that any dissemination, distribution, copying or use of the
contents of this e-mail, and any attachments hereto, is strictly
prohibited. If you have received this e-mail in error, please
immediately notify me by reply email and permanently delete the original
and any copy of this e-mail and any printout thereof. 
  

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Broken VM...

[Andrew S. Baker]

What does the eventlog say?

Also, I expect that this is some sort of VMWare host?

-ASB: http://XeeSM.com/AndrewBaker


On Thu, Apr 15, 2010 at 3:28 PM,  wrote:

>
> ...will not accept remote connection requests.  The dialog box just sort-of
> sits on the user's screen for about a minute before clunking out with a
> "This computer cannot connect to the remote computer" message.
>
> The VM is XP Professional, SP3.  It was built by doing a P2V from a new
> Dell, and all had been working well until about a month ago.  We had this
> same issue then.  I got it working by setting it back a week in System
> Restore.
>
> It's broken again, and a reboot, a file system check, and 3 system restore
> attempts cannot get it back up.
>
> Unfortunately, making a new XP VM is not an option (without finding an
> available machine wiping it, and doing another P2V anyway).  I have simply
> never gotten any of the tricks you folks suggested way back in January to
> get the XP setup to recognize the virtual disk.  (I guess we could set
> everything up on Win2003 Server...?)
>
> Any ideas as to how to fix remote connections on any machine, especially a
> VM?
>
> Thanks...
> --
> Richard D. McClary
> Systems Administrator, Information Technology Group
> *ASPCA®*
> 1717 S. Philo Rd, Ste 36
> Urbana, IL  61802
>
> richardmccl...@aspca.org
>
> P: 217-337-9761
> C: 217-417-1182
> F: 217-337-9761
> *www.aspca.org* 
>
>
> The information contained in this e-mail, and any attachments hereto, is
> from The American Society for the Prevention of Cruelty to Animals® (ASPCA
> ®) and is intended only for use by the addressee(s) named herein and may
> contain legally privileged and/or confidential information. If you are not
> the intended recipient of this e-mail, you are hereby notified that any
> dissemination, distribution, copying or use of the contents of this e-mail,
> and any attachments hereto, is strictly prohibited. If you have received
> this e-mail in error, please immediately notify me by reply email and
> permanently delete the original and any copy of this e-mail and any printout
> thereof.
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Any insight for me?

[Sean Martin]

That's a good point. We own most of the iterations of our primary domain
(.com, .net, .coop, .org, .biz, etc.) for that very reason. We just redirect
them to our primary site.

- Sean
On Thu, Apr 15, 2010 at 11:24 AM, Steven M. Caesare wrote:

>  +1.
>
>
>
> I’ll also say $800 is pretty cheap for a domain resale. I sold one I had
> registered for a small biz for significantly more than that. For $800 I
> suspect it would be worth it just to keep from potentially polluting your
> public name on on the interweb.
>
>
>
> -sc
>
>
>
> *From:* Blackman, Woody [mailto:wblack...@occ.cccd.edu]
> *Sent:* Thursday, April 15, 2010 3:15 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Any insight for me?
>
>
>
> I agree with Sean, unless you have a driving need it is just an extra
> complication.  However, I think having the .NET domain is useful to
> differentiate Intra/Extranet services (portals/partners).  Low cost with
> high value for providing process design clarity.
>
>
>
> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
> *Sent:* Thursday, April 15, 2010 12:06 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Any insight for me?
>
>
>
> There's no need for a public domain name internally. If you're going to go
> through the trouble of changing it (which I have no personal experience
> with) just use something like .local.
>
>
>
> It sounds like the availability of the public domain name is your driving
> force behind this idea. If you're not experiencing any issues with your
> current configuration, and it's not preventing you from any future changes,
> I'd say leave it alone.
>
>
>
> We operate a split dns environment and it works just fine.
>
>
>
> YMMV
>
>
>
> - Sean
>
> On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:
>
> All,
>
> I have an interesting situation that has presented a need for a decision:
>
> I work for a medium sized company of around 250 people in three
> countries - US HQ, and much smaller offices in England and Australia.
>
> We have the .com domain for our company, but since joining the firm
> some years ago another company had the .net domain.
>
> I recently checked, and found that the .net domain is for sale - at
> nearly $800.00. That's pretty steep, but I'm considering recommending
> that we get it.
>
> We currently use our .com domain both internally and externally, with
> a split brain DNS, but I wouldn't mind at all using the .net domain
> internally.
>
> I believe that to fully implement the .net domain internally would
> require a domain rename, and we do use Exchange 2003, with a DC and an
> Exchange server in each office (2 DCs in the US office, one
> virtualized.)
>
> So, what are your thoughts on this? How much pain would be involved in
> making such a transition, and do you think it would be worth the
> effort? What (aside from not needing a split-brain DNS) would be the
> benefits, if any?
>
> Thanks,
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Any insight for me?

[Andrew S. Baker]

Agreed.  Get the domain name, but don't bother renaming your internal
config.   Save it for something else.

-ASB: http://XeeSM.com/AndrewBaker


On Thu, Apr 15, 2010 at 3:24 PM, Steven M. Caesare wrote:

> +1.
>
>
>
> I’ll also say $800 is pretty cheap for a domain resale. I sold one I had
> registered for a small biz for significantly more than that. For $800 I
> suspect it would be worth it just to keep from potentially polluting your
> public name on on the interweb.
>
>
>
> -sc
>
>
>
> *From:* Blackman, Woody [mailto:wblack...@occ.cccd.edu]
> *Sent:* Thursday, April 15, 2010 3:15 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Any insight for me?
>
>
>
> I agree with Sean, unless you have a driving need it is just an extra
> complication.  However, I think having the .NET domain is useful to
> differentiate Intra/Extranet services (portals/partners).  Low cost with
> high value for providing process design clarity.
>
>
>
> *From:* Sean Martin [mailto:seanmarti...@gmail.com]
> *Sent:* Thursday, April 15, 2010 12:06 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Any insight for me?
>
>
>
> There's no need for a public domain name internally. If you're going to go
> through the trouble of changing it (which I have no personal experience
> with) just use something like .local.
>
>
>
> It sounds like the availability of the public domain name is your driving
> force behind this idea. If you're not experiencing any issues with your
> current configuration, and it's not preventing you from any future changes,
> I'd say leave it alone.
>
>
>
> We operate a split dns environment and it works just fine.
>
>
>
> YMMV
>
>
>
> - Sean
>
> On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:
>
> All,
>
> I have an interesting situation that has presented a need for a decision:
>
> I work for a medium sized company of around 250 people in three
> countries - US HQ, and much smaller offices in England and Australia.
>
> We have the .com domain for our company, but since joining the firm
> some years ago another company had the .net domain.
>
> I recently checked, and found that the .net domain is for sale - at
> nearly $800.00. That's pretty steep, but I'm considering recommending
> that we get it.
>
> We currently use our .com domain both internally and externally, with
> a split brain DNS, but I wouldn't mind at all using the .net domain
> internally.
>
> I believe that to fully implement the .net domain internally would
> require a domain rename, and we do use Exchange 2003, with a DC and an
> Exchange server in each office (2 DCs in the US office, one
> virtualized.)
>
> So, what are your thoughts on this? How much pain would be involved in
> making such a transition, and do you think it would be worth the
> effort? What (aside from not needing a split-brain DNS) would be the
> benefits, if any?
>
> Thanks,
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Document scanning

[John Aldrich]

We have two Kyocera MFP machines that, obviously, scan/print and copy. When
they scan, they default to scanning to a PDF and putting that PDF onto a
public share on our servers. Recently, the two MFP machines have started
locking up when scanning. Not every time, but something like every 10 or 15
scans it'll lock up such that we have to power-cycle it. 

