Slightly OT: training space
Folks, We are moving to a new enterprise system here, and most staff need to be trained on it. This means we need space to accommodate large groups of people, possibly simultaneously. Our current training labs and various seminar rooms won't be large enough. My boss is thinking of renting trailers of some sort. Anyone else have any suggestions? We'd need the space for 5-7 months. I was thinking local schools (some have closed here but still operational otherwise). Connectivity would be desired, although I can bring in routers/switches and build a network if needed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Slightly OT: training space
Hampton University has a nice training lab on the the top floor of the library. You could check with them about renting it, but a 5-7 month gig is probably not feasible. http://cit.hamptonu.edu/inside_cit/departments/atm/ On the trailer side of things, Usry (based in Richmond) has a great reputation, but I don't know if they go all the way to your neck of the woods. It might be worth giving them a call. www.usryinc.com On Thu, Nov 18, 2010 at 8:47 AM, Tom Miller tmil...@hnncsb.org wrote: Folks, We are moving to a new enterprise system here, and most staff need to be trained on it. This means we need space to accommodate large groups of people, possibly simultaneously. Our current training labs and various seminar rooms won't be large enough. My boss is thinking of renting trailers of some sort. Anyone else have any suggestions? We'd need the space for 5-7 months. I was thinking local schools (some have closed here but still operational otherwise). Connectivity would be desired, although I can bring in routers/switches and build a network if needed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Backup Solutions
System Center Data Protection Manager? DPM is pretty cheap, has file level backup, and works with the volume snapshot service since it's a Microsoft product. Does disk-to-disk and disk-to-tape backup. It can also back up Exchange and Hyper-V. Licensed per client. Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Mark Robinson mark.robin...@cips.orgmailto:mark.robin...@cips.org Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Wed, 17 Nov 2010 04:20:32 -0500 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Backup Solutions Hi, Can anyone recommend a good value (i.e reasonably cheap), file-level backup solution for a small business? I just received a quote for Symantec Backup Exec 2010 and it is way out of our price range. Thanks, Mark IMPORTANT INFORMATION Internet communications are not secure and therefore CIPS does not accept legal responsibility for the contents of any e-mail message sent via this medium. The content of any e-mail communication is the view of the individual and CIPS does not accept legal liability for the contents. Although this message and any attachments are believed to be free of virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by CIPS for any loss or damage in any way arising from its use. CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, MS Project 2002. Please ensure that any files you send are compatible. The Chartered Institute of Purchasing Supply (CIPS) is an organisation incorporated under Royal Charter and is based at Easton House, Easton on the Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary company of CIPS, registered in England under number 2610367 and is registered at the address shown above. Both organisations operate under a group VAT registration number: 3426 489 42. -- Scanned by iCritical. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Backup exec 2010 r2
Some experience with vRanger – a little bit of a pain to set up, amazing when it works; however, SAN or NAS issues cripple it. Also has problems with very large (1TB+) VMs – the ESX server has a tendency to get stuck forever at taking the snapshot of the VM and you'll lose some performance not to mention a failed backup or twelve. File level restore of Windows guests is an amazing feature though. Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Harry Singh hbo...@gmail.commailto:hbo...@gmail.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Mon, 15 Nov 2010 16:27:58 -0500 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Backup exec 2010 r2 I'm torn between getting the licenses necessary to augment my current BE 2010 setup, VEAM or vRanger for backing up my VM's. curious to see if anyone has any experiences with any of these platforms. On Mon, Nov 15, 2010 at 4:21 PM, Cameron cameron.orl...@gmail.commailto:cameron.orl...@gmail.com wrote: I've played with VEEAM fairly recently for my ESXi box. Seemed to work ok and the speed on this version was not bad at all. I remember trying it before and the version then had REALLY bad performance. On Mon, Nov 15, 2010 at 4:16 PM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: Anyone here able to speak about something called VEEAM? Got a consultant who wants to get it for us to use to manage a couple virtualized servers. They said we'd need the paid-for version of VMWARE. :-( From: Damien Solodow [mailto:damien.solo...@harrison.edumailto:damien.solo...@harrison.edu] Sent: Monday, November 15, 2010 2:41 PM To: NT System Admin Issues Subject: Re: Backup exec 2010 r2 Yep. ESX and ESXi 4.1 and it just works. -- Sent using BlackBerry From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.commailto:luke.brumba...@butlerschein.com] Sent: Monday, November 15, 2010 02:37 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Backup exec 2010 r2 Anyone using backup exec 2010 r2 with VMWare agent? Are you backing up esxi versions? If so what are your feelings? Luke L. Brumbaugh Network Engineer Butler Animal Health Supply Ph:(614) 659-1736 ** CONFIDENTIALITY NOTICE - The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy all copies of this document. Thank you. Butler Schein Animal Health ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T
Re: Backup exec 2010 r2
+1 on the file level restores for Windows guest VMs. Very nifty. On 18 November 2010 14:51, Kramer, Jack jack.kra...@ur.msu.edu wrote: Some experience with vRanger – a little bit of a pain to set up, amazing when it works; however, SAN or NAS issues cripple it. Also has problems with very large (1TB+) VMs – the ESX server has a tendency to get stuck forever at taking the snapshot of the VM and you'll lose some performance not to mention a failed backup or twelve. File level restore of Windows guests is an amazing feature though. Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Harry Singh hbo...@gmail.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date: Mon, 15 Nov 2010 16:27:58 -0500 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Backup exec 2010 r2 I'm torn between getting the licenses necessary to augment my current BE 2010 setup, VEAM or vRanger for backing up my VM's. curious to see if anyone has any experiences with any of these platforms. On Mon, Nov 15, 2010 at 4:21 PM, Cameron cameron.orl...@gmail.com wrote: I've played with VEEAM fairly recently for my ESXi box. Seemed to work ok and the speed on this version was not bad at all. I remember trying it before and the version then had REALLY bad performance. On Mon, Nov 15, 2010 at 4:16 PM, John Aldrich jaldr...@blueridgecarpet.com wrote: Anyone here able to speak about something called VEEAM? Got a consultant who wants to get it for us to use to manage a couple virtualized servers. They said we'd need the paid-for version of VMWARE. :-( From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Monday, November 15, 2010 2:41 PM To: NT System Admin Issues Subject: Re: Backup exec 2010 r2 Yep. ESX and ESXi 4.1 and it just works. -- Sent using BlackBerry From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] Sent: Monday, November 15, 2010 02:37 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Backup exec 2010 r2 Anyone using backup exec 2010 r2 with VMWare agent? Are you backing up esxi versions? If so what are your feelings? Luke L. Brumbaugh Network Engineer Butler Animal Health Supply Ph:(614) 659-1736 ** CONFIDENTIALITY NOTICE - The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy all copies of this document. Thank you. Butler Schein Animal Health ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- On two occasions...I have been
RE: Slightly OT: training space
Our local libraries have meeting rooms and such that are available, yours might too. Again, 5-7 months is probably a stretch but you could always check. From: RS [mailto:rich...@gmail.com] Sent: Thursday, November 18, 2010 8:40 AM To: NT System Admin Issues Subject: Re: Slightly OT: training space Hampton University has a nice training lab on the the top floor of the library. You could check with them about renting it, but a 5-7 month gig is probably not feasible. http://cit.hamptonu.edu/inside_cit/departments/atm/ On the trailer side of things, Usry (based in Richmond) has a great reputation, but I don't know if they go all the way to your neck of the woods. It might be worth giving them a call. www.usryinc.com On Thu, Nov 18, 2010 at 8:47 AM, Tom Miller tmil...@hnncsb.org wrote: Folks, We are moving to a new enterprise system here, and most staff need to be trained on it. This means we need space to accommodate large groups of people, possibly simultaneously. Our current training labs and various seminar rooms won't be large enough. My boss is thinking of renting trailers of some sort. Anyone else have any suggestions? We'd need the space for 5-7 months. I was thinking local schools (some have closed here but still operational otherwise). Connectivity would be desired, although I can bring in routers/switches and build a network if needed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
You guys ever do this?
Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD...in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn't test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here's my oops: Back in April I contacted Dell and asked hey can this S/N PowerEdge run 2008 R2?. They replied yep, just update the firmware. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V rolethe CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can't...(insert forehead slapping DUH icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn't gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I'm not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Slightly OT: training space
I don't know where you are but I would think at this time many colleges/universities would have space and facilities to do this. I know our local community college (now a state college) and university both have space they rent out and if you want to rent the extra's they will supply hardware depending on your requirements. The community college has always proven to be a bit easier to deal with and been the fastest to get information from (like pricing and what extras they can or will supply). The university has always been a little slower and not as willing to help with some aspects of training they don't control. Jon On Thu, Nov 18, 2010 at 9:39 AM, RS rich...@gmail.com wrote: Hampton University has a nice training lab on the the top floor of the library. You could check with them about renting it, but a 5-7 month gig is probably not feasible. http://cit.hamptonu.edu/inside_cit/departments/atm/ On the trailer side of things, Usry (based in Richmond) has a great reputation, but I don't know if they go all the way to your neck of the woods. It might be worth giving them a call. www.usryinc.com On Thu, Nov 18, 2010 at 8:47 AM, Tom Miller tmil...@hnncsb.org wrote: Folks, We are moving to a new enterprise system here, and most staff need to be trained on it. This means we need space to accommodate large groups of people, possibly simultaneously. Our current training labs and various seminar rooms won't be large enough. My boss is thinking of renting trailers of some sort. Anyone else have any suggestions? We'd need the space for 5-7 months. I was thinking local schools (some have closed here but still operational otherwise). Connectivity would be desired, although I can bring in routers/switches and build a network if needed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: You guys ever do this?
What CPU is it? You need to have hardware virtualization assistance, and it must be enabled. Plan B: Put Windows 2003 back on the server you flattened, install VirtualBox on that server and run the VHD image you have. http://www.virtualbox.org/wiki/Downloads Then put 2008 R2 on the other box that is more capable. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD…in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn’t test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here’s my oops: Back in April I contacted Dell and asked “hey can this S/N PowerEdge run 2008 R2?”. They replied “yep, just update the firmware”. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V role….the CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can’t...(insert forehead slapping “DUH” icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn’t gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I’m not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: You guys ever do this?
In the BIOS... Shook From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, November 18, 2010 10:13 AM To: NT System Admin Issues Subject: Re: You guys ever do this? What CPU is it? You need to have hardware virtualization assistance, and it must be enabled. Plan B: Put Windows 2003 back on the server you flattened, install VirtualBox on that server and run the VHD image you have. http://www.virtualbox.org/wiki/Downloads Then put 2008 R2 on the other box that is more capable. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD...in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn't test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here's my oops: Back in April I contacted Dell and asked hey can this S/N PowerEdge run 2008 R2?. They replied yep, just update the firmware. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V rolethe CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can't...(insert forehead slapping DUH icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn't gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I'm not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: You guys ever do this?
Microsoft Virtual server will run your VHD. Have you placed a call into Dell to see if you can run the Hyper-V? I know I have had to turn on the VT technology in the BIOS on every machine I have touched from Dell. Why they don't turn it on by default is beyond me but that is just me. I have also run into a case with them saying yes but.. for the Dell PE 1950's (I think) with there being 2 differnet system boards one that did support Hyper-V the other did not. Pain in the rear to get them to tell me if the machine I had would or would not. Once I got that figured out I found they would not sell the system board that would support Hyper-V even though they admitted to having them. Jon On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD…in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn’t test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here’s my oops: Back in April I contacted Dell and asked “hey can this S/N PowerEdge run 2008 R2?”. They replied “yep, just update the firmware”. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V role….the CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can’t...(insert forehead slapping “DUH” icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn’t gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I’m not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: A Very Potter Musical
On Wed, Nov 17, 2010 at 5:31 PM, Steve Ens stevey...@gmail.com wrote: Abra Cadavra...hocus pocus... Abra Ca-pocus. Hocus-Cadabra I heat up, I can't cool down / My situation goes 'round and 'round -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
MAK and MKS?
Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: A Very Potter Musical
Are you spinning round and round sir? -sc -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, November 18, 2010 10:22 AM To: NT System Admin Issues Subject: Re: A Very Potter Musical On Wed, Nov 17, 2010 at 5:31 PM, Steve Ens stevey...@gmail.com wrote: Abra Cadavra...hocus pocus... Abra Ca-pocus. Hocus-Cadabra I heat up, I can't cool down / My situation goes 'round and 'round -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt- software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: You guys ever do this?
It's a PowerEdge 840 with a Pentium D CPU. Some of them came with Xeon's which would have met the requirements. Plan B is use an older server to have 2003 on it, put 2008 R2 on the newer box and migrate functions off the 2003 box as time allows. The 2008 system is now their file/print and the 2003 is DC/DNS/DHCP. Their other system that can run Hyper-V doesn't have the disk subsystem to support 17 users (SATA), what I want a 2nd Hyper-V system for is simply failover, as their existing SBS server is a Hyper-V VM. It doesn't have to be super fast on the failover system, just operable while I would be resolving whatever blew up the original host. Mainly I feel like an idiot for asking about 2008 R2 and not specifically Hyper-V. I am fortunate that the geekage I was attempting is not as important to my client as it is to me. They see it as their server got a currently-supported OS so they're better off now than they had been. Dave From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, November 18, 2010 7:13 AM To: NT System Admin Issues Subject: Re: You guys ever do this? What CPU is it? You need to have hardware virtualization assistance, and it must be enabled. Plan B: Put Windows 2003 back on the server you flattened, install VirtualBox on that server and run the VHD image you have. http://www.virtualbox.org/wiki/Downloads Then put 2008 R2 on the other box that is more capable. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD...in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn't test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here's my oops: Back in April I contacted Dell and asked hey can this S/N PowerEdge run 2008 R2?. They replied yep, just update the firmware. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V rolethe CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can't...(insert forehead slapping DUH icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn't gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I'm not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: MAK and MKS?
KMS is the acronym you are seeking. http://www.microsoft.com/licensing/existing-customers/product-activation.aspx Expand the first section on this page for details. -Jeff Steward On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MAK and MKS?
KMS. However it isn't really licensing. It is activation. If you go KMS you set up your own internal serverset up your computers/servers with no license code entered other than the KMS server. They automagically contact your internal KMS server to activate. How the license count is kept track of is a mystery to me. Everything I saw about it says that it does not count licensesit does not feed any count info to MS. It just checks that it is genuine. My suggestion is to use a 2008 R2 server for your KMS server. Other options might make it difficult to activate all the various products. Also, if you have MAK keys you can convert them to KMS no problem. From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, November 18, 2010 10:23 AM To: NT System Admin Issues Subject: MAK and MKS? Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: MAK and MKS?
KMS you mean? *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: You guys ever do this?
Deploy an iSCSI target on the Pendium D machine and run your VM on the other Hyper-V capable box with the disk targeted being the iSCSI you just deployed? Very kludgy but it could work. Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: David Lum david@nwea.orgmailto:david@nwea.org Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Thu, 18 Nov 2010 10:28:27 -0500 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: You guys ever do this? It’s a PowerEdge 840 with a Pentium D CPU. Some of them came with Xeon’s which would have met the requirements. Plan B is use an older server to have 2003 on it, put 2008 R2 on the newer box and migrate functions off the 2003 box as time allows. The 2008 system is now their file/print and the 2003 is DC/DNS/DHCP. Their other system that can run Hyper-V doesn’t have the disk subsystem to support 17 users (SATA), what I want a 2nd Hyper-V system for is simply failover, as their existing SBS server is a Hyper-V VM. It doesn’t have to be super fast on the failover system, just operable while I would be resolving whatever blew up the original host. Mainly I feel like an idiot for asking about 2008 R2 and not specifically Hyper-V. I am fortunate that the geekage I was attempting is not as important to my client as it is to me. They see it as their server got a currently-supported OS so they’re better off now than they had been. Dave From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, November 18, 2010 7:13 AM To: NT System Admin Issues Subject: Re: You guys ever do this? What CPU is it? You need to have hardware virtualization assistance, and it must be enabled. Plan B: Put Windows 2003 back on the server you flattened, install VirtualBox on that server and run the VHD image you have. http://www.virtualbox.org/wiki/Downloads Then put 2008 R2 on the other box that is more capable. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD…in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn’t test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here’s my oops: Back in April I contacted Dell and asked “hey can this S/N PowerEdge run 2008 R2?”. They replied “yep, just update the firmware”. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V role….the CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can’t...(insert forehead slapping “DUH” icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn’t gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I’m not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LDAPS Setup question
As it says: the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. That's the internal FQDN. If you want to use it externally, you are going to need something that does SSL termination and URL rewriting. Such as ISA or TMG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] Sent: Thursday, November 18, 2010 10:32 AM To: NT System Admin Issues Subject: LDAPS Setup question Hi Chaps, I'm trying to get LDAP over SSL set up on a Windows 2008 AD server. Before I order the SSL cert, I just want to check. The docs at the MS site say; When you request the certificate, specify the fully qualified domain name (FQDN) of the computer on which your AD LDS instance is running as the identifying name for the certificate. In other words, the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. Now, we want to use LDAPs both internally and externally. Am I right in thinking we can order a cert with the FQDN of ldap.mydomain.com and as long as that domain resolves to the LDAP/AD server both externally and internally it will be accepted? Or should we get a multiple host SSL cert, as we do with Exchange 2xxx, and register the netbios, internal FQDN (server.mydomain.local) and the external FQDN (ldap.mydomain.com) ? Olly [cid:image002.png@01CB870C.F5C13B70] Network Support Online Backups Server Management [http://www.g2support.com/googleapps.jpg] Tel: 0845 307 3443 Email: oliver.marsh...@g2support.commailto:oliver.marsh...@g2support.com Web: http://www.g2support.comhttp://www.g2support.com/ Twitter: g2supporthttp://twitter.com/home?stat...@g2support Newsletter: http://www.g2support.com/newsletter Mail: 2 Roundhill Road, Brighton, Sussex, BN2 3RF Have you said something nice about us to a friend or colleague ? Let us say thanks. Find out more at www.g2support.com/referralhttp://www.g2support.com/referral G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE BN3 7LE. Our registered company number is OC316341. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpginline: image002.png
RE: Slightly OT: training space
Your best bet might be a community center. Many larger libraries have meeting/conference rooms. 5-7 months might be a stretch though. Jim M From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, November 18, 2010 7:48 AM To: NT System Admin Issues Subject: Slightly OT: training space Folks, We are moving to a new enterprise system here, and most staff need to be trained on it. This means we need space to accommodate large groups of people, possibly simultaneously. Our current training labs and various seminar rooms won't be large enough. My boss is thinking of renting trailers of some sort. Anyone else have any suggestions? We'd need the space for 5-7 months. I was thinking local schools (some have closed here but still operational otherwise). Connectivity would be desired, although I can bring in routers/switches and build a network if needed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: MAK and MKS?
