date:20110518

On Wed, May 18, 2011 at 10:37 PM, Andrew S. Baker  wrote:
>>They were businesses interested in enterprise applications, which includes
>> things like security.
>
> While I've agreed with much of what you've said, I hope you really don't
> believe this one statement.

  Well, yes and no.  Certainly plenty of companies don't "get"
security (witness Sony).  Plenty of people pay lip service to it.  But
it isn't and wasn't like nobody wants this stuff.

  Granted, it seems like the people wanting this stuff are always in
the minority, and our pleas and warnings usually go unheard.  That's
another thing that's been around for decades...

> This is not about absolving Microsoft of any responsibilities (or
> acknowledging that post-internet computing is very different from
> pre-internet computing).

  One of the things I object to is this implication that computer
security was uncharted territory in 1993, that Microsoft had no  way
of knowing what they were getting into.  That's quite simply wrong.
Microsoft may have ignored what security experts were telling them,
but that was their choice.  The rainbow series was published in the
early 1980s.  The Morris worm happened in 1988 -- self-propagating
Internet malware; it knocked out a huge portion of the Internet at the
time.  It was the "Code Red" of its day (nailing Unix machines, I
might point out).

  The writing was on the wall.  Microsoft chose to ignore it.

  Present day, Sony did the same thing.

  Do companies learn from security history?  Apparently not.  Does
that make it okay?  No.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: [OT] Sony is down again

Earlier this week, I had the opportunity to be part of a roundtable event
discussing the Sony fiasco.

http://www.focus.com/events/it-security/focus-roundtable-sony-playstation-network-security-fiasco/

An MP3 is available of the event.

Sony
really doesn't have it together, and sadly they're not the only enterprise
that should know better and do better.  They just happened to be the
enterprise that got caught this past month.  Next month will undoubtedly be
someone else...



 *ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, May 18, 2011 at 1:48 PM, Ben Scott  wrote:

>  This is too good not to pass on.
>
>  So, we all know about the massive breach in Sony's security.
> Millions of customers had their personal info stolen.  As a result,
> Sony voluntarily shut down most of their online entertainment
> operations, including the PlayStation Network, and Qriocity (their
> streaming media Netflix-wannabe service).  It's been down going on
> five weeks now, but Sony has been turning things back on this week.
> Until now -- they've pulled the plug again.
>
>  Sony was asking people to reset their account passwords, and
> authenticating them with their email address and date-of-birth.
>
>  Email and DOB was among the information stolen.
>
> http://games.slashdot.org/story/11/05/18/151211/PSN-Up-And-Then-Down-Again
>
>  Great job Sony!  You really set a standard for corporate
> responsibility and security planning!
>
> -- Ben
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

I am reminded of the "golden" days of the internet, when it was possible to 
"net use * \\ftp.microsoft.com\c$".

That was, of course, when ftp.microsoft.com was a 
desktop computer running underneath some engineer's desk. I guess that was 
around 1991 - 1992, before Microsoft discovered the Internet.

The idea of "firewalls" hadn't been invented yet, or were very very rare.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Wednesday, May 18, 2011 10:39 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

+50

ASB (Professional Bio)
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 3:39 PM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
Security is about risk mitigation. Someone saying "I can provide total 
security" is either an idiot or dangerously naïve. It's also a process. 
Something that was reasonably secure 10 years ago is not reasonably secure 
today. The process is about maintaining standards (and process and procedure) 
as times change.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Guyer, Don [mailto:don.gu...@fiserv.com]
Sent: Wednesday, May 18, 2011 3:39 PM

To: NT System Admin Issues
Subject: RE: Interesting news from Apple

I remember, back in the day, one of the first things our NT4 MCSE instructor 
asked the class was "how can you make Windows NT4 secure"?

Don't remember what any of our answers were, but she said, "no, lock it in a 
closet with no network connection".

If IT security were only that easy...

Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com

From: Micheal Espinola Jr 
[mailto:michealespin...@gmail.com]
Sent: Wednesday, May 18, 2011 3:30 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

It certainly didn't start off "hardened".  It was quite the opposite.

--
ME2

On Wed, May 18, 2011 at 11:01 AM, John Cook 
mailto:john.c...@pfsf.org>> wrote:
Not to argue the point but NT is a version that was "hardened" for business 
use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was 
created as a consumer friendly OS, not a simplified Mainframe.