As best I can recall, it started *after* we installed Vipre on the server. I
seriously doubt that it's a Vipre issue, but I'm trying to work both ends of
this by asking here while the copier folks are working on the machines. J

 

John-AldrichTile-Tools

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Helpdesk software

[Jim Holmgren]

We are preparing to upgrade from Track-It to Footprints (both Numara
products) - so far I'm impressed with Footprints.

 

I another life, we had a good experience with an open source product  -
Liberum - but that was internal-only.  I suppose one could engineer it
to work both internally and externally.

 

Jim

 

 

Jim Holmgren

Manager of Server Engineering

XLHealth Corporation

The Warehouse at Camden Yards

351 West Camden Street, Suite 100

Baltimore, MD 21201 

410.625.2200 (main)

443.524.8573 (direct)

443-506.2400 (cell)

www.xlhealth.com

 

 

 

From: Jay Dale [mailto:jay.d...@3-gig.com] 
Sent: Thursday, April 15, 2010 3:23 PM
To: NT System Admin Issues
Subject: Helpdesk software

 

Hey all,

 

I'm looking for some kind of helpdesk software we can utilize not only
for our internal ticket tracking and submittal, but also for customers
of ours to submit via email or a link on our KB site.  I've noticed a
couple like ManageEngine, Numara Track-IT, and InverseFlow. 

 

Has anyone had experience with these, and would recommend them?  Or
would recommend something similar to what we require?

 

Thanks,

 

Jay

 

Jay Dale

I.T. Manager, 3GiG

Mobile: 713.299.2541

Email: jay.d...@3-gig.com   

 

Confidentiality Notice: This e-mail, including any attached files, may
contain confidential and/or privileged information for the sole use of
the intended recipient. If you are not the intended recipient, you are
hereby notified that any review, dissemination or copying of this e-mail
and attachments, if any, or the information contained herein, is
strictly prohibited. If you are not the intended recipient (or
authorized to receive information for the intended recipient), please
contact the sender by reply e-mail and delete all copies of this
message.

 

 

 

 


CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use 
of the intended recipient(s) and may contain confidential and/or protected 
health information. Under the Federal Law (HIPAA), the intended recipient is 
obligated to keep this information secure and confidential. Any disclosure to 
third parties without authorization from the member of as permitted by law is 
prohibited and punishable under Federal Law. If you are not the intended 
recipient, please contact the sender by reply e-mail and destroy all copies of 
the original message.

NOTA DE CONFIDENCIALIDAD: Este facsímile, incluyendo lo adjunto, es para el uso 
exclusivo del destinatario(s) y puede contener información confidencial y/o 
información protegida de salud. En virtud de la Ley Federal (HIPAA), el 
destinatario tiene la obligación de mantener esta información segura y 
confidencial. Cualquier divulgación a terceros sin la autorización de los 
miembros de lo permitido por la ley está prohibido y penado en virtud de la Ley 
Federal. Si usted no es el destinatario, por favor, póngase en contacto con el 
remitente por teléfono y destruir todas las copias del mensaje original
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Broken VM...

[RichardMcClary]

...will not accept remote connection requests.  The dialog box just 
sort-of sits on the user's screen for about a minute before clunking out 
with a "This computer cannot connect to the remote computer" message.

The VM is XP Professional, SP3.  It was built by doing a P2V from a new 
Dell, and all had been working well until about a month ago.  We had this 
same issue then.  I got it working by setting it back a week in System 
Restore.

It's broken again, and a reboot, a file system check, and 3 system restore 
attempts cannot get it back up.

Unfortunately, making a new XP VM is not an option (without finding an 
available machine wiping it, and doing another P2V anyway).  I have simply 
never gotten any of the tricks you folks suggested way back in January to 
get the XP setup to recognize the virtual disk.  (I guess we could set 
everything up on Win2003 Server...?)

Any ideas as to how to fix remote connections on any machine, especially a 
VM?

Thanks...
--
Richard D. McClary
Systems Administrator, Information Technology Group 
ASPCA®
1717 S. Philo Rd, Ste 36
Urbana, IL  61802
 
richardmccl...@aspca.org
 
P: 217-337-9761
C: 217-417-1182
F: 217-337-9761
www.aspca.org
 
The information contained in this e-mail, and any attachments hereto, is 
from The American Society for the Prevention of Cruelty to Animals® (ASPCA
®) and is intended only for use by the addressee(s) named herein and may 
contain legally privileged and/or confidential information. If you are not 
the intended recipient of this e-mail, you are hereby notified that any 
dissemination, distribution, copying or use of the contents of this 
e-mail, and any attachments hereto, is strictly prohibited. If you have 
received this e-mail in error, please immediately notify me by reply email 
and permanently delete the original and any copy of this e-mail and any 
printout thereof.
 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New boss hot on Dell Switches

[David Lum]

+1

Dell managed switches at a couple of clients, but I was just looking for a 
cheap managed switch and the Dell's have been perfect for 5+ years. I don't use 
the managed features much and the environments aren't complex but it's a 
Godsend feature when I need it. The only switches I've seen die are the $50 
Linksys stuff (twice).
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764
From: Stefan Jafs [mailto:stefan.j...@gmail.com]
Sent: Thursday, April 15, 2010 9:54 AM
To: NT System Admin Issues
Subject: Re: New boss hot on Dell Switches

I have 8 Dell Switches 3448P and 5324 have been using for about 3 years 
absolutelly no problems.

Stefan



On Thu, Apr 15, 2010 at 10:02 AM, Devin Meade 
mailto:devin.me...@gmail.com>> wrote:
I have been wanting to replace our aging Dell Switches with HP Procurve for 
ages.  Enter a new boss.  So the new boss now wants to replace the Dell 
switches with Dell switches.  He says they are half the cost - that's true.  He 
wants to do it right freaking now with absolutely no research.  So I get 3 min 
to research it and this email took two.  I get 60 more seconds to do a detailed 
comparison.  Crap that sentence just took 15 seconds.  So I am looking at tech 
specs and warranty.  THe first thing is the lifetime warranty from HP Procurve. 
 I dont really value that so much but it is there.  The networking equip 
lifetime for us seems to be around 8 years and Dell's go to five - HP's are 
lifetime.   In five years, equiv replacement equip will be dirt cheap and we 
will be looking to move to the next technology anyway.  We need around 200 
gigabit ports - stackable etc.  We are looking at the Procurve 3500  series and 
Dell Powerconnect 6248 series - all 48 ports.  I have read pretty much glowing 
reports of in-the-field support regarding HP.  We have had a few issues with 
our Dell PowerConnect but Dell worked with us with no problem.  One of our 3448 
switches was replaced via priority overnight with little hassle.