Thanks guys I knew I had it wrong. Yes KMS and I am proposing 2008 R2. We do the MAK now I am working on a proposal to use WDS as a stage one and switch to KMS licensing as a stage two. I think with the two of them in place life for the Application and Help Desk staffs would be much easier to deal with. Jon On Thu, Nov 18, 2010 at 10:31 AM, Andrew S. Baker asbz...@gmail.com wrote: KMS you mean? *ASB *(My XeeSM Profile) http://xeesm.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Um, WTF?
http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MAK and MKS?
KMS made my head explode setting it up. My problem was I made it far more complicated in my head that it really is. It was worth it, much easier to manage everythingtech's don't have to think about keys..so far no issues after about 2 months on it. We activate Office 2010, 2008 R2 and Win 7 with it. From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, November 18, 2010 10:44 AM To: NT System Admin Issues Subject: Re: MAK and MKS? Thanks guys I knew I had it wrong. Yes KMS and I am proposing 2008 R2. We do the MAK now I am working on a proposal to use WDS as a stage one and switch to KMS licensing as a stage two. I think with the two of them in place life for the Application and Help Desk staffs would be much easier to deal with. Jon On Thu, Nov 18, 2010 at 10:31 AM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: KMS you mean? ASB (My XeeSM Profile)http://xeesm.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.commailto:jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
Thanks for posting that link. First I've hear of it. SHUZMMM! On Thu, Nov 18, 2010 at 9:46 AM, David Lum david@nwea.org wrote: http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: MAK and MKS?
Do you use it in a multi-domain environment? Jon On Thu, Nov 18, 2010 at 10:46 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: KMS made my head explode setting it up. My problem was I made it far more complicated in my head that it really is. It was worth it, much easier to manage everything….tech’s don’t have to think about keys……so far no issues after about 2 months on it. We activate Office 2010, 2008 R2 and Win 7 with it. *From:* Jon Harris [mailto:jk.har...@gmail.com] *Sent:* Thursday, November 18, 2010 10:44 AM *To:* NT System Admin Issues *Subject:* Re: MAK and MKS? Thanks guys I knew I had it wrong. Yes KMS and I am proposing 2008 R2. We do the MAK now I am working on a proposal to use WDS as a stage one and switch to KMS licensing as a stage two. I think with the two of them in place life for the Application and Help Desk staffs would be much easier to deal with. Jon On Thu, Nov 18, 2010 at 10:31 AM, Andrew S. Baker asbz...@gmail.com wrote: KMS you mean? *ASB *(My XeeSM Profile) http://xeesm.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirecte d-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Ok so I'm behind the curve. BGP? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 8:20 AM To: NT System Admin Issues Subject: RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MAK and MKS?
Nope, single domain. But it looks like you can just set a reg key to publish it's DNS record to multiple domains. http://technet.microsoft.com/en-us/library/ff793409.aspx Scroll down to Publishing to Multiple DNS Domains From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, November 18, 2010 11:16 AM To: NT System Admin Issues Subject: Re: MAK and MKS? Do you use it in a multi-domain environment? Jon On Thu, Nov 18, 2010 at 10:46 AM, Kennedy, Jim kennedy...@elyriaschools.orgmailto:kennedy...@elyriaschools.org wrote: KMS made my head explode setting it up. My problem was I made it far more complicated in my head that it really is. It was worth it, much easier to manage everythingtech's don't have to think about keys..so far no issues after about 2 months on it. We activate Office 2010, 2008 R2 and Win 7 with it. From: Jon Harris [mailto:jk.har...@gmail.commailto:jk.har...@gmail.com] Sent: Thursday, November 18, 2010 10:44 AM To: NT System Admin Issues Subject: Re: MAK and MKS? Thanks guys I knew I had it wrong. Yes KMS and I am proposing 2008 R2. We do the MAK now I am working on a proposal to use WDS as a stage one and switch to KMS licensing as a stage two. I think with the two of them in place life for the Application and Help Desk staffs would be much easier to deal with. Jon On Thu, Nov 18, 2010 at 10:31 AM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: KMS you mean? ASB (My XeeSM Profile)http://xeesm.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.commailto:jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
http://en.wikipedia.org/wiki/Border_Gateway_Protocol On 18 November 2010 16:21, David Lum david@nwea.org wrote: Ok so I’m behind the curve. BGP? *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* Thursday, November 18, 2010 8:20 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 11:17 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP’s across the globe. Why you want to encrypt your sensitive traffic accordingly… (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 10:47 AM *To:* NT System Admin Issues *Subject:* Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
http://en.wikipedia.org/wiki/Border_Gateway_Protocol Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 8:20 AM To: NT System Admin Issues Subject: RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 8:20 AM To: NT System Admin Issues Subject: RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirecte d-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 8:20 AM To: NT System Admin Issues Subject: RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: MAK and MKS?