-Original Message-
From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in order to 
not scare off the consumer users and because of poorly behaved applications, 
even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
mailto:jaldr...@blueridgecarpet.com>> wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

 Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

 "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

 The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

 In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several

Re: Interesting news from Apple

+50



 *ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, May 18, 2011 at 3:39 PM, Michael B. Smith wrote:

>  Security is about risk mitigation. Someone saying “I can provide total
> security” is either an idiot or dangerously naïve. It’s also a process.
> Something that was reasonably secure 10 years ago is not reasonably secure
> today. The process is about maintaining standards (and process and
> procedure) as times change.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>
> *From:* Guyer, Don [mailto:don.gu...@fiserv.com]
> *Sent:* Wednesday, May 18, 2011 3:39 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Interesting news from Apple
>
>
>
> I remember, back in the day, one of the first things our NT4 MCSE
> instructor asked the class was “how can you make Windows NT4 secure”?
>
>
>
> Don’t remember what any of our answers were, but she said, “no, lock it in
> a closet with no network connection”.
>
>
>
> If IT security were only that easy…
>
>
>
> *Don Guyer*
>
> Windows Systems Engineer
>
> RIM Operations Engineering Distributed – A Team, Tier 2
>
> Enterprise Technology Group
>
> *Fiserv*
>
> don.gu...@fiserv.com
>
> Office: 1-800-523-7282 x 1673
>
> Fax: 610-233-0404
>
> www.fiserv.com
>
>
>
> *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
> *Sent:* Wednesday, May 18, 2011 3:30 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Interesting news from Apple
>
>
>
> It certainly didn't start off "hardened".  It was quite the opposite.
>
> --
> ME2
>
>
>
>
>
>
>
> On Wed, May 18, 2011 at 11:01 AM, John Cook  wrote:
>
> Not to argue the point but NT is a version that was "hardened" for business
> use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was
> created as a consumer friendly OS, not a simplified Mainframe.
>
>
> -Original Message-
> From: Michael B. Smith [mailto:mich...@smithcons.com]
> Sent: Wednesday, May 18, 2011 1:54 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Windows NT was never created as a consumer product.
>
> Choices were made in Windows XP that made it inherently less secure in
> order to not scare off the consumer users and because of poorly behaved
> applications, even then.
>
> We are still paying that price.
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
> -Original Message-
> From: John Cook [mailto:john.c...@pfsf.org]
> Sent: Wednesday, May 18, 2011 1:51 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Big difference is that 'nix was created as more of a professional level OS
> and Windows was created as a consumer product. It's pretty hard to "get the
> cat back in the bag" once it's out.
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Wednesday, May 18, 2011 1:36 PM
> To: NT System Admin Issues
> Subject: Re: Interesting news from Apple
>
> On Wed, May 18, 2011 at 12:25 PM, John Aldrich
>  wrote:
> > Mostly I was thinking of the typical Windows type
> > stuff where they trick you into downloading an EXE file and running it.
>
>  Same thing can happen on Linux.  And from the sound of the report,
> that's what's hitting the Mac's.  It's really just a social
> engineering attack: Trick the user into downloading and running
> malicious software.  There's not much you can do to combat that,
> except have the admins take away the ability for users to run
> software.  And that won't help home users who are their own admins.
>
>  "There are seldom good technological solutions to behavioral
> problems." (Ed Crowley)
>
>  The one thing traditional *nix systems have going for them is that
> it's easier to lock down the environment, since they've been doing
> that pretty much from the start.  Just mount /tmp and /home with
> "noexec" and users can't execute anything they can write to.
>
>  In the Windows world, you've got to deal with a fsckton of crappy
> software that breaks in weird ways when you try this or other
> nominally sensible things.  And I include Windows itself in that.
> Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
> via several methods, such as the command line.  So you either block
> .LNK files from running -- breaking *all user shortcuts*, including
> "Recent Documents" -- or you allow an obvious path for attackers.
> Great job Microsoft.
>
>  But that's not a security model thing, it's a crappy implementation
> thing.  You can work around it with enough time and money.  And
> someday Microsoft might fix their bugs, at least.  Dealing with the
> crappy third-party software... well, hopefully one has enough pull
> with one's vendors to have them fix their bugs.
>
> -- Ben
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

Re: Interesting news from Apple

*>>They were businesses interested in enterprise applications, which
includes things like security. *


While I've agreed with much of what you've said, I hope you really
don't believe this one statement.

This is not about absolving Microsoft of any responsibilities (or
acknowledging that post-internet computing is very different from
pre-internet computing).  Businesses might *say* that they are
interested in security, but I assure you that having worked
for/with/around many large organizations, there is much to be desired
in many of them when it comes to security -- even (especially) in
their enterprise apps.


And that was more true in the 90s...



*ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, May 18, 2011 at 2:48 PM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 2:35 PM, Steven Peck  wrote:
> > I am not sure it was entirely a 'mindset' issue either.  Keep in mind
> these
> > were the days of 486 and Pentium 100 system.
>
>   Computer security has been an identified issues since the 1950s, and
> well understood in the 1970s.  The NT kernel has (and had) almost
> ridiculously fine-grained security options.  The knowledge existing on
> the team, the capabilities were there.  They had all the pieces.
>
>  But they gave the first user an admin account by default.  Giving
> all users admin access was common.  There was the whole "Power User"
> thing, which has admin rights in all but name.  Their own software
> often did not run properly without admin rights.  Even today, their
> development tools (Visual Studio) have non-admin issues.  Back then it
> was impossible.
>
>  People say Microsoft's customers were demanding this for
> "compatibility", but I really don't think that explains it.  Companies
> who were rolling out NT weren't consumers.  They were businesses
> interested in enterprise applications, which includes things like
> security.  When Microsoft's own stuff needed admin rights; why would
> developers do anything different?
>
>  Microsoft came from the PC world, where the user sitting at the
> console had full access to everything, because it was "their" personal
> computer.  Their OSes before NT didn't have any security features,
> largely because the hardware didn't have any support for it.  It was
> the mode of operation Microsoft was used to, and it was how most of
> their own developers worked.
>
>  I'm not surprised it happened this way, but I think the world would
> have benefited tremendously from a little more foresight on
> Microsoft's part.
>
> -- Ben
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Question on PCI compliance

2011-05-18 Thread Erik Goldoff

GFI used to have a free/inexpensive SIM software ( System Integrity Monitor
) but don’t think that’s available anymore.  But if you Google for ‘system
integrity monitor free’ you’ll get a few hits on software you can test to
see if it meets your needs.  You’ll also need to have the web server
hardened ( what version OS, what version IIS ??) and verification that you
only collect card numbers under SSL connection, and that you only transmit
them on to the processor also via secure channel ( ssl, ipsec, etc )

 

Hit me up offline if you don’t find what you need.  I’ve brought a couple
SMB retail organizations into PCI compliance and presented some lectures,
webinars, and workshops on PCI compliance so I’ve got a sense of what can be
done within budget.

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Greg Olson [mailto:olson.g...@gmail.com] 
Sent: Wednesday, May 18, 2011 5:01 PM
To: NT System Admin Issues
Subject: Question on PCI compliance

 

Hi all, 

I have a quick question on pci compliance and how you guys\gals are handling
it for servers you have that take credit card data?

We have a small amount of servers that basically host the web code to take
cc info and its then passed on directly to the processor. Nothing stays on
the server at any time, but we would like to be able to pass a pci audit on
these servers which requires that we have "automated" software that monitors
and detects changes in the log files, and software that monitors key files
(windows directories, and our app directories) for any changes and sends out
an alert. 

We're looking at Tripwire product, but they seem pretty expensive for the
small amount of servers we're talking about. 

Any thoughts?

 

Thanks in advance. 

-Greg 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Question on PCI compliance

There are alternatives to TripWire, of course...

   - Verisys - http://www.ionx.co.uk/
   - CimTrak - http://www.cimcor.com/cimtrak-home
   - Various -
   http://www.windowsecurity.com/software/file-integrity-checkers/


It's going to cost something, but it is a worthy investment if you need to
be PCI compliant, or have other similar sensitive data to protect.



*ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, May 18, 2011 at 5:00 PM, Greg Olson  wrote:

>  Hi all,
>  I have a quick question on pci compliance and how you guys\gals are
> handling it for servers you have that take credit card data?
> We have a small amount of servers that basically host the web code to take
> cc info and its then passed on directly to the processor. Nothing stays on
> the server at any time, but we would like to be able to pass a pci audit on
> these servers which requires that we have "automated" software that monitors
> and detects changes in the log files, and software that monitors key files
> (windows directories, and our app directories) for any changes and sends out
> an alert.
> We're looking at Tripwire product, but they seem pretty expensive for the
> small amount of servers we're talking about.
> Any thoughts?
>
> Thanks in advance.
> -Greg
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Deny GP to single workstation

2011-05-18 Thread Groups

Hi folks,

It's been a long day after a long week after a long month... and my brain is
on vacation.
I have a GP in SBS2008 that sets the screen saver policy.
I don't want it to ally to a single Vista machine, so I have denied the
machine account under 
delegation, but it keeps showing up.

Could anyone be kind enough to tell me what I'm missing here?!

Thanks much.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Android Vulnerability

2011-05-18 Thread Angus Scott-Fleming

On 18 May 2011 at 13:09, Sam Cayze wrote:

> Actually, it looks like they are released an out of band patch to close the
> hole already today.
> http://www.pcmag.com/article2/0,2817,2385565,00.asp

Sounds much like this problem:

Firesheep - Wikipedia, the free encyclopedia 
http://en.wikipedia.org/wiki/Firesheep

[sigh]


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

I thought that where you put the power cord was called the "penismightier"
?  Clearly I've been doing something wrong for years...