Anyone have any compelling reason to spend almost 2X on ProCurve over Dell 
PowerConnect?

Thanks!
Devin







--
Stefan Jafs





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

label printer

[paul d]

I've got a problem for you printer guru's out there.  
Here's the setup:
 
Windows 2003 print server
3 flavors of Datamax label printers

Here's an example of how the printer works in our environment:
 ER doc orders a Lab test.  Order is entered into the system and a label prints 
out in Lab.  

This has been going on for years (10+) and with very few problems.  However, 
recently the label printer will print a label and go into Pause mode.  Or, it 
will just print garbage or do a hex dump.  These all usually happen when a 
label is supposed to print.  Recently we've started experiencing the same 
situation with the label printers in Radiology.

We entered into a contract to have all our non-label printers to be leased from 
a company (we used to just buy them) and have been replacing the current 
printers with these new printers.  That, of course, means changing the drivers 
on the print server.

I have been tearing my hair out (figuratively; at my age, it's a struggle just 
to keep what I have) trying to resolve this issue.  I've got 4 of them suckers 
and 3 are acting up.  Any help from the community would be greatly appreciated.
  
_
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Any insight for me?

[Steven M. Caesare]

+1.

 

I'll also say $800 is pretty cheap for a domain resale. I sold one I had
registered for a small biz for significantly more than that. For $800 I
suspect it would be worth it just to keep from potentially polluting
your public name on on the interweb.

 

-sc

 

From: Blackman, Woody [mailto:wblack...@occ.cccd.edu] 
Sent: Thursday, April 15, 2010 3:15 PM
To: NT System Admin Issues
Subject: RE: Any insight for me?

 

I agree with Sean, unless you have a driving need it is just an extra
complication.  However, I think having the .NET domain is useful to
differentiate Intra/Extranet services (portals/partners).  Low cost with
high value for providing process design clarity.

 

From: Sean Martin [mailto:seanmarti...@gmail.com] 
Sent: Thursday, April 15, 2010 12:06 PM
To: NT System Admin Issues
Subject: Re: Any insight for me?

 

There's no need for a public domain name internally. If you're going to
go through the trouble of changing it (which I have no personal
experience with) just use something like .local. 

 

It sounds like the availability of the public domain name is your
driving force behind this idea. If you're not experiencing any issues
with your current configuration, and it's not preventing you from any
future changes, I'd say leave it alone.

 

We operate a split dns environment and it works just fine.

 

YMMV

 

- Sean

On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:

All,

I have an interesting situation that has presented a need for a
decision:

I work for a medium sized company of around 250 people in three
countries - US HQ, and much smaller offices in England and Australia.

We have the .com domain for our company, but since joining the firm
some years ago another company had the .net domain.

I recently checked, and found that the .net domain is for sale - at
nearly $800.00. That's pretty steep, but I'm considering recommending
that we get it.

We currently use our .com domain both internally and externally, with
a split brain DNS, but I wouldn't mind at all using the .net domain
internally.

I believe that to fully implement the .net domain internally would
require a domain rename, and we do use Exchange 2003, with a DC and an
Exchange server in each office (2 DCs in the US office, one
virtualized.)

So, what are your thoughts on this? How much pain would be involved in
making such a transition, and do you think it would be worth the
effort? What (aside from not needing a split-brain DNS) would be the
benefits, if any?

Thanks,

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Ethics issue

[David Lum]

[cid:image001.png@01CADC96.74037830]

From: Orland, Kathleen [mailto:korl...@rogers.com]
Sent: Thursday, April 15, 2010 11:53 AM
To: NT System Admin Issues
Subject: Re: Ethics issue

His lawyer should not be communicating to you or anyone else in the company via 
him.

Kathleen Orland
Please support me in my efforts: SPCA Friends for Life 2010 Walk-A-Thon
http://ontariospca.akaraisin.com/p/kathleenorland.aspx
- Original Message -
From: John Aldrich
To: NT System Admin Issues
Sent: Thursday, April 15, 2010 2:28 PM
Subject: RE: Ethics issue

Well, he says his lawyer wants access to her email and it’s easier/cheaper than 
getting a subpoena. I’ll check with management and see what they want to do.

[cid:image002.jpg@01CADC96.74037830][cid:image003@01cadc96.74037830]

From: Daniel Rodriguez [mailto:drod...@gmail.com]
Sent: Thursday, April 15, 2010 2:22 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

I would not have done that. For one, that is a company supplied laptop. She has 
no business using, period! Two, instead of a keylogger why didn't you just look 
at the IE Cache folder? Anything she was accessing would be there, graphics, 
too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.
On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich 
mailto:jaldr...@blueridgecarpet.com>> wrote:
One of my users is in the middle of a nasty divorce with his wife. He’s trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she’s been cheating. 
Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

[cid:00ab01cadccc$e3359860$3901100a@strplx.ne][cid:00ac01cadccc$e3359860$39011...@strplx.ne]



















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
<><><>

Helpdesk software

[Jay Dale]

Hey all,

I'm looking for some kind of helpdesk software we can utilize not only for our 
internal ticket tracking and submittal, but also for customers of ours to 
submit via email or a link on our KB site.  I've noticed a couple like 
ManageEngine, Numara Track-IT, and InverseFlow.

Has anyone had experience with these, and would recommend them?  Or would 
recommend something similar to what we require?

Thanks,

Jay

Jay Dale
I.T. Manager, 3GiG
Mobile: 713.299.2541
Email: jay.d...@3-gig.com

Confidentiality Notice: This e-mail, including any attached files, may contain 
confidential and/or privileged information for the sole use of the intended 
recipient. If you are not the intended recipient, you are hereby notified that 
any review, dissemination or copying of this e-mail and attachments, if any, or 
the information contained herein, is strictly prohibited. If you are not the 
intended recipient (or authorized to receive information for the intended 
recipient), please contact the sender by reply e-mail and delete all copies of 
this message.



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Sherry Abercrombie]

Good move.

On Thu, Apr 15, 2010 at 2:13 PM, John Aldrich
wrote:

>  Ok. I’ve sent him a link to a wireless network card for his PC from
> NewEgg. I’ll advise him that, for legal reasons, he needs to get someone
> else to install it and hook up the network to it.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Thursday, April 15, 2010 3:00 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Ethics issue
>
>
>
> There are times when it is far more helpful NOT to help someone.
> Especially not the way they want to be helped.
>
>
>
> This is one of those times.
>
>
>
> You need to be as far from this train wreck as is humanly possible, unless
> you have a desire to be a co-defendant in a subsequent lawsuit.
>  Seriously.
>
>
>
> This is one of the few times that every single person in an NTSYSADMIN
> thread has essentially given the same advice.   You would do well to heed
> it.
>
>
>
> Any assistance you feel compelled to provide to him should be done
> verbally, and should consist primarily of, "Here is a person that you can
> speak to who might be able to help you..." If that.
>
>
> -ASB: http://XeeSM.com/AndrewBaker
>
>
>
> On Thu, Apr 15, 2010 at 2:46 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> Hmm… $350/hour…that’s about 10x what I charge for PC work. J I think I may
> have to see if I can find out who his lawyer is and offer to help…for about
> 3 times my normal rate. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Jacob [mailto:ja...@excaliburfilms.com]
> *Sent:* Thursday, April 15, 2010 2:30 PM
>
>
> *To:* NT System Admin Issues
> *Subject:* RE: Ethics issue
>
>
>
> Then his lawyer can get a subpoena from the court.
>
>
>
> Do not do a lawyers work.. unless you charge $350 per hour ;-)
>
>
>
> *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> *Sent:* Thursday, April 15, 2010 11:29 AM
>
>
> *To:* NT System Admin Issues
> *Subject:* RE: Ethics issue
>
>
>
> Well, he says his lawyer wants access to her email and it’s easier/cheaper
> than getting a subpoena. I’ll check with management and see what they want
> to do.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Daniel Rodriguez [mailto:drod...@gmail.com]
> *Sent:* Thursday, April 15, 2010 2:22 PM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* Re: Ethics issue
>
>
>
> I would not have done that. For one, that is a company supplied laptop. She
> has no business using, period! Two, instead of a keylogger why didn't you
> just look at the IE Cache folder? Anything she was accessing would be there,
> graphics, too. You could have copied this off to a CD for future reference.
>
> As long as she doesn't do any 'house cleaning' on the laptop, all the info
> is still there on the laptop hard drive.
>
> On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> One of my users is in the middle of a nasty divorce with his wife. He’s
> trying to install a keylogger on his company laptop so he can get access to
> her email (she uses his company-provided laptop at home) and prove she’s
> been cheating. Obviously Vipre doesn’t want to let him install it, but I
> overrode Vipre and told it to unquarantine it. My question is, did I do the
> right thing or should I make him uninstall it?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Any insight for me?

[Blackman, Woody]

I agree with Sean, unless you have a driving need it is just an extra 
complication.  However, I think having the .NET domain is useful to 
differentiate Intra/Extranet services (portals/partners).  Low cost with high 
value for providing process design clarity.

From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Thursday, April 15, 2010 12:06 PM
To: NT System Admin Issues
Subject: Re: Any insight for me?

There's no need for a public domain name internally. If you're going to go 
through the trouble of changing it (which I have no personal experience with) 
just use something like .local.

It sounds like the availability of the public domain name is your driving force 
behind this idea. If you're not experiencing any issues with your current 
configuration, and it's not preventing you from any future changes, I'd say 
leave it alone.

We operate a split dns environment and it works just fine.

YMMV

- Sean
On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff 
mailto:kurt.b...@gmail.com>> wrote:
All,

I have an interesting situation that has presented a need for a decision:

I work for a medium sized company of around 250 people in three
countries - US HQ, and much smaller offices in England and Australia.

We have the .com domain for our company, but since joining the firm
some years ago another company had the .net domain.

I recently checked, and found that the .net domain is for sale - at
nearly $800.00. That's pretty steep, but I'm considering recommending
that we get it.

We currently use our .com domain both internally and externally, with
a split brain DNS, but I wouldn't mind at all using the .net domain
internally.

I believe that to fully implement the .net domain internally would
require a domain rename, and we do use Exchange 2003, with a DC and an
Exchange server in each office (2 DCs in the US office, one
virtualized.)

So, what are your thoughts on this? How much pain would be involved in
making such a transition, and do you think it would be worth the
effort? What (aside from not needing a split-brain DNS) would be the
benefits, if any?

Thanks,

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Ethics issue

[David Lum]

+ 10 million. Separation of church and state, so to speak.

From: Steve Ens [mailto:stevey...@gmail.com]
Sent: Thursday, April 15, 2010 11:19 AM
To: NT System Admin Issues
Subject: Re: Ethics issue

Personally I wouldn't have done it.  That is not work related at all...and 
there might be legal or HR issues with that.
On Thu, Apr 15, 2010 at 1:15 PM, John Aldrich 
mailto:jaldr...@blueridgecarpet.com>> wrote:
One of my users is in the middle of a nasty divorce with his wife. He's trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she's been cheating. 
Obviously Vipre doesn't want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

[cid:image001.jpg@01CADC95.3D8C8EA0][cid:image002@01cadc95.3d8c8ea0]











~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

Ok. I've sent him a link to a wireless network card for his PC from NewEgg.
I'll advise him that, for legal reasons, he needs to get someone else to
install it and hook up the network to it.

 

John-AldrichTile-Tools

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, April 15, 2010 3:00 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

 

There are times when it is far more helpful NOT to help someone.
Especially not the way they want to be helped.

 

This is one of those times.

 

You need to be as far from this train wreck as is humanly possible, unless
you have a desire to be a co-defendant in a subsequent lawsuit.
Seriously.

 

This is one of the few times that every single person in an NTSYSADMIN
thread has essentially given the same advice.   You would do well to heed
it.

 

Any assistance you feel compelled to provide to him should be done verbally,
and should consist primarily of, "Here is a person that you can speak to who
might be able to help you..." If that.


-ASB: http://XeeSM.com/AndrewBaker

 

On Thu, Apr 15, 2010 at 2:46 PM, John Aldrich 
wrote:

Hmm. $350/hour.that's about 10x what I charge for PC work. J I think I may
have to see if I can find out who his lawyer is and offer to help.for about
3 times my normal rate. J

 

John-AldrichTile-Tools

 

From: Jacob [mailto:ja...@excaliburfilms.com] 
Sent: Thursday, April 15, 2010 2:30 PM


To: NT System Admin Issues
Subject: RE: Ethics issue

 

Then his lawyer can get a subpoena from the court.

 

Do not do a lawyers work.. unless you charge $350 per hour ;-)

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 11:29 AM


To: NT System Admin Issues
Subject: RE: Ethics issue

 

Well, he says his lawyer wants access to her email and it's easier/cheaper
than getting a subpoena. I'll check with management and see what they want
to do.

 

John-AldrichTile-Tools

 

From: Daniel Rodriguez [mailto:drod...@gmail.com] 
Sent: Thursday, April 15, 2010 2:22 PM


To: NT System Admin Issues

Subject: Re: Ethics issue

 

I would not have done that. For one, that is a company supplied laptop. She
has no business using, period! Two, instead of a keylogger why didn't you
just look at the IE Cache folder? Anything she was accessing would be there,
graphics, too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info
is still there on the laptop hard drive.

On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich 
wrote:

One of my users is in the middle of a nasty divorce with his wife. He's
trying to install a keylogger on his company laptop so he can get access to
her email (she uses his company-provided laptop at home) and prove she's
been cheating. Obviously Vipre doesn't want to let him install it, but I
overrode Vipre and told it to unquarantine it. My question is, did I do the
right thing or should I make him uninstall it?

 

John-AldrichTile-Tools

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

It wasn’t like that. I got the warning from Vipre that something was attempting 
to install on his computer and it was blocked. I called the user and told him 
to stop trying to install whatever it was. That’s when he came to my office and 
advised me about the divorce, etc.

 

John-AldrichTile-Tools

 

From: Orland, Kathleen [mailto:korl...@rogers.com] 
Sent: Thursday, April 15, 2010 2:53 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

 

His lawyer should not be communicating to you or anyone else in the company via 
him. 