Again thanks a lot guys! I have enough of the proposal done now to allow me some rest. Jon On Thu, Nov 18, 2010 at 11:22 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Nope, single domain. But it looks like you can just set a reg key to publish it’s DNS record to multiple domains. http://technet.microsoft.com/en-us/library/ff793409.aspx Scroll down to “Publishing to Multiple DNS Domains” *From:* Jon Harris [mailto:jk.har...@gmail.com] *Sent:* Thursday, November 18, 2010 11:16 AM *To:* NT System Admin Issues *Subject:* Re: MAK and MKS? Do you use it in a multi-domain environment? Jon On Thu, Nov 18, 2010 at 10:46 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: KMS made my head explode setting it up. My problem was I made it far more complicated in my head that it really is. It was worth it, much easier to manage everything….tech’s don’t have to think about keys……so far no issues after about 2 months on it. We activate Office 2010, 2008 R2 and Win 7 with it. *From:* Jon Harris [mailto:jk.har...@gmail.com] *Sent:* Thursday, November 18, 2010 10:44 AM *To:* NT System Admin Issues *Subject:* Re: MAK and MKS? Thanks guys I knew I had it wrong. Yes KMS and I am proposing 2008 R2. We do the MAK now I am working on a proposal to use WDS as a stage one and switch to KMS licensing as a stage two. I think with the two of them in place life for the Application and Help Desk staffs would be much easier to deal with. Jon On Thu, Nov 18, 2010 at 10:31 AM, Andrew S. Baker asbz...@gmail.com wrote: KMS you mean? *ASB *(My XeeSM Profile) http://xeesm.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 10:23 AM, Jon Harris jk.har...@gmail.com wrote: Okay a lot caffeine and sleep deprived here. I know MAK is the sort of single use license. Is it MKS that uses the new licensing model and what is the name of the technology, please? I know after some sleep I will remember but hey I am sorry I want to get this proposal I am working on completed before I get to sleep. Thanks a bunch guys, Jon ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
Are we all not noobs most of the time with something? Jon On Thu, Nov 18, 2010 at 11:33 AM, David Lum david@nwea.org wrote: Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* Thursday, November 18, 2010 8:20 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 11:17 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP’s across the globe. Why you want to encrypt your sensitive traffic accordingly… (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 10:47 AM *To:* NT System Admin Issues *Subject:* Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 8:20 AM To: NT System Admin Issues Subject: RE: Um, WTF? Yep. BGP is not secure. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 11:17 AM To: NT System Admin Issues Subject: RE: Um, WTF? Dude that is old news, its been happening off and on for years by some of the major ISP's across the globe. Why you want to encrypt your sensitive traffic accordingly... (SSL, better yet, IPSEC (ESP)) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:47 AM To: NT System Admin Issues Subject: Um, WTF? http://blogs.mcafee.com/mcafee-labs/u-s-based-internet-traffic-redirected-to-china David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Backup Solutions
Sorry I'm late to this discussion. If you are not apposed to a linux backup server, I like BackupPC. File based backup with deduplication, Web interface, can backup client machines directly as well as the servers. Works with SMB, Rsync or SSH tunneled tar. Zero cost, and easy to install on Ubuntu. (just use the package manger and search for BackupPC.) BackupAssist appears to be the most cost effective windows-only solution. --Matt Ross Ephrata School District - Original Message - From: Mark Robinson [mailto:mark.robin...@cips.org] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Wed, 17 Nov 2010 01:20:32 -0800 Subject: Backup Solutions Hi, Can anyone recommend a good value (i.e reasonably cheap), file-level backup solution for a small business? I just received a quote for Symantec Backup Exec 2010 and it is way out of our price range. Thanks, Mark IMPORTANT INFORMATION Internet communications are not secure and therefore CIPS does not accept legal responsibility for the contents of any e-mail message sent via this medium. The content of any e-mail communication is the view of the individual and CIPS does not accept legal liability for the contents. Although this message and any attachments are believed to be free of virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by CIPS for any loss or damage in any way arising from its use. CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, MS Project 2002. Please ensure that any files you send are compatible. The Chartered Institute of Purchasing Supply (CIPS) is an organisation incorporated under Royal Charter and is based at Easton House, Easton on the Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary company of CIPS, registered in England under number 2610367 and is registered at the address shown above. Both organisations operate under a group VAT registration number: 3426 489 42. -- Scanned by iCritical. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Backup Solutions
If you don't need to backup all the clients, then WHS might be an option. Cluster level de-dupe. Image based restore (or file/folder if you want). Web based interface for accessing files outside the office (as well as a RDP proxy to the clients/servers). $600 or so if you want to buy it in a box (e.g. the HP MediaSmart). Only problem: limited to 10 clients (your servers can be clients) Cheers Ken From: Mark Robinson [mailto:mark.robin...@cips.org] Sent: Wednesday, 17 November 2010 7:11 PM To: NT System Admin Issues Subject: RE: Backup Solutions 3 servers, 10 clients...a monthly retention cycle is all that is required... Thanks From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: 17 November 2010 11:08 To: NT System Admin Issues Subject: RE: Backup Solutions How small is small? What are the data retention requirements? Windows Home Server is pretty cheap if the business is very small. Cheers Ken From: Mark Robinson [mailto:mark.robin...@cips.org] Sent: Wednesday, 17 November 2010 5:21 PM To: NT System Admin Issues Subject: Backup Solutions Hi, Can anyone recommend a good value (i.e reasonably cheap), file-level backup solution for a small business? I just received a quote for Symantec Backup Exec 2010 and it is way out of our price range. Thanks, Mark ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin IMPORTANT INFORMATION Internet communications are not secure and therefore CIPS does not accept legal responsibility for the contents of any e-mail message sent via this medium. The content of any e-mail communication is the view of the individual and CIPS does not accept legal liability for the contents. Although this message and any attachments are believed to be free of virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by CIPS for any loss or damage in any way arising from its use. CIPS runs the following software packages: MS Office Suite 2003, MS Visio 2003, MS Project 2002. Please ensure that any files you send are compatible. The Chartered Institute of Purchasing Supply (CIPS) is an organisation incorporated under Royal Charter and is based at Easton House, Easton on the Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a registered Charity number 1017938. CIPS Services Limited is a wholly owned subsidiary company of CIPS, registered in England under number 2610367 and is registered at the address shown above. Both organisations operate under a group VAT registration number: 3426 489 42. -- Scanned by iCritical. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LDAPS Setup question
You sure about this? It seems to me that you just need a generic server authentication OID. IN that case, the CN property in the cert just needs to match whatever FQDN is used to connect to the AD LDS instance. If that happens to be the same internally and externally, then there is no problem. Same as other types of server authN certs (e.g. web servers) Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, 18 November 2010 11:40 PM To: NT System Admin Issues Subject: RE: LDAPS Setup question As it says: the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. That's the internal FQDN. If you want to use it externally, you are going to need something that does SSL termination and URL rewriting. Such as ISA or TMG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] Sent: Thursday, November 18, 2010 10:32 AM To: NT System Admin Issues Subject: LDAPS Setup question Hi Chaps, I'm trying to get LDAP over SSL set up on a Windows 2008 AD server. Before I order the SSL cert, I just want to check. The docs at the MS site say; When you request the certificate, specify the fully qualified domain name (FQDN) of the computer on which your AD LDS instance is running as the identifying name for the certificate. In other words, the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. Now, we want to use LDAPs both internally and externally. Am I right in thinking we can order a cert with the FQDN of ldap.mydomain.com and as long as that domain resolves to the LDAP/AD server both externally and internally it will be accepted? Or should we get a multiple host SSL cert, as we do with Exchange 2xxx, and register the netbios, internal FQDN (server.mydomain.local) and the external FQDN (ldap.mydomain.com) ? Olly [cid:image002.png@01CB8780.4AF38CB0] Network Support Online Backups Server Management [http://www.g2support.com/googleapps.jpg] Tel: 0845 307 3443 Email: oliver.marsh...@g2support.commailto:oliver.marsh...@g2support.com Web: http://www.g2support.comhttp://www.g2support.com/ Twitter: g2supporthttp://twitter.com/home?stat...@g2support Newsletter: http://www.g2support.com/newsletter Mail: 2 Roundhill Road, Brighton, Sussex, BN2 3RF Have you said something nice about us to a friend or colleague ? Let us say thanks. Find out more at www.g2support.com/referralhttp://www.g2support.com/referral G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE BN3 7LE. Our registered company number is OC316341. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpginline: image002.png
RE: Um, WTF?
I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LDAPS Setup question
What external source are you trying to connect with? We run LDAPs externally for SAAS applications and we just send the vendor the public keys so they can make the connection. On Thu, Nov 18, 2010 at 8:10 AM, Oliver Marshall oliver.marsh...@g2support.com wrote: Thanks Michael, Does that mean that, without something like TMG, we can't actually get LDAPs working so that external boxes can authenticate against LDAP? I haven't seen that anywhere. Damn! -- G2 Support Network Support : Online Backups : Server Management Web: www.g2support.com Twitter: g2support http://twitter.com/home?stat...@g2support Newsletter: www.g2support.com/newsletter *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* 18 November 2010 15:40 *To:* NT System Admin Issues *Subject:* RE: LDAPS Setup question As it says: the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. That’s the internal FQDN. If you want to use it externally, you are going to need something that does SSL termination and URL rewriting. Such as ISA or TMG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Oliver Marshall [mailto:oliver.marsh...@g2support.com] *Sent:* Thursday, November 18, 2010 10:32 AM *To:* NT System Admin Issues *Subject:* LDAPS Setup question Hi Chaps, I'm trying to get LDAP over SSL set up on a Windows 2008 AD server. Before I order the SSL cert, I just want to check. The docs at the MS site say; When you request the certificate, specify the fully qualified domain name (FQDN) of the computer on which your AD LDS instance is running as the identifying name for the certificate. In other words, the server authentication certificate must be issued to the FQDN of the computer on which your AD LDS instance is running. Now, we want to use LDAPs both internally and externally. Am I right in thinking we can order a cert with the FQDN of ldap.mydomain.com and as long as that domain resolves to the LDAP/AD server both externally and internally it will be accepted? Or should we get a multiple host SSL cert, as we do with Exchange 2xxx, and register the netbios, internal FQDN (server.mydomain.local) and the external FQDN (ldap.mydomain.com) ? Olly Network Support Online Backups Server Management Tel: 0845 307 3443 Email: oliver.marsh...@g2support.com Web: http://www.g2support.com Twitter: g2support http://twitter.com/home?stat...@g2support Newsletter: http://www.g2support.com/newsletter Mail: 2 Roundhill Road, Brighton, Sussex, BN2 3RF Have you said something nice about us to a friend or colleague ? Let us say thanks. Find out more at www.g2support.com/referral G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE BN3 7LE. Our registered company number is OC316341. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage001.jpgimage002.png
Re: Um, WTF?