--
ME2





On Wed, May 18, 2011 at 10:25 AM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 1:12 PM, Richard Stovall 
> wrote:
> > I just unpacked a new HP ProCurve switch.  There was a warning tape over
> the
> > receptacle for the power cord that had to be removed before plugging in
> the
> > switch.
>
>   Yah, they've been doing that for a number of years.
>
>  Someone prolly found the cord wouldn't fit, hotwired their router to
> a 440 volt outlet, and then sued HP when it caught on fire.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Sharepoint DocID Solved ??

2011-05-18 Thread S Powell

uninstall Infopath.

frak.  Yep, if Infopath is uninstalled the DocID link works.

what a great solution.  

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OT: Danger

2011-05-18 Thread Tom Miller

Sort of related, I heard on NPR today a report about these sort of "product 
advisements".  One of most humorous was a warning on a kid's scooter:  
"Warning:  device may move when in use".


>>> John Cook 05/18/11 1:47 PM >>>


NaN. 
NaN. 

v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}








 

 Richard Stovall [mailto:rich...@gmail.com] 
Sent: Wednesday, May 18, 2011 1:34 PM
To: NT System Admin Issues
Subject: Re: OT: Danger

 
I'm glad they're looking out for me, but it pushed back my whole deployment 
schedule when I had to RTFM.

On Wed, May 18, 2011 at 1:16 PM, John Cook  
wrote:


No doubt OSHA prompted to save your life. 
John W. Cook 
Systems Administrator 
Partnership for Strong Families

 




: Richard Stovall rich...@gmail.com> 
To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com> 
Sent: Wed May 18 13:12:15 2011
Subject: OT: Danger 




I just unpacked a new HP ProCurve switch.  There was a warning tape over the 
receptacle for the power cord that had to be removed before plugging in the 
switch.  It said:


 


"Refer to users guide for power supply cord instructions."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/"; 
target=_blank>http://lyris.sunbelt-software.com/read/my_forums/
or send an email to mailto:listmana...@lyris.sunbeltsoftware.com"; 
target=_blank>listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
 





CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.
This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/"; 
target=_blank>http://lyris.sunbelt-software.com/read/my_forums/
or send an email to mailto:listmana...@lyris.sunbeltsoftware.com"; 
target=_blank>listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.
This email and any attached files are confidential and intended

Re: SQL 2000 database to 2008R2

(Caveat: I'm not a DBA, and I've never played one on TV.)

The db may be a simple attach procedure, but DTS packages are apparently not
so transportable when moving to SSIS.  I don't know exactly what's stored in
the master db, but anything there would have to be re-created.  Etc...

On Wed, May 18, 2011 at 4:36 PM, James Kerr  wrote:

> Thanks for that. I didn't think it was going to be a big deal.
>
>
> On Wed, May 18, 2011 at 4:24 PM, Tigran K  wrote:
>
>> Should be as simple as attach. You can also set the db compatibility
>> back down to 2000 level.
>>
>> --Tigran
>>
>> On Wed, May 18, 2011 at 1:06 PM, James Kerr  wrote:
>> > I need to move a database from a 2003 server running SQL 2000 to a
>> machine
>> > running 2008R2 and SQL 2008R2. Should this be as easy as dismounting the
>> > database and copying over the database files to the new server or will
>> SQL
>> > 2008 require me to do some kind of upgrade to the database first?
>> >
>> > James
>> >
>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> > ~   ~
>> >
>> > ---
>> > To manage subscriptions click here:
>> > http://lyris.sunbelt-software.com/read/my_forums/
>> > or send an email to listmana...@lyris.sunbeltsoftware.com
>> > with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

If I recall correctly, there isn't a Apple fan-boy/girl on this planet that
has read that.

--
ME2



On Wed, May 18, 2011 at 9:15 AM, Michael White  wrote:

> If I recall correctly, there has been this recommendation in Apple
> Support documentation for years.  This isn't really anything new.
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Don Ely

Apples get worms. Macs get viruses.
On May 18, 2011 2:17 PM, "Jon Harris"  wrote:
> Tell that to Apple fan-boys and you will get looks saying you are crazy.
> Some will come out and call you stupid/crazy/whatever and then tell you
> Apples CAN'T get a virus.
>
> Jon
>
> On Wed, May 18, 2011 at 12:15 PM, Michael White wrote:
>
>> If I recall correctly, there has been this recommendation in Apple
>> Support documentation for years. This isn't really anything new.
>>
>> On Wed, May 18, 2011 at 8:27 AM, John Cook  wrote:
>> > Note – Rod Trent brought this to my attention via Linkedin..
>> >
>> >
>>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Jon Harris

Tell that to Apple fan-boys and you will get looks saying you are crazy.
Some will come out and call you stupid/crazy/whatever and then tell you
Apples CAN'T get a virus.