Kathleen Orland
Please support me in my efforts: SPCA Friends for Life 2010 Walk-A-Thon
http://ontariospca.akaraisin.com/p/kathleenorland.aspx

- Original Message - 

From: John Aldrich   

To: NT System Admin Issues   

Sent: Thursday, April 15, 2010 2:28 PM

Subject: RE: Ethics issue

 

Well, he says his lawyer wants access to her email and it’s easier/cheaper than 
getting a subpoena. I’ll check with management and see what they want to do.

 

John-AldrichTile-Tools

 

From: Daniel Rodriguez [mailto:drod...@gmail.com] 
Sent: Thursday, April 15, 2010 2:22 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

 

I would not have done that. For one, that is a company supplied laptop. She has 
no business using, period! Two, instead of a keylogger why didn't you just look 
at the IE Cache folder? Anything she was accessing would be there, graphics, 
too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.

On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich  
wrote:

One of my users is in the middle of a nasty divorce with his wife. He’s trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she’s been cheating. 
Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

 

John-AldrichTile-Tools

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Vipre 4.0 message

[Alex Eckelberry]

If you have malicious web filtering enabled, these will be filtered from emails 
as well as phishing sites. 

-Original Message-
From: jgarciaitl...@gmail.com [mailto:jgarciaitl...@gmail.com] 
Sent: Thursday, April 15, 2010 1:16 PM
To: NT System Admin Issues
Subject: Re: Vipre 4.0 message

Will do
Once get on a computer.
Sent via BlackBerry from T-Mobile

-Original Message-
From: "James Kerr" 
Date: Thu, 15 Apr 2010 13:06:40 
To: NT System Admin Issues
Subject: Re: Vipre 4.0 message

Better to ask this over on the Vipre support forum on sunbelts site.

James


- Original Message - 
From: 
To: "NT System Admin Issues" 
Sent: Thursday, April 15, 2010 9:25 AM
Subject: Vipre 4.0 message


> Email Antivirus "Cleaned" Alert from
>
> A known bad url was replaced by VIPRE(s) <- what is this (phising ???)
>
> I have set viper to quarantine
> But viper cleaned this.
>
> Any idea why???
> Sent via BlackBerry from T-Mobile
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~ 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

modifying subnet assignment by script

[Christopher Bodnar]

I got this from the AD Cookbook and it's giving me an error. Can someone 
test this and let me know if it works for them in a test environment? The 
site and subnet must exist for this to work. I'm getting the following 
error:

(5, 49) Microsoft VBScript compilation error: Invalid character

Which corresponds to the "_" in front of "_strSubnetName". I've tried it 
without the "_" and get a null error. 


'*Begin 
Script***
strNewSiteName = "TESTSite1" ' e.g. "Raleigh"
strSubnetName = "10.170.2.0/24" ' e.g. "192.168.1.0/24"

Set objRootDSE = GetObject("LDAP://RootDSE")
Set objSiteSettings = GetObject("LDAP://cn=" & _strSubnetName & _
"cn=subnets,cn=sites," & _
objRootDSE.Get("ConfigurationNamingContext"))

objSiteSettings.Put "siteObject", _
"cn=" & strNewSiteName & ",cn=sites," & _
objRootDSE.Get("ConfigurationNamingContext")
objSiteSettings.SetInfo
WScript.Echo("Site Membership updated successfully!")
'*End 
Script***


Not sure what the issue is here. 

Thanks,


Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003


-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Sherry Abercrombie]

Indeed.

On Thu, Apr 15, 2010 at 2:00 PM, Andrew S. Baker  wrote:

> There are times when it is far more helpful NOT to help someone.
> Especially not the way they want to be helped.
>
> This is one of those times.
>
> You need to be as far from this train wreck as is humanly possible, unless
> you have a desire to be a co-defendant in a subsequent lawsuit.
>  Seriously.
>
> This is one of the few times that every single person in an NTSYSADMIN
> thread has essentially given the same advice.   You would do well to heed
> it.
>
> Any assistance you feel compelled to provide to him should be done
> verbally, and should consist primarily of, "Here is a person that you can
> speak to who might be able to help you..." If that.
>
> -ASB: http://XeeSM.com/AndrewBaker
>
>
> On Thu, Apr 15, 2010 at 2:46 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
>>  Hmm… $350/hour…that’s about 10x what I charge for PC work. J I think I
>> may have to see if I can find out who his lawyer is and offer to help…for
>> about 3 times my normal rate. J
>>
>>
>>
>> [image: John-Aldrich][image: Tile-Tools]
>>
>>
>>
>> *From:* Jacob [mailto:ja...@excaliburfilms.com]
>> *Sent:* Thursday, April 15, 2010 2:30 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* RE: Ethics issue
>>
>>
>>
>> Then his lawyer can get a subpoena from the court.
>>
>>
>>
>> Do not do a lawyers work.. unless you charge $350 per hour ;-)
>>
>>
>>
>> *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.com]
>> *Sent:* Thursday, April 15, 2010 11:29 AM
>>
>> *To:* NT System Admin Issues
>> *Subject:* RE: Ethics issue
>>
>>
>>
>> Well, he says his lawyer wants access to her email and it’s easier/cheaper
>> than getting a subpoena. I’ll check with management and see what they want
>> to do.
>>
>>
>>
>> [image: John-Aldrich][image: Tile-Tools]
>>
>>
>>
>> *From:* Daniel Rodriguez [mailto:drod...@gmail.com]
>> *Sent:* Thursday, April 15, 2010 2:22 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* Re: Ethics issue
>>
>>
>>
>> I would not have done that. For one, that is a company supplied laptop.
>> She has no business using, period! Two, instead of a keylogger why didn't
>> you just look at the IE Cache folder? Anything she was accessing would be
>> there, graphics, too. You could have copied this off to a CD for future
>> reference.
>>
>> As long as she doesn't do any 'house cleaning' on the laptop, all the info
>> is still there on the laptop hard drive.
>>
>> On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich <
>> jaldr...@blueridgecarpet.com> wrote:
>>
>> One of my users is in the middle of a nasty divorce with his wife. He’s
>> trying to install a keylogger on his company laptop so he can get access to
>> her email (she uses his company-provided laptop at home) and prove she’s
>> been cheating. Obviously Vipre doesn’t want to let him install it, but I
>> overrode Vipre and told it to unquarantine it. My question is, did I do the
>> right thing or should I make him uninstall it?
>>
>>
>>
>> [image: John-Aldrich][image: Tile-Tools]
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>


-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Any insight for me?

[Sean Martin]

There's no need for a public domain name internally. If you're going to go
through the trouble of changing it (which I have no personal experience
with) just use something like .local.

It sounds like the availability of the public domain name is your driving
force behind this idea. If you're not experiencing any issues with your
current configuration, and it's not preventing you from any future changes,
I'd say leave it alone.

We operate a split dns environment and it works just fine.