The most recent Network+ covers BGP and the other routing protocols, although not in great detail . . . From: Michael B. Smith Sent: Thursday, November 18, 2010 10:04 AM To: NT System Admin Issues Subject: RE: Um, WTF? I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
Yeah, I don't recall any basic course covering BGP unless it was at a very high level. (i.e. BGP = Border Gateway Protocol, the cat's meow to dynamic routing). Of course, I don't remember the last time I studied all things networking... On Thu, Nov 18, 2010 at 9:04 AM, Michael B. Smith mich...@smithcons.comwrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
I wouldn't think so. BGP is almost a course in itself. I know plenty about BGP, but there's plenty I don't know about BGP as well... On Thu, Nov 18, 2010 at 9:07 AM, James Winzenz james.winz...@hotmail.comwrote: The most recent Network+ covers BGP and the other routing protocols, although not in great detail . . . *From:* Michael B. Smith mich...@smithcons.com *Sent:* Thursday, November 18, 2010 10:04 AM *To:* NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com *Subject:* RE: Um, WTF? I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Sounds right. I had some Cisco classes over 10 years ago and I remember RIP and IGRP. I should take another router class to freshen up. One thing about IT, never a shortage of technology to learn! (says the guy who just built a TS gateway/web access server, TS broker, and 4 TS servers...). Dave From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, November 18, 2010 9:04 AM To: NT System Admin Issues Subject: RE: Um, WTF? I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
I hope you dont live in Colorado
Using stolen SSN isn't criminal impersonation, court says Colorado justices play legal Twister to overturn conviction http://www.networkworld.com/community/blog/using-stolen-ssn-isnt-crimina l-impersonation-?source=NWWNLE_nlt_security_2010-11-18 Honestly, I think the judges in this one got it all wrong. SO you steal another person PII (SSN number) and then Fraudulently use that piece of information to obtain a loan under false pretenses, and it isnt criminal? Or Impersonation? What was they smoking? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
OT I hope you dont live in Colorado
Ummm, how did that whole deal pass the credit check at the dealer? It says he used his real name and someone elses SSN Didn't anyone notice the dudes name and the name on the credit report for the social security number were different? From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 12:25 PM To: NT System Admin Issues Subject: I hope you dont live in Colorado Using stolen SSN isn't criminal impersonation, court says Colorado justices play legal Twister to overturn conviction http://www.networkworld.com/community/blog/using-stolen-ssn-isnt-criminal-impersonation-?source=NWWNLE_nlt_security_2010-11-18 Honestly, I think the judges in this one got it all wrong. SO you steal another person PII (SSN number) and then Fraudulently use that piece of information to obtain a loan under false pretenses, and it isnt criminal? Or Impersonation? What was they smoking? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: You guys ever do this?
Why do you need to buy $700 worth of ANOTHER 2008 Server OS ? If the only purpose of that is to run a Hyper-V host on standby hardware, just install the free Hyper-V server. Carl From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 10:04 AM To: NT System Admin Issues Subject: You guys ever do this? Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD.in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn't test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here's my oops: Back in April I contacted Dell and asked hey can this S/N PowerEdge run 2008 R2?. They replied yep, just update the firmware. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V role..the CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can't...(insert forehead slapping DUH icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn't gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I'm not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
KMS host question
Anyone know how to scroll through the output from this command slmgr -dli all It appears in a window with no scroll controls and is way longer than the screen. Slmgr -dli all test.txt doesn't work either. We're trying to see if the office 2010 key we entered is being accessed on the kms host. Thanks. Glen. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP -- common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com *From:* Ken Schaefer [mailto:k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company -- it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: A Very Potter Musical
Like a record, baby. On Thu, Nov 18, 2010 at 10:25 AM, Steven M. Caesare scaes...@caesare.com wrote: Are you spinning round and round sir? -sc -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, November 18, 2010 10:22 AM To: NT System Admin Issues Subject: Re: A Very Potter Musical On Wed, Nov 17, 2010 at 5:31 PM, Steve Ens stevey...@gmail.com wrote: Abra Cadavra...hocus pocus... Abra Ca-pocus. Hocus-Cadabra I heat up, I can't cool down / My situation goes 'round and 'round -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt- software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
On Thu, Nov 18, 2010 at 11:33 AM, David Lum david@nwea.org wrote: Why is it the more I learn the more ignorant I feel? The more I learn, the more I realize, the less I know. (Unknown) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
Hey don't feel bad, yesterday I just ordered the following books to come up to speed. HIPAA Security/Privacy Law Practical Guide Hacking Exposed Malware Hacking Exposed Computer Forensics Hacking Exposed Web Applications 3 SQL 2008 R2 unleashed SQL 2008 Administration On the docket, ISACA Exam and books for either CISA and/or CRISC and possibly the information for the C.E.H. And I still feel stupid some days on the stuff I have long forgotten... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Bill Humphries [mailto:nt...@hedgedigger.com] Sent: Thursday, November 18, 2010 1:29 PM To: NT System Admin Issues Subject: Re: Um, WTF? yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.comwrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Don Ely [mailto:don@gmail.com] Sent: Thursday, November 18, 2010 1:41 PM To: NT System Admin Issues Subject: Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.commailto:nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.comwrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 1:41 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
RE: Um, WTF?
BGP is also very helpful in companies with mixed vender gear. For instance we use it here as it makes the Junipers and Cisco and Palo Alto devices all play together nicely. From: Don Ely [mailto:don@gmail.com] Sent: Thursday, November 18, 2010 10:49 AM To: NT System Admin Issues Subject: Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Don Ely [mailto:don@gmail.commailto:don@gmail.com] Sent: Thursday, November 18, 2010 1:41 PM To: NT System Admin Issues Subject: Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.commailto:nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
Re: You guys ever do this?