Jon

On Wed, May 18, 2011 at 12:15 PM, Michael White wrote:

> If I recall correctly, there has been this recommendation in Apple
> Support documentation for years.  This isn't really anything new.
>
> On Wed, May 18, 2011 at 8:27 AM, John Cook  wrote:
> > Note – Rod Trent brought this to my attention via Linkedin..
> >
> >
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Question on PCI compliance

2011-05-18 Thread Greg Olson

Hi all,
I have a quick question on pci compliance and how you guys\gals are handling
it for servers you have that take credit card data?
We have a small amount of servers that basically host the web code to take
cc info and its then passed on directly to the processor. Nothing stays on
the server at any time, but we would like to be able to pass a pci audit on
these servers which requires that we have "automated" software that monitors
and detects changes in the log files, and software that monitors key files
(windows directories, and our app directories) for any changes and sends out
an alert.
We're looking at Tripwire product, but they seem pretty expensive for the
small amount of servers we're talking about.
Any thoughts?

Thanks in advance.
-Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Steven Peck

and I think ours is that's sort of revisionist history.
On Wed, May 18, 2011 at 12:52 PM, Guyer, Don  wrote:

> Agreed. I think her point was more along the lines of how tough it is to
> bring systems to any level of “secure”.
>
>
>
> *Don Guyer*
>
> Windows Systems Engineer
>
> RIM Operations Engineering Distributed – A Team, Tier 2
>
> Enterprise Technology Group
>
> *Fiserv*
>
> don.gu...@fiserv.com
>
> Office: 1-800-523-7282 x 1673
>
> Fax: 610-233-0404
>
> www.fiserv.com
>
>
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Wednesday, May 18, 2011 3:40 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Interesting news from Apple
>
>
>
> Security is about risk mitigation. Someone saying “I can provide total
> security” is either an idiot or dangerously naïve. It’s also a process.
> Something that was reasonably secure 10 years ago is not reasonably secure
> today. The process is about maintaining standards (and process and
> procedure) as times change.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>
> *From:* Guyer, Don [mailto:don.gu...@fiserv.com]
> *Sent:* Wednesday, May 18, 2011 3:39 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Interesting news from Apple
>
>
>
> I remember, back in the day, one of the first things our NT4 MCSE
> instructor asked the class was “how can you make Windows NT4 secure”?
>
>
>
> Don’t remember what any of our answers were, but she said, “no, lock it in
> a closet with no network connection”.
>
>
>
> If IT security were only that easy…
>
>
>
> *Don Guyer*
>
> Windows Systems Engineer
>
> RIM Operations Engineering Distributed – A Team, Tier 2
>
> Enterprise Technology Group
>
> *Fiserv*
>
> don.gu...@fiserv.com
>
> Office: 1-800-523-7282 x 1673
>
> Fax: 610-233-0404
>
> www.fiserv.com
>
>
>
> *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
> *Sent:* Wednesday, May 18, 2011 3:30 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Interesting news from Apple
>
>
>
> It certainly didn't start off "hardened".  It was quite the opposite.
>
> --
> ME2
>
>
>
>
>
>
>
> On Wed, May 18, 2011 at 11:01 AM, John Cook  wrote:
>
> Not to argue the point but NT is a version that was "hardened" for business
> use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was
> created as a consumer friendly OS, not a simplified Mainframe.
>
>
> -Original Message-
> From: Michael B. Smith [mailto:mich...@smithcons.com]
> Sent: Wednesday, May 18, 2011 1:54 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Windows NT was never created as a consumer product.
>
> Choices were made in Windows XP that made it inherently less secure in
> order to not scare off the consumer users and because of poorly behaved
> applications, even then.
>
> We are still paying that price.
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
> -Original Message-
> From: John Cook [mailto:john.c...@pfsf.org]
> Sent: Wednesday, May 18, 2011 1:51 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Big difference is that 'nix was created as more of a professional level OS
> and Windows was created as a consumer product. It's pretty hard to "get the
> cat back in the bag" once it's out.
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Wednesday, May 18, 2011 1:36 PM
> To: NT System Admin Issues
> Subject: Re: Interesting news from Apple
>
> On Wed, May 18, 2011 at 12:25 PM, John Aldrich
>  wrote:
> > Mostly I was thinking of the typical Windows type
> > stuff where they trick you into downloading an EXE file and running it.
>
>  Same thing can happen on Linux.  And from the sound of the report,
> that's what's hitting the Mac's.  It's really just a social
> engineering attack: Trick the user into downloading and running
> malicious software.  There's not much you can do to combat that,
> except have the admins take away the ability for users to run
> software.  And that won't help home users who are their own admins.
>
>  "There are seldom good technological solutions to behavioral
> problems." (Ed Crowley)
>
>  The one thing traditional *nix systems have going for them is that
> it's easier to lock down the environment, since they've been doing
> that pretty much from the start.  Just mount /tmp and /home with
> "noexec" and users can't execute anything they can write to.
>
>  In the Windows world, you've got to deal with a fsckton of crappy
> software that breaks in weird ways when you try this or other
> nominally sensible things.  And I include Windows itself in that.
> Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
> via several methods, such as the command line.  So you either block
> .LNK files from running -- breaking *all user shortcuts*, including
> "Recent Documents" -- or you allow an obvious path for attackers.