YMMV

- Sean

On Thu, Apr 15, 2010 at 10:59 AM, Kurt Buff  wrote:

> All,
>
> I have an interesting situation that has presented a need for a decision:
>
> I work for a medium sized company of around 250 people in three
> countries - US HQ, and much smaller offices in England and Australia.
>
> We have the .com domain for our company, but since joining the firm
> some years ago another company had the .net domain.
>
> I recently checked, and found that the .net domain is for sale - at
> nearly $800.00. That's pretty steep, but I'm considering recommending
> that we get it.
>
> We currently use our .com domain both internally and externally, with
> a split brain DNS, but I wouldn't mind at all using the .net domain
> internally.
>
> I believe that to fully implement the .net domain internally would
> require a domain rename, and we do use Exchange 2003, with a DC and an
> Exchange server in each office (2 DCs in the US office, one
> virtualized.)
>
> So, what are your thoughts on this? How much pain would be involved in
> making such a transition, and do you think it would be worth the
> effort? What (aside from not needing a split-brain DNS) would be the
> benefits, if any?
>
> Thanks,
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: KVM switch

[Pete Howard]

Ive had a good experience with Raritan for years when running the Paragon 
analog systems with dell, hp, ibm and cpq alphas. The old 16 port model 
attached to my workstation along with a few servers and test boxes has been 
also been flawless for years great. We had both Avocent and Raritan in a few 
moths ago for demos and everyone here thought Raritan was the winner by far 




From: David Lum 
To: NT System Admin Issues 
Sent: Thu, April 15, 2010 11:38:44 AM
Subject: RE: KVM switch

 
“As
for what to avoid, I have successfully avoided Raritan for years.”
 
LOL They chase you or something, ASB?
 
From:Andrew S. Baker
[mailto:asbz...@gmail.com] 
Sent: Thursday, April 15, 2010 5:27 AM
To: NT System Admin Issues
Subject: Re: KVM switch
 
Another
solid vote for Avocent.
 
I've had
one at home for 9 years now, and the ones that I've deployed at various
organizations have been rock solid.
 
As for what
to avoid, I have successfully avoided Raritan for years.

-ASB: http://XeeSM.com/AndrewBaker


On Wed, Apr 14, 2010 at 3:30 PM, Glen Johnson  wrote:
Looking
for recommendations for a replacement system.
Need
USB and PS2 connectivity.  One local user and one IP user.  Up to 32
servers.
Don’t
need serial or power control.
I’d
prefer cat5/6 cabling from the box to the servers to reduce cable clutter in
the 2 racks.
My
biggest concern is good IP control.  I’ve been burned once, bought a
StarView box that added IP/VNC control to an existing KVM system and it was
horrible.
It
would drop connections, screens weren’t clear and it was just no fun using
it.
So
what brands/models would you recommend or not recommend?
Thanks
Glen.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Andrew S. Baker]

There are times when it is far more helpful NOT to help someone.
Especially not the way they want to be helped.

This is one of those times.

You need to be as far from this train wreck as is humanly possible, unless
you have a desire to be a co-defendant in a subsequent lawsuit.
 Seriously.

This is one of the few times that every single person in an NTSYSADMIN
thread has essentially given the same advice.   You would do well to heed
it.

Any assistance you feel compelled to provide to him should be done verbally,
and should consist primarily of, "Here is a person that you can speak to who
might be able to help you..." If that.

-ASB: http://XeeSM.com/AndrewBaker


On Thu, Apr 15, 2010 at 2:46 PM, John Aldrich
wrote:

>  Hmm… $350/hour…that’s about 10x what I charge for PC work. J I think I
> may have to see if I can find out who his lawyer is and offer to help…for
> about 3 times my normal rate. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Jacob [mailto:ja...@excaliburfilms.com]
> *Sent:* Thursday, April 15, 2010 2:30 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Ethics issue
>
>
>
> Then his lawyer can get a subpoena from the court.
>
>
>
> Do not do a lawyers work.. unless you charge $350 per hour ;-)
>
>
>
> *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> *Sent:* Thursday, April 15, 2010 11:29 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Ethics issue
>
>
>
> Well, he says his lawyer wants access to her email and it’s easier/cheaper
> than getting a subpoena. I’ll check with management and see what they want
> to do.
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Daniel Rodriguez [mailto:drod...@gmail.com]
> *Sent:* Thursday, April 15, 2010 2:22 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Ethics issue
>
>
>
> I would not have done that. For one, that is a company supplied laptop. She
> has no business using, period! Two, instead of a keylogger why didn't you
> just look at the IE Cache folder? Anything she was accessing would be there,
> graphics, too. You could have copied this off to a CD for future reference.
>
> As long as she doesn't do any 'house cleaning' on the laptop, all the info
> is still there on the laptop hard drive.
>
> On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> One of my users is in the middle of a nasty divorce with his wife. He’s
> trying to install a keylogger on his company laptop so he can get access to
> her email (she uses his company-provided laptop at home) and prove she’s
> been cheating. Obviously Vipre doesn’t want to let him install it, but I
> overrode Vipre and told it to unquarantine it. My question is, did I do the
> right thing or should I make him uninstall it?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Any insight for me?

[Kurt Buff]

All,

I have an interesting situation that has presented a need for a decision:

I work for a medium sized company of around 250 people in three
countries - US HQ, and much smaller offices in England and Australia.

We have the .com domain for our company, but since joining the firm
some years ago another company had the .net domain.

I recently checked, and found that the .net domain is for sale - at
nearly $800.00. That's pretty steep, but I'm considering recommending
that we get it.

We currently use our .com domain both internally and externally, with
a split brain DNS, but I wouldn't mind at all using the .net domain
internally.

I believe that to fully implement the .net domain internally would
require a domain rename, and we do use Exchange 2003, with a DC and an
Exchange server in each office (2 DCs in the US office, one
virtualized.)

So, what are your thoughts on this? How much pain would be involved in
making such a transition, and do you think it would be worth the
effort? What (aside from not needing a split-brain DNS) would be the
benefits, if any?

Thanks,

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Ethics issue

[Orland, Kathleen]

His lawyer should not be communicating to you or anyone else in the company via 
him. 

Kathleen Orland
Please support me in my efforts: SPCA Friends for Life 2010 Walk-A-Thon
http://ontariospca.akaraisin.com/p/kathleenorland.aspx

  - Original Message - 
  From: John Aldrich 
  To: NT System Admin Issues 
  Sent: Thursday, April 15, 2010 2:28 PM
  Subject: RE: Ethics issue


  Well, he says his lawyer wants access to her email and it’s easier/cheaper 
than getting a subpoena. I’ll check with management and see what they want to 
do.

   



   

  From: Daniel Rodriguez [mailto:drod...@gmail.com] 
  Sent: Thursday, April 15, 2010 2:22 PM
  To: NT System Admin Issues
  Subject: Re: Ethics issue

   

  I would not have done that. For one, that is a company supplied laptop. She 
has no business using, period! Two, instead of a keylogger why didn't you just 
look at the IE Cache folder? Anything she was accessing would be there, 
graphics, too. You could have copied this off to a CD for future reference.

  As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.

  On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich  
wrote:

  One of my users is in the middle of a nasty divorce with his wife. He’s 
trying to install a keylogger on his company laptop so he can get access to her 
email (she uses his company-provided laptop at home) and prove she’s been 
cheating. Obviously Vipre doesn’t want to let him install it, but I overrode 
Vipre and told it to unquarantine it. My question is, did I do the right thing 
or should I make him uninstall it?