Plan C: Put ESXi on the box, and run both of the VMs on it. I'm sitting in a VMWare 4.1 class this week, and I'm liking what I see, a lot... Kurt On Thu, Nov 18, 2010 at 07:13, Andrew S. Baker asbz...@gmail.com wrote: What CPU is it? You need to have hardware virtualization assistance, and it must be enabled. Plan B: Put Windows 2003 back on the server you flattened, install VirtualBox on that server and run the VHD image you have. http://www.virtualbox.org/wiki/Downloads Then put 2008 R2 on the other box that is more capable. ASB (My XeeSM Profile) Exploiting Technology for Business Advantage... On Thu, Nov 18, 2010 at 10:03 AM, David Lum david@nwea.org wrote: Back story: As I have discussed here earlier, I have a client that I was going to effectively P2V a server onto itself, and one tool I was pointed at was DISK2VHD…in tests I managed to get everything to look good, the DISK2VHD system worked fine on a different Hyper-V host, but what I couldn’t test was Hyper-V on the system itself before blowing away the existing 2K3 OS. Here’s my oops: Back in April I contacted Dell and asked “hey can this S/N PowerEdge run 2008 R2?”. They replied “yep, just update the firmware”. Last Friday I flatten the machine, install 2008 R2 with no issues, but when I got to add the Hyper-V role….the CPU does not support it, DAMN ME! What I did was ASSumed that being able to run 2008 R2 also meant it could run Hyper-V, but it can’t...(insert forehead slapping “DUH” icon here). In my head I had asked them about Hyper-V but looking back at my e-mails I only asked about R2 and not Hyper-V. Anyone here do something like that, and how did you remedy it? I had been prepared for almost anything - including this - so the client is operating fine but I didn’t gain the 2nd Hyper-V host server I was hoping for. They DO have another server that is Hyper-V capable but I’m not about to ask them to fork out $700 more for ANOTHER 2008 Server OS, so I am seeing if I can find it cheap (and legally) somewhere and out-of-pocket it. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: OT I hope you dont live in Colorado
I can't tell you how it didn't throw some kind of red flag, but a similar thing happened to me. When I was buying my first home many years ago, the credit check revealed that someone had used my SSN to get a loan on which they defaulted. As in this case, they didn't use my name or address. I never knew about it at all until the credit check. Fortunately, it didn't cause me any problems. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Thursday, November 18, 2010 12:41 PM To: NT System Admin Issues Subject: OT I hope you dont live in Colorado Ummm, how did that whole deal pass the credit check at the dealer? It says he used his real name and someone elses SSN Didn't anyone notice the dudes name and the name on the credit report for the social security number were different? From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 12:25 PM To: NT System Admin Issues Subject: I hope you dont live in Colorado Using stolen SSN isn't criminal impersonation, court says Colorado justices play legal Twister to overturn conviction http://www.networkworld.com/community/blog/using-stolen-ssn-isnt-crimina l-impersonation-?source=NWWNLE_nlt_security_2010-11-18 Honestly, I think the judges in this one got it all wrong. SO you steal another person PII (SSN number) and then Fraudulently use that piece of information to obtain a loan under false pretenses, and it isnt criminal? Or Impersonation? What was they smoking? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT I hope you dont live in Colorado
You are very lucky. On Thu, Nov 18, 2010 at 2:23 PM, Mayo, Bill bem...@pittcountync.gov wrote: I can't tell you how it didn't throw some kind of red flag, but a similar thing happened to me. When I was buying my first home many years ago, the credit check revealed that someone had used my SSN to get a loan on which they defaulted. As in this case, they didn't use my name or address. I never knew about it at all until the credit check. Fortunately, it didn't cause me any problems. -- *From:* Kennedy, Jim [mailto:kennedy...@elyriaschools.org] *Sent:* Thursday, November 18, 2010 12:41 PM *To:* NT System Admin Issues *Subject:* OT I hope you dont live in Colorado Ummm, how did that whole deal pass the credit check at the dealer? It says he used his real name and someone elses SSN Didn’t anyone notice the dudes name and the name on the credit report for the social security number were different? *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 12:25 PM *To:* NT System Admin Issues *Subject:* I hope you dont live in Colorado Using stolen SSN isn't criminal impersonation, court says Colorado justices play legal Twister to overturn conviction http://www.networkworld.com/community/blog/using-stolen-ssn-isnt-criminal-impersonation-?source=NWWNLE_nlt_security_2010-11-18 Honestly, I think the judges in this one got it all wrong. SO you steal another person PII (SSN number) and then Fraudulently use that piece of information to obtain a loan under false pretenses, and it isnt criminal? Or Impersonation? What was they smoking? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Um, WTF?
I have been there done that also, for a company of 100 or so employees. We hosted parts of a major vendors website (it's amazing how often that happens BTW) and had to have very reliable and redundant communications and server systems. Tim From: Don Ely [mailto:don@gmail.com] Sent: Thursday, November 18, 2010 12:49 PM To: NT System Admin Issues Subject: Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Don Ely [mailto:don@gmail.commailto:don@gmail.com] Sent: Thursday, November 18, 2010 1:41 PM To: NT System Admin Issues Subject: Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.commailto:nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that
RE: Um, WTF?
I see they don't have any commas in Oklahoma. Shook From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Thursday, November 18, 2010 2:38 PM To: NT System Admin Issues Subject: RE: Um, WTF? I have been there done that also, for a company of 100 or so employees. We hosted parts of a major vendors website (it's amazing how often that happens BTW) and had to have very reliable and redundant communications and server systems. Tim From: Don Ely [mailto:don@gmail.com] Sent: Thursday, November 18, 2010 12:49 PM To: NT System Admin Issues Subject: Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Don Ely [mailto:don@gmail.commailto:don@gmail.com] Sent: Thursday, November 18, 2010 1:41 PM To: NT System Admin Issues Subject: Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.commailto:nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I've never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP - common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, November 18, 2010 11:53 AM To: NT System Admin Issues Subject: RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, 19 November 2010 12:39 AM To: NT System Admin Issues Subject: RE: Um, WTF? If you've never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company - it's unlikely that you would've run into BGP or ASNs. We all have our areas of expertise. Don't ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:33 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ah. I have heard that term I just didn't connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I'm back to eh, I'm just a n00b... From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 8:28 AM To: NT System Admin Issues Subject: RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Thursday, November 18, 2010 11:21 AM To: NT System Admin Issues Subject: RE: Um, WTF? Ok so I'm behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
Error seizing schema master FSMO role in Win2003 AD
So I am setting up a testing version of my domain, to practice upgrading from Win2003 AD to Win2008 AD, by making a copy of my domain on my ESX cluster. We have a parent and child domain structure. I have 1 DC in each domain as a VM (each is a DNS server, but do *not* hold any FSMO roles). So I made a copy of each, and then started the copy on a separate virtual subnet on my ESX server (separate because it is not tied to any physical adapters, so the only things it can talk to are the other systems on this subnet). I changed the IP address to the new subnet, and then went to seize FSMO roles, so I could make a working copy of my domain, to play with. (I've done this before, successfully, using VMs) So I was able to seize 4 roles - domain naming master. infrastructure master, PDC, RID master - in that order. All was well. Then I tried to seize the schema master role, and got: fsmo maintenance: seize schema master Attempting safe transfer of schema FSMO before seizure. ldap_modify_sW error 0x32(50 (Insufficient Rights). Ldap extended error message is 2098: SecErr: DSID-03151D7D, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x2098(Insufficient access rights to perform the operation.) ) Depending on the error code this may indicate a connection, ldap, or role transfer error. Transfer of schema FSMO failed, proceeding with seizure ... ldap_modify of SD failed with 0x32(50 (Insufficient Rights). Ldap extended error message is 0005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x5(Access is denied.) And I don't know why, as I am using the domain administrator account, which *is* a member of Domain Admins, Enterprise Admins, and Schema Admins (I double-checked). And this DC is also a GC. So I don't know why I am getting insufficient access rights. Those 2 things (group membership, GC) seem to be the common culprit, according to searches). Where to look next? Did I seize them in the wrong order or something? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Um, WTF?
It helps get the sentence out Sooner. On Thu, Nov 18, 2010 at 2:39 PM, Andy Shook andy.sh...@peak10.com wrote: I see they don’t have any commas in Oklahoma. Shook *From:* Tim Vander Kooi [mailto:tvanderk...@expl.com] *Sent:* Thursday, November 18, 2010 2:38 PM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? I have been there done that also, for a company of 100 or so employees. We hosted parts of a major vendors website (it’s amazing how often that happens BTW) and had to have very reliable and redundant communications and server systems. Tim *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 12:49 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 1:41 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe
Re: Um, WTF?
They were voted out in the recent elections... On Thu, Nov 18, 2010 at 11:39 AM, Andy Shook andy.sh...@peak10.com wrote: I see they don’t have any commas in Oklahoma. Shook *From:* Tim Vander Kooi [mailto:tvanderk...@expl.com] *Sent:* Thursday, November 18, 2010 2:38 PM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? I have been there done that also, for a company of 100 or so employees. We hosted parts of a major vendors website (it’s amazing how often that happens BTW) and had to have very reliable and redundant communications and server systems. Tim *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 12:49 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 1:41 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body:
Re: Um, WTF?
OU did not just do that! On Thu, Nov 18, 2010 at 2:43 PM, Jonathan Link jonathan.l...@gmail.comwrote: It helps get the sentence out Sooner. On Thu, Nov 18, 2010 at 2:39 PM, Andy Shook andy.sh...@peak10.com wrote: I see they don’t have any commas in Oklahoma. Shook *From:* Tim Vander Kooi [mailto:tvanderk...@expl.com] *Sent:* Thursday, November 18, 2010 2:38 PM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? I have been there done that also, for a company of 100 or so employees. We hosted parts of a major vendors website (it’s amazing how often that happens BTW) and had to have very reliable and redundant communications and server systems. Tim *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 12:49 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? Not always. I did some work a few years back for a company with multiple T1's, multiple providers and they were only a 1 site, 100 user company. Their business model dictated that they needed multiple paths... On a 15 site dual MPLS WAN, I run BGP as well. It just depends on the needs. On Thu, Nov 18, 2010 at 10:42 AM, Michael B. Smith mich...@smithcons.com wrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 1:41 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
Re: Um, WTF?