Re: SQL 2000 database to 2008R2

2011-05-18 Thread James Kerr

Thanks for that. I didn't think it was going to be a big deal.

On Wed, May 18, 2011 at 4:24 PM, Tigran K  wrote:

> Should be as simple as attach. You can also set the db compatibility
> back down to 2000 level.
>
> --Tigran
>
> On Wed, May 18, 2011 at 1:06 PM, James Kerr  wrote:
> > I need to move a database from a 2003 server running SQL 2000 to a
> machine
> > running 2008R2 and SQL 2008R2. Should this be as easy as dismounting the
> > database and copying over the database files to the new server or will
> SQL
> > 2008 require me to do some kind of upgrade to the database first?
> >
> > James
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: SQL 2000 database to 2008R2

2011-05-18 Thread Tigran K

Should be as simple as attach. You can also set the db compatibility
back down to 2000 level.

--Tigran

On Wed, May 18, 2011 at 1:06 PM, James Kerr  wrote:
> I need to move a database from a 2003 server running SQL 2000 to a machine
> running 2008R2 and SQL 2008R2. Should this be as easy as dismounting the
> database and copying over the database files to the new server or will SQL
> 2008 require me to do some kind of upgrade to the database first?
>
> James
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Quick! iPhone Remote Wipe

Thanks Michael :)

-Sam

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Wednesday, May 18, 2011 3:14 PM
To: NT System Admin Issues
Subject: RE: Quick! iPhone Remote Wipe

You have to wipe to clear off the data.

Regards,

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

From: Sam Cayze [mailto:sca...@gmail.com] 
Sent: Wednesday, May 18, 2011 4:12 PM
To: NT System Admin Issues
Subject: Quick! iPhone Remote Wipe

If I delete the partnership for an ActiveSync/iPhone, what does that do?
I've disabled the Active Directory, so will contacts/email/etc still remain,
or will they erase next sync?

Do I need to wipe to actually get the contacts and email gone?

Looking elsewhere too.

Tia,

Sam

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Quick! iPhone Remote Wipe

You have to wipe to clear off the data.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Sam Cayze [mailto:sca...@gmail.com]
Sent: Wednesday, May 18, 2011 4:12 PM
To: NT System Admin Issues
Subject: Quick! iPhone Remote Wipe

If I delete the partnership for an ActiveSync/iPhone, what does that do?  I've 
disabled the Active Directory, so will contacts/email/etc still remain, or will 
they erase next sync?
Do I need to wipe to actually get the contacts and email gone?

Looking elsewhere too...
Tia,
Sam

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

2011-05-18 Thread Lewin, Greg

Thanks for all the ideas everyone.  I have some testing to do now.

From: Joe Morlino [mailto:islands...@comcast.net]
Sent: Wednesday, May 18, 2011 3:03 PM
To: NT System Admin Issues
Subject: RE: SMTP server

Sorry, typo it's www.stunnell.org ...


From: Joe Morlino [mailto:islands...@comcast.net]
Sent: Wednesday, May 18, 2011 2:58 PM
To: NT System Admin Issues
Subject: RE: SMTP server
Greg,
You might want to look at STunnel ( http://www.stunnel.com ) The scanner can 
connect to a machine running Stunnel and then it can send to a SSL SMTP like 
Gmail

Joe Morlino
Islands Computer
Beaufort, SC


From: Lewin, Greg [mailto:le...@infimed.com]
Sent: Wednesday, May 18, 2011 2:42 PM
To: NT System Admin Issues
Subject: SMTP server

We have a sister company that recently moved to Hosted Exchange 2010 and no 
longer have an SMTP server in house.  They have a old  copier that used to send 
emails via
The old internal Exchange server(5.5).  It does not have authentication 
capabilities, only the ability to send to an IP address.  They would like to be 
able to send mail to their internal users from this device.
I have a call into the Hosting company looking for suggestions.  I was 
wondering if you folks might have any ideas.