   



   

   

  

   

 


 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

Yep. Already done so and advised the user I can't let him install it after
all. J I didn't quite feel right about it. At a previous job, HR had me
going through user's computers and checking their internet history and
cookies, which kinda gave me mixed feelings, like this did. On that job,
though, I had the head of HR directly "requesting" it and it *was* a company
PC, which never left company property, so I think that was justified. (HR
actually caught one user looking at internet porn on the clock. Needless to
say he was fired!)

 

John-AldrichTile-Tools

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Thursday, April 15, 2010 2:38 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

 

Yup. Carl is right. Talk to HR and Management, there are possible legal
repercussions.

 

Warm regards,


Stu Sjouwerman

Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com


  

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Thursday, April 15, 2010 2:31 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

 

Wow... so much possible commentary, so little time...

 

In the middle of a nasty divorce, and she still has easy access to his
company-provided laptop for E-mail?  Hmm...

 

And she's stupid enough to write scandalous e-mails on his laptop?

 

First of all, users shouldn't be installing keyloggers on any company-owned
equipment, period.  Doesn't matter the reason, users are not authorized to
conduct surveillance, and in an ideal world, should not be authorized to
install non-company-provided software.  Net effect, you should have said
"can't help you and please uninstall that, it's against company policy, and
if you won't, I'll to take this matter to your boss/HR/whatever."

 

Carl

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 2:16 PM
To: NT System Admin Issues
Subject: Ethics issue

 

One of my users is in the middle of a nasty divorce with his wife. He's
trying to install a keylogger on his company laptop so he can get access to
her email (she uses his company-provided laptop at home) and prove she's
been cheating. Obviously Vipre doesn't want to let him install it, but I
overrode Vipre and told it to unquarantine it. My question is, did I do the
right thing or should I make him uninstall it?

 

John-Aldrich

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Ethics issue

[Pete Howard]

Agreed, even this post contains TMIFrom: Jonathan Link To: NT System Admin Issues Sent: Thu, April 15, 2010 2:46:53 PMSubject: Re: Ethics issue
Any assistance you provide in this matter could come back and bite...HARD.  Just stay away.
 
On Thu, Apr 15, 2010 at 2:44 PM, John Aldrich  wrote:



Yeah. I talked it over with my boss (CFO) and he said “NO!” I checked and the user was unable to bypass that protection from Vipre, so no harm, no foul. I did agree to help him get his home computer connected wirelessly and once he does that, he can refuse to let his soon-to-be ex use his company laptop. The CFO agreed for pretty much the same reason you did. J


 


 

From: Kevin Lundy [mailto:klu...@gmail.com] Sent: Thursday, April 15, 2010 2:26 PM 
To: NT System Admin IssuesSubject: Re: Ethics issue 


 

I'm not a lawyer, I don't play one on TV, etc

 

However, I suspect that if 

a) she discovers the invasion

b) and decides to pursue legally

then

c) you have exposed the company as a participant to the invasion of privacy

 

YMMV


On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich  wrote:



One of my users is in the middle of a nasty divorce with his wife. He’s trying to install a keylogger on his company laptop so he can get access to her email (she uses his company-provided laptop at home) and prove she’s been cheating. Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and told it to unquarantine it. My question is, did I do the right thing or should I make him uninstall it?

 


 
  
 
  
 
 


 

 




 

 

Re: Ethics issue

[Kevin Lundy]

I would suggest that he refuse to let his ex use the company laptop at all -
regardless if his home computer is connected or not.  The company laptop is
the COMPANY laptop.

On Thu, Apr 15, 2010 at 2:44 PM, John Aldrich
wrote:

>  Yeah. I talked it over with my boss (CFO) and he said “NO!” I checked and
> the user was unable to bypass that protection from Vipre, so no harm, no
> foul. I did agree to help him get his home computer connected wirelessly and
> once he does that, he can refuse to let his soon-to-be ex use his company
> laptop. The CFO agreed for pretty much the same reason you did. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Kevin Lundy [mailto:klu...@gmail.com]
> *Sent:* Thursday, April 15, 2010 2:26 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Ethics issue
>
>
>
> I'm not a lawyer, I don't play one on TV, etc
>
>
>
> However, I suspect that if
>
> a) she discovers the invasion
>
> b) and decides to pursue legally
>
> then
>
> c) you have exposed the company as a participant to the invasion of privacy
>
>
>
> YMMV
>
> On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> One of my users is in the middle of a nasty divorce with his wife. He’s
> trying to install a keylogger on his company laptop so he can get access to
> her email (she uses his company-provided laptop at home) and prove she’s
> been cheating. Obviously Vipre doesn’t want to let him install it, but I
> overrode Vipre and told it to unquarantine it. My question is, did I do the
> right thing or should I make him uninstall it?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[Senter, John]

How cheap is it going to be on the company if he gets into e-mail and she finds 
out you allowed the keylogger to be installed.  Now the company is liable for 
her invasion of privacy.  It is one thing if he did it without your knowledge 
but now the company has been informed and allowed the activity to happen.  I 
would remove it instantly and tell him that it is a personal issue and he will 
have to do that on his own.

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, April 15, 2010 2:29 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

Well, he says his lawyer wants access to her email and it’s easier/cheaper than 
getting a subpoena. I’ll check with management and see what they want to do.

[cid:image001.jpg@01CADCAA.D9D20050][cid:image002@01cadcaa.d9d20050]

From: Daniel Rodriguez [mailto:drod...@gmail.com]
Sent: Thursday, April 15, 2010 2:22 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

I would not have done that. For one, that is a company supplied laptop. She has 
no business using, period! Two, instead of a keylogger why didn't you just look 
at the IE Cache folder? Anything she was accessing would be there, graphics, 
too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.
On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich 
mailto:jaldr...@blueridgecarpet.com>> wrote:
One of my users is in the middle of a nasty divorce with his wife. He’s trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she’s been cheating. 
Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

[cid:image001.jpg@01CADCAA.D9D20050][cid:image002@01cadcaa.d9d20050]















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
<><>

RE: Ethics issue

[Terry Dickson]

We looked into several different keyloggers for a project in the past and found 
that on removal most left the system unstable, some left it unusable, just an 
FYI.

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, April 15, 2010 1:47 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

Hmm… $350/hour…that’s about 10x what I charge for PC work. ☺ I think I may have 
to see if I can find out who his lawyer is and offer to help…for about 3 times 
my normal rate. ☺

[John-Aldrich][Tile-Tools]

From: Jacob [mailto:ja...@excaliburfilms.com]
Sent: Thursday, April 15, 2010 2:30 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

Then his lawyer can get a subpoena from the court.

Do not do a lawyers work.. unless you charge $350 per hour ;-)

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, April 15, 2010 11:29 AM
To: NT System Admin Issues
Subject: RE: Ethics issue

Well, he says his lawyer wants access to her email and it’s easier/cheaper than 
getting a subpoena. I’ll check with management and see what they want to do.

[John-Aldrich][Tile-Tools]

From: Daniel Rodriguez [mailto:drod...@gmail.com]
Sent: Thursday, April 15, 2010 2:22 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

I would not have done that. For one, that is a company supplied laptop. She has 
no business using, period! Two, instead of a keylogger why didn't you just look 
at the IE Cache folder? Anything she was accessing would be there, graphics, 
too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.
On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich 
mailto:jaldr...@blueridgecarpet.com>> wrote:
One of my users is in the middle of a nasty divorce with his wife. He’s trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she’s been cheating. 
Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

[John-Aldrich][Tile-Tools]























~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~
<><>

Re: Ethics issue

[Jonathan Link]

Any assistance you provide in this matter could come back and bite...HARD.
Just stay away.