Size isn't the main factor here. It's usually a need for redundancy across multiple sites or circuits. I worked in a location with 100 users (but ~175 servers) and we used BGP to manage our site redundancy between two office locations. *ASB *(My XeeSM Profile) http://XeeSM.com/AndrewBaker *Exploiting Technology for Business Advantage...* * * On Thu, Nov 18, 2010 at 1:42 PM, Michael B. Smith mich...@smithcons.comwrote: But big boys, right? Not your average SMORG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com *From:* Don Ely [mailto:don@gmail.com] *Sent:* Thursday, November 18, 2010 1:41 PM *To:* NT System Admin Issues *Subject:* Re: Um, WTF? To be fair, BGP is not just for ISP's... I've run BGP in quite a few companies depending on the needs... On Thu, Nov 18, 2010 at 10:28 AM, Bill Humphries nt...@hedgedigger.com wrote: yeah mainline courses like network+ do not get into ISP level routing tech. Bill Michael B. Smith wrote: I’ve never seen BGP covered in networking courses. Other than advanced Cisco courses. OSPF and RIP and IGRP – common interior protocols, yes; but not BGP. You must attend a better grade of schooling than I did. J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* Ken Schaefer [mailto:k...@adopenstatic.com k...@adopenstatic.com] *Sent:* Thursday, November 18, 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Any networking course should cover BGP. When I did my networking subjects, we have to cover OSPF, RIP, BGP etc. Cheers Ken *From:* Michael B. Smith [mailto:mich...@smithcons.commich...@smithcons.com] *Sent:* Friday, 19 November 2010 12:39 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? If you’ve never worked for an ISP, or acquired a CCNP (or higher), or worked for a telecommunications company – it’s unlikely that you would’ve run into BGP or ASNs. We all have our areas of expertise. Don’t ask me to set up KMS, for example (to reference another ongoing thread on this mailing list). I know zero about it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com http://theessentialexchange.com/ *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:33 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ah. I have heard that term I just didn’t connect it. Why is it the more I learn the more ignorant I feel? Some days I actually think I do know a lot and then something like this pops up and I’m back to “eh, I’m just a n00b…” *From:* Ziots, Edward [mailto:ezi...@lifespan.org ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 8:28 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Border Gateway Protocol Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* David Lum [mailto:david@nwea.org david@nwea.org] *Sent:* Thursday, November 18, 2010 11:21 AM *To:* NT System Admin Issues *Subject:* RE: Um, WTF? Ok so I’m behind the curve. BGP? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Error seizing schema master FSMO role in Win2003 AD - RESOLVED
Don't ask me to explain it, but I logged out of the domain admin account, and logged in as another account (which is *also* in the Domain Admins, Enterprise Admins, Schema Admins groups, exactly like the domain administrator account). And it worked perfectly, exactly as it should. Huh? I had even waited up to an hour, re-trying the command, thinking it was just the fact that it was trying to replicate (and couldn't). Weird. Anyway, off to do the child domain (seizing schema *first* this time, I think :-)), and then to do the metadata cleanup ... Thanks On 11/18/2010 2:41 PM, Mike Leone wrote: So I am setting up a testing version of my domain, to practice upgrading from Win2003 AD to Win2008 AD, by making a copy of my domain on my ESX cluster. We have a parent and child domain structure. I have 1 DC in each domain as a VM (each is a DNS server, but do *not* hold any FSMO roles). So I made a copy of each, and then started the copy on a separate virtual subnet on my ESX server (separate because it is not tied to any physical adapters, so the only things it can talk to are the other systems on this subnet). I changed the IP address to the new subnet, and then went to seize FSMO roles, so I could make a working copy of my domain, to play with. (I've done this before, successfully, using VMs) So I was able to seize 4 roles - domain naming master. infrastructure master, PDC, RID master - in that order. All was well. Then I tried to seize the schema master role, and got: fsmo maintenance: seize schema master Attempting safe transfer of schema FSMO before seizure. ldap_modify_sW error 0x32(50 (Insufficient Rights). Ldap extended error message is 2098: SecErr: DSID-03151D7D, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x2098(Insufficient access rights to perform the operation.) ) Depending on the error code this may indicate a connection, ldap, or role transfer error. Transfer of schema FSMO failed, proceeding with seizure ... ldap_modify of SD failed with 0x32(50 (Insufficient Rights). Ldap extended error message is 0005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x5(Access is denied.) And I don't know why, as I am using the domain administrator account, which *is* a member of Domain Admins, Enterprise Admins, and Schema Admins (I double-checked). And this DC is also a GC. So I don't know why I am getting insufficient access rights. Those 2 things (group membership, GC) seem to be the common culprit, according to searches). Where to look next? Did I seize them in the wrong order or something? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Metadata cleanup after a seize (was Error seizing schema master FSMO role...)
Now that raises an interesting question - what metadata cleanup is typically required after a role seizure? Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Mike Leone [oozerd...@gmail.com] Sent: Thursday, November 18, 2010 3:05 PM To: NT System Admin Issues Subject: Re: Error seizing schema master FSMO role in Win2003 AD - RESOLVED Don't ask me to explain it, but I logged out of the domain admin account, and logged in as another account (which is *also* in the Domain Admins, Enterprise Admins, Schema Admins groups, exactly like the domain administrator account). And it worked perfectly, exactly as it should. Huh? I had even waited up to an hour, re-trying the command, thinking it was just the fact that it was trying to replicate (and couldn't). Weird. Anyway, off to do the child domain (seizing schema *first* this time, I think :-)), and then to do the metadata cleanup ... Thanks On 11/18/2010 2:41 PM, Mike Leone wrote: So I am setting up a testing version of my domain, to practice upgrading from Win2003 AD to Win2008 AD, by making a copy of my domain on my ESX cluster. We have a parent and child domain structure. I have 1 DC in each domain as a VM (each is a DNS server, but do *not* hold any FSMO roles). So I made a copy of each, and then started the copy on a separate virtual subnet on my ESX server (separate because it is not tied to any physical adapters, so the only things it can talk to are the other systems on this subnet). I changed the IP address to the new subnet, and then went to seize FSMO roles, so I could make a working copy of my domain, to play with. (I've done this before, successfully, using VMs) So I was able to seize 4 roles - domain naming master. infrastructure master, PDC, RID master - in that order. All was well. Then I tried to seize the schema master role, and got: fsmo maintenance: seize schema master Attempting safe transfer of schema FSMO before seizure. ldap_modify_sW error 0x32(50 (Insufficient Rights). Ldap extended error message is 2098: SecErr: DSID-03151D7D, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x2098(Insufficient access rights to perform the operation.) ) Depending on the error code this may indicate a connection, ldap, or role transfer error. Transfer of schema FSMO failed, proceeding with seizure ... ldap_modify of SD failed with 0x32(50 (Insufficient Rights). Ldap extended error message is 0005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Win32 error returned is 0x5(Access is denied.) And I don't know why, as I am using the domain administrator account, which *is* a member of Domain Admins, Enterprise Admins, and Schema Admins (I double-checked). And this DC is also a GC. So I don't know why I am getting insufficient access rights. Those 2 things (group membership, GC) seem to be the common culprit, according to searches). Where to look next? Did I seize them in the wrong order or something? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
vipre: SVCHOST.EXE virus.
Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este facsímile, incluyendo lo adjunto, es para el uso exclusivo del destinatario(s) y puede contener información confidencial y/o información protegida de salud. En virtud de la Ley Federal (HIPAA), el destinatario tiene la obligación de mantener esta información segura y confidencial. Cualquier divulgación a terceros sin la autorización de los miembros de lo permitido por la ley está prohibido y penado en virtud de la Ley Federal. Si usted no es el destinatario, por favor, póngase en contacto con el remitente por teléfono y destruir todas las copias del mensaje original ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.comwrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:10 PM *To:* NT System Admin Issues *Subject:* vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Metadata cleanup after a seize (was Error seizing schema master FSMO role...)