Thanks

Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

SQL 2000 database to 2008R2

2011-05-18 Thread James Kerr

I need to move a database from a 2003 server running SQL 2000 to a machine
running 2008R2 and SQL 2008R2. Should this be as easy as dismounting the
database and copying over the database files to the new server or will SQL
2008 require me to do some kind of upgrade to the database first?

James

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

Agreed. I think her point was more along the lines of how tough it is to bring 
systems to any level of "secure".

Don Guyer

Windows Systems Engineer

RIM Operations Engineering Distributed - A Team, Tier 2

Enterprise Technology Group

Fiserv

don.gu...@fiserv.com

Office: 1-800-523-7282 x 1673

Fax: 610-233-0404

www.fiserv.com  

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Wednesday, May 18, 2011 3:40 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Security is about risk mitigation. Someone saying "I can provide total 
security" is either an idiot or dangerously naïve. It's also a process. 
Something that was reasonably secure 10 years ago is not reasonably secure 
today. The process is about maintaining standards (and process and procedure) 
as times change.

Regards,

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

From: Guyer, Don [mailto:don.gu...@fiserv.com] 
Sent: Wednesday, May 18, 2011 3:39 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

I remember, back in the day, one of the first things our NT4 MCSE instructor 
asked the class was "how can you make Windows NT4 secure"?

Don't remember what any of our answers were, but she said, "no, lock it in a 
closet with no network connection". 

If IT security were only that easy...

Don Guyer

Windows Systems Engineer

RIM Operations Engineering Distributed - A Team, Tier 2

Enterprise Technology Group

Fiserv

don.gu...@fiserv.com

Office: 1-800-523-7282 x 1673

Fax: 610-233-0404

www.fiserv.com  

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Wednesday, May 18, 2011 3:30 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

It certainly didn't start off "hardened".  It was quite the opposite.

--
ME2

On Wed, May 18, 2011 at 11:01 AM, John Cook  wrote:

Not to argue the point but NT is a version that was "hardened" for business 
use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was 
created as a consumer friendly OS, not a simplified Mainframe.

-Original Message-
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in order to 
not scare off the consumer users and because of poorly behaved applications, 
even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

 Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

 "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

 The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

 In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

 But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- B

RE: Interesting news from Apple

Security is about risk mitigation. Someone saying "I can provide total 
security" is either an idiot or dangerously naïve. It's also a process. 
Something that was reasonably secure 10 years ago is not reasonably secure 
today. The process is about maintaining standards (and process and procedure) 
as times change.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Guyer, Don [mailto:don.gu...@fiserv.com]
Sent: Wednesday, May 18, 2011 3:39 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

I remember, back in the day, one of the first things our NT4 MCSE instructor 
asked the class was "how can you make Windows NT4 secure"?

Don't remember what any of our answers were, but she said, "no, lock it in a 
closet with no network connection".

If IT security were only that easy...

Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Wednesday, May 18, 2011 3:30 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

It certainly didn't start off "hardened".  It was quite the opposite.

--
ME2

On Wed, May 18, 2011 at 11:01 AM, John Cook 
mailto:john.c...@pfsf.org>> wrote:
Not to argue the point but NT is a version that was "hardened" for business 
use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was 
created as a consumer friendly OS, not a simplified Mainframe.

-Original Message-
From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in order to 
not scare off the consumer users and because of poorly behaved applications, 
even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
mailto:jaldr...@blueridgecarpet.com>> wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

 Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

 "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

 The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

 In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

 But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: Th

RE: Interesting news from Apple

I remember, back in the day, one of the first things our NT4 MCSE
instructor asked the class was "how can you make Windows NT4 secure"?

Don't remember what any of our answers were, but she said, "no, lock it
in a closet with no network connection". 

If IT security were only that easy...

Don Guyer

Windows Systems Engineer

RIM Operations Engineering Distributed - A Team, Tier 2

Enterprise Technology Group

Fiserv

don.gu...@fiserv.com

Office: 1-800-523-7282 x 1673

Fax: 610-233-0404

www.fiserv.com  

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Wednesday, May 18, 2011 3:30 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

It certainly didn't start off "hardened".  It was quite the opposite.

--
ME2

On Wed, May 18, 2011 at 11:01 AM, John Cook  wrote:

Not to argue the point but NT is a version that was "hardened" for
business use, Windows (WFW, 3.11, 98, whatever you want to use as the
baseline) was created as a consumer friendly OS, not a simplified
Mainframe.