On Thu, Apr 15, 2010 at 2:44 PM, John Aldrich
wrote:

>  Yeah. I talked it over with my boss (CFO) and he said “NO!” I checked and
> the user was unable to bypass that protection from Vipre, so no harm, no
> foul. I did agree to help him get his home computer connected wirelessly and
> once he does that, he can refuse to let his soon-to-be ex use his company
> laptop. The CFO agreed for pretty much the same reason you did. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Kevin Lundy [mailto:klu...@gmail.com]
> *Sent:* Thursday, April 15, 2010 2:26 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Ethics issue
>
>
>
> I'm not a lawyer, I don't play one on TV, etc
>
>
>
> However, I suspect that if
>
> a) she discovers the invasion
>
> b) and decides to pursue legally
>
> then
>
> c) you have exposed the company as a participant to the invasion of privacy
>
>
>
> YMMV
>
> On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich <
> jaldr...@blueridgecarpet.com> wrote:
>
> One of my users is in the middle of a nasty divorce with his wife. He’s
> trying to install a keylogger on his company laptop so he can get access to
> her email (she uses his company-provided laptop at home) and prove she’s
> been cheating. Obviously Vipre doesn’t want to let him install it, but I
> overrode Vipre and told it to unquarantine it. My question is, did I do the
> right thing or should I make him uninstall it?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

Hmm… $350/hour…that’s about 10x what I charge for PC work. J I think I may have 
to see if I can find out who his lawyer is and offer to help…for about 3 times 
my normal rate. J

 

John-AldrichTile-Tools

 

From: Jacob [mailto:ja...@excaliburfilms.com] 
Sent: Thursday, April 15, 2010 2:30 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

 

Then his lawyer can get a subpoena from the court.

 

Do not do a lawyers work.. unless you charge $350 per hour ;-)

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 11:29 AM
To: NT System Admin Issues
Subject: RE: Ethics issue

 

Well, he says his lawyer wants access to her email and it’s easier/cheaper than 
getting a subpoena. I’ll check with management and see what they want to do.

 

John-AldrichTile-Tools

 

From: Daniel Rodriguez [mailto:drod...@gmail.com] 
Sent: Thursday, April 15, 2010 2:22 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

 

I would not have done that. For one, that is a company supplied laptop. She has 
no business using, period! Two, instead of a keylogger why didn't you just look 
at the IE Cache folder? Anything she was accessing would be there, graphics, 
too. You could have copied this off to a CD for future reference.

As long as she doesn't do any 'house cleaning' on the laptop, all the info is 
still there on the laptop hard drive.

On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich  
wrote:

One of my users is in the middle of a nasty divorce with his wife. He’s trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she’s been cheating. 
Obviously Vipre doesn’t want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

 

John-AldrichTile-Tools

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

Yeah. Didn't get installed, but I agreed to help the user on my own time
with his home PC. Once he gets it connected, my involvement ends. If he
manages to get the keylogger installed on that, I will have nothing to do
with it. All I'll have done is enabled him to connect his home computer to
the internet wirelessly. J

 

John-AldrichTile-Tools

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Thursday, April 15, 2010 2:31 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

 

Wow... so much possible commentary, so little time...

 

In the middle of a nasty divorce, and she still has easy access to his
company-provided laptop for E-mail?  Hmm...

 

And she's stupid enough to write scandalous e-mails on his laptop?

 

First of all, users shouldn't be installing keyloggers on any company-owned
equipment, period.  Doesn't matter the reason, users are not authorized to
conduct surveillance, and in an ideal world, should not be authorized to
install non-company-provided software.  Net effect, you should have said
"can't help you and please uninstall that, it's against company policy, and
if you won't, I'll to take this matter to your boss/HR/whatever."

 

Carl

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Thursday, April 15, 2010 2:16 PM
To: NT System Admin Issues
Subject: Ethics issue

 

One of my users is in the middle of a nasty divorce with his wife. He's
trying to install a keylogger on his company laptop so he can get access to
her email (she uses his company-provided laptop at home) and prove she's
been cheating. Obviously Vipre doesn't want to let him install it, but I
overrode Vipre and told it to unquarantine it. My question is, did I do the
right thing or should I make him uninstall it?

 

John-Aldrich

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[John Aldrich]

Yeah. I talked it over with my boss (CFO) and he said "NO!" I checked and
the user was unable to bypass that protection from Vipre, so no harm, no
foul. I did agree to help him get his home computer connected wirelessly and
once he does that, he can refuse to let his soon-to-be ex use his company
laptop. The CFO agreed for pretty much the same reason you did. J

 

John-AldrichTile-Tools

 

From: Kevin Lundy [mailto:klu...@gmail.com] 
Sent: Thursday, April 15, 2010 2:26 PM
To: NT System Admin Issues
Subject: Re: Ethics issue

 

I'm not a lawyer, I don't play one on TV, etc

 

However, I suspect that if 

a) she discovers the invasion

b) and decides to pursue legally

then

c) you have exposed the company as a participant to the invasion of privacy

 

YMMV

On Thu, Apr 15, 2010 at 2:15 PM, John Aldrich 
wrote:

One of my users is in the middle of a nasty divorce with his wife. He's
trying to install a keylogger on his company laptop so he can get access to
her email (she uses his company-provided laptop at home) and prove she's
been cheating. Obviously Vipre doesn't want to let him install it, but I
overrode Vipre and told it to unquarantine it. My question is, did I do the
right thing or should I make him uninstall it?

 

John-AldrichTile-Tools

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Ethics issue

[Stu Sjouwerman]

Yup. Carl is right. Talk to HR and Management, there are possible legal 
repercussions.

Warm regards,


Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com




From: Carl Houseman [mailto:c.house...@gmail.com]
Sent: Thursday, April 15, 2010 2:31 PM
To: NT System Admin Issues
Subject: RE: Ethics issue

Wow... so much possible commentary, so little time...

In the middle of a nasty divorce, and she still has easy access to his 
company-provided laptop for E-mail?  Hmm...

And she's stupid enough to write scandalous e-mails on his laptop?

First of all, users shouldn't be installing keyloggers on any company-owned 
equipment, period.  Doesn't matter the reason, users are not authorized to 
conduct surveillance, and in an ideal world, should not be authorized to 
install non-company-provided software.  Net effect, you should have said "can't 
help you and please uninstall that, it's against company policy, and if you 
won't, I'll to take this matter to your boss/HR/whatever."

Carl

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, April 15, 2010 2:16 PM
To: NT System Admin Issues
Subject: Ethics issue

One of my users is in the middle of a nasty divorce with his wife. He's trying 
to install a keylogger on his company laptop so he can get access to her email 
(she uses his company-provided laptop at home) and prove she's been cheating. 
Obviously Vipre doesn't want to let him install it, but I overrode Vipre and 
told it to unquarantine it. My question is, did I do the right thing or should 
I make him uninstall it?

[cid:image001.jpg@01CADCA9.48968C10]










~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>