On 11/18/2010 3:07 PM, Kramer, Jack wrote: Now that raises an interesting question - what metadata cleanup is typically required after a role seizure? You have to remove the non-existant DCs. You can't DCPROMO them down from being DCs, since they don't exist. :-) And you can't ignore them, otherwise AD spends all it's time trying to re-connect and replicate with its' lost brethren. So you have to tell AD to forget them. See http://support.microsoft.com/kb/216498 How to remove data in Active Directory after an unsuccessful domain controller demotion Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 From: Mike Leone [oozerd...@gmail.com] Sent: Thursday, November 18, 2010 3:05 PM To: NT System Admin Issues Subject: Re: Error seizing schema master FSMO role in Win2003 AD - RESOLVED Don't ask me to explain it, but I logged out of the domain admin account, and logged in as another account (which is *also* in the Domain Admins, Enterprise Admins, Schema Admins groups, exactly like the domain administrator account). And it worked perfectly, exactly as it should. Huh? I had even waited up to an hour, re-trying the command, thinking it was just the fact that it was trying to replicate (and couldn't). Weird. Anyway, off to do the child domain (seizing schema *first* this time, I think :-)), and then to do the metadata cleanup ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
I had one today Win32.Autorun.gen (v) Vipre detected it, but could not clean it. Malwarebytes (free) took care of it. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I?m a bit concerned the active scanner didn?t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
Interesting... My machine blue screened twice on me today, and another user's machine gave him the BSOD as well. Makes me wonder if maybe we dont have something on our machines. I'll run a quick check on mine and see if I find anything. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:23 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so Im a bit concerned the active scanner didnt pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:14 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:10 PM *To:* NT System Admin Issues *Subject:* vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS rich...@gmail.com wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals®(ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
Contact Support. It could be that you have a new variant that isn't picked up yet, and won't be until the A/V companies see it. -Jeff Steward On Thu, Nov 18, 2010 at 3:39 PM, justino garcia jgarciaitl...@gmail.comwrote: So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS rich...@gmail.com wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals®(ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
I am on hold with vipre tech... On Thu, Nov 18, 2010 at 3:39 PM, justino garcia jgarciaitl...@gmail.comwrote: So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS rich...@gmail.com wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals®(ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: vipre: SVCHOST.EXE virus.
The funny thing is, mcafee did catch it (I had to uninstall vipre, and use mcafee). On Thu, Nov 18, 2010 at 3:41 PM, justino garcia jgarciaitl...@gmail.comwrote: I am on hold with vipre tech... On Thu, Nov 18, 2010 at 3:39 PM, justino garcia jgarciaitl...@gmail.comwrote: So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS rich...@gmail.com wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 *www.aspca.org* http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals®(ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado
Re: vipre: SVCHOST.EXE virus.
I guess best is just to reimage / wipe / reimage the system. Ralph what do you use for reimage of the system? On Thu, Nov 18, 2010 at 3:46 PM, Ralph Smith m...@gatewayindustries.orgwrote: I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. -- *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:32 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.orgwrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:14 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:10 PM *To:* NT System Admin Issues *Subject:* vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. -- Justin IT-TECH ~
RE: vipre: SVCHOST.EXE virus.
Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o
RE: vipre: SVCHOST.EXE virus.
It depends on the machine. At various times we have used Norton Ghost, GhostImage, Drive Image XML and Acronis to create an image, so the appropriate tool is used to restore it. When we set up a new computer we create an image of the clean install, and then use that if we need to reimage it in the future. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:50 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. I guess best is just to reimage / wipe / reimage the system. Ralph what do you use for reimage of the system? On Thu, Nov 18, 2010 at 3:46 PM, Ralph Smith m...@gatewayindustries.org wrote: I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
RE: vipre: SVCHOST.EXE virus.
I’ll send you a bill. -sc From: RS [mailto:rich...@gmail.com] Sent: Thursday, November 18, 2010 3:34 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may
Re: vipre: SVCHOST.EXE virus.
So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.orgwrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. -- *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, November 18, 2010 3:51 PM *To:* NT System Admin Issues *Subject:* RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it’s the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Ralph Smith [mailto:m...@gatewayindustries.org] *Sent:* Thursday, November 18, 2010 3:47 PM *To:* NT System Admin Issues *Subject:* RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. -- *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:32 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:14 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com *From:* justino garcia [mailto:jgarciaitl...@gmail.com] *Sent:* Thursday, November 18, 2010 3:10 PM *To:* NT System Admin Issues *Subject:* vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
Re: vipre: SVCHOST.EXE virus.
I would think that Mr. McClary's brilliantly executed joke would be payment enough*, but if you require old fashioned monetary compensation I'll be happy to send a check. What's your address again? * Seriously, one of several great LOL moments today. On Thu, Nov 18, 2010 at 4:09 PM, Steven M. Caesare scaes...@caesare.comwrote: I’ll send you a bill. -sc *From:* RS [mailto:rich...@gmail.com] *Sent:* Thursday, November 18, 2010 3:34 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T
Re: vipre: SVCHOST.EXE virus.
His current location doesn't have postal service. On Thu, Nov 18, 2010 at 4:17 PM, RS rich...@gmail.com wrote: I would think that Mr. McClary's brilliantly executed joke would be payment enough*, but if you require old fashioned monetary compensation I'll be happy to send a check. What's your address again? * Seriously, one of several great LOL moments today. On Thu, Nov 18, 2010 at 4:09 PM, Steven M. Caesare scaes...@caesare.comwrote: I’ll send you a bill. -sc *From:* RS [mailto:rich...@gmail.com] *Sent:* Thursday, November 18, 2010 3:34 PM *To:* NT System Admin Issues *Subject:* Re: vipre: SVCHOST.EXE virus. Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group *ASPCA®* 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals®(ASPCA ®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I’m a bit concerned the active scanner didn’t pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run
RE: vipre: SVCHOST.EXE virus.
Reefer Madness? From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 3:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:10 PM To: NT System Admin Issues Subject: vipre: SVCHOST.EXE virus. Vipre did not detect it, or clean
RE: vipre: SVCHOST.EXE virus.
No, no and never heard of that show-no. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 4:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main)
RE: vipre: SVCHOST.EXE virus.
Not that kind of weed. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent: Thursday, November 18, 2010 4:31 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Reefer Madness? From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 3:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70's show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, it's the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren
RE: vipre: SVCHOST.EXE virus.
Seinfeld From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 4:32 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. No, no and never heard of that show-no. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, November 18, 2010 4:30 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Welcome back Kotter? That 70s show? FBI, with Inspector Erskine? From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, November 18, 2010 3:28 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I never thought the day would come!!! Vile weed! (who can tell me which TV show that line came from?) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 4:18 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So maybe facebook needs to be blocked, oh how horrible.. On Thu, Nov 18, 2010 at 4:14 PM, Ralph Smith m...@gatewayindustries.org wrote: Yes, that's it. We had one workstation that had the fake Thinkpoint scan running, so apparently VIPRE AP didn't block it from executing on that one. On every affected machine we have seen, looking at the browser history each user was on Facebook immediately prior to VIPRE AP reacting. I continue to try to educate users about safe surfing, but I may have to block Facebook if VIPRE is unable to deal with it soon. _ From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, November 18, 2010 3:51 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. Yep, that is a driveby malware we have seen accordingly, its the thinkpoint virus. C:\Documents and Settings\username\Application Data\hotfix.exe C:\Documents and Settings\username\Application Data\dkfjasdfshd.bat C:\Documents and Settings\username\Desktop\mstsc.exe Is what we saw in our inspect of some workstations. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, November 18, 2010 3:47 PM To: NT System Admin Issues Subject: RE: vipre: SVCHOST.EXE virus. I've seen on a few computers over the last couple of weeks where there is a file on the user's desktop called MSTSC.exe, and there are various executables scattered around in the user's profile with various names the same as or close to legitimate Windows files, including SVCHOST.EXE. I sent samples to the VIPRE folks a few times - haven't heard anything back. In my case VIPRE active protection kept blocking the execution of the files, but didn't recognize them as threats when doing a full scan. MalwareBytes found and cleaned a bunch of stuff, but the next time the computer was rebooted it was back. Trend also saw them but couldn't remove them. I've been wiping and re-imaging them. _ From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:32 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. The virus came in this morning, via the internet browser. hkey_users\default\software\Microsoft\Windows NT\Current backdoor-faaa!1 Torjan windows|Load hkey_users\s-1-5-19\Software\WIndows NT\CUrrent\ Backdoor-FAAA1! Torjan Internet Settigns [Proxy Server hkey_users\s-1-5-21-3786461165-302493939458-2064062449-500 On Thu, Nov 18, 2010 at 3:23 PM, Ziots, Edward ezi...@lifespan.org wrote: There was a post on ISC just a day or two ago about another version of Conficker B++ accordingly, making the rounds. Just an idea, but might be your culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, November 18, 2010 3:14 PM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. OH I yet to call them, I will call them soon, but want to see what the list says. But I wanted to see if the malling list saw this before.. Back-Door-F!1, is the name that mcafee detected it as. On Thu, Nov 18, 2010 at 3:11 PM, Jim Holmgren jholmg...@xlhealth.com wrote: What did Vipre Tech Support say when you called them? Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351