-Original Message-
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in
order to not scare off the consumer users and because of poorly behaved
applications, even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level
OS and Windows was created as a consumer product. It's pretty hard to
"get the cat back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running
it.

 Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

 "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

 The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

 In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

 But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or
entity to which it is addressed and may contain Protected Health
Information (PHI), confidential and/or privileged material. Any review,
transmission, dissemination, or other use of, and taking any action in
reliance upon this information by persons or entities other than the
intended recipient without the express written consent of the sender are
prohibited. This information may be protected by the Health Insurance
Portability and Accountability Act of 1996 (HIPAA), and other Federal
and Florida laws. Improper or unauthorized use or disclosure of this
information could result in civil and/or criminal penalties.
 Consider the environment. Ple

Re: Interesting news from Apple

It certainly didn't start off "hardened".  It was quite the opposite.

--
ME2





On Wed, May 18, 2011 at 11:01 AM, John Cook  wrote:

> Not to argue the point but NT is a version that was "hardened" for business
> use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was
> created as a consumer friendly OS, not a simplified Mainframe.
>
> -Original Message-
> From: Michael B. Smith [mailto:mich...@smithcons.com]
> Sent: Wednesday, May 18, 2011 1:54 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Windows NT was never created as a consumer product.
>
> Choices were made in Windows XP that made it inherently less secure in
> order to not scare off the consumer users and because of poorly behaved
> applications, even then.
>
> We are still paying that price.
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
> -Original Message-
> From: John Cook [mailto:john.c...@pfsf.org]
> Sent: Wednesday, May 18, 2011 1:51 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> Big difference is that 'nix was created as more of a professional level OS
> and Windows was created as a consumer product. It's pretty hard to "get the
> cat back in the bag" once it's out.
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Wednesday, May 18, 2011 1:36 PM
> To: NT System Admin Issues
> Subject: Re: Interesting news from Apple
>
> On Wed, May 18, 2011 at 12:25 PM, John Aldrich
>  wrote:
> > Mostly I was thinking of the typical Windows type
> > stuff where they trick you into downloading an EXE file and running it.
>
>  Same thing can happen on Linux.  And from the sound of the report,
> that's what's hitting the Mac's.  It's really just a social
> engineering attack: Trick the user into downloading and running
> malicious software.  There's not much you can do to combat that,
> except have the admins take away the ability for users to run
> software.  And that won't help home users who are their own admins.
>
>  "There are seldom good technological solutions to behavioral
> problems." (Ed Crowley)
>
>  The one thing traditional *nix systems have going for them is that
> it's easier to lock down the environment, since they've been doing
> that pretty much from the start.  Just mount /tmp and /home with
> "noexec" and users can't execute anything they can write to.
>
>  In the Windows world, you've got to deal with a fsckton of crappy
> software that breaks in weird ways when you try this or other
> nominally sensible things.  And I include Windows itself in that.
> Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
> via several methods, such as the command line.  So you either block
> .LNK files from running -- breaking *all user shortcuts*, including
> "Recent Documents" -- or you allow an obvious path for attackers.
> Great job Microsoft.
>
>  But that's not a security model thing, it's a crappy implementation
> thing.  You can work around it with enough time and money.  And
> someday Microsoft might fix their bugs, at least.  Dealing with the
> crappy third-party software... well, hopefully one has enough pull
> with one's vendors to have them fix their bugs.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
> attached to or with this Notice is intended only for the person or entity to
> which it is addressed and may contain Protected Health Information (PHI),
> confidential and/or privileged material. Any review, transmission,
> dissemination, or other use of, and taking any action in reliance upon this
> information by persons or entities other than the intended recipient without
> the express written consent of the sender are prohibited. This information
> may be protected by the Health Insurance Portability and Accountability Act
> of 1996 (HIPAA), and other Federal and Florida laws. Improper or
> unauthorized use or disclosure of this information could result in civil
> and/or criminal penalties.
>  Consider the environment. Please don't print this e-mail unless you really
> need to.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To man

Re: Interesting news from Apple

On Wed, May 18, 2011 at 2:55 PM, John Cook  wrote:
> "NT was never a "mainframe" OS" - I was actually
> referring to Linux as a slimmed down mainframe.

  Unix incubated on the DEC PDP-7 minicomputer platform.  It probabbly
some of its biggest early use on the VAX -- yet another DEC mini.
*nix never really got much traction in the mainframe world until IBM
ported Linux to the S/390 (now "z Server") architecture.

> We can debate the NT OS kernel all day but in the end
> it still had basic Windows genes (flaws)

  The NT kernel has no "classic Windows" code.  It didn't even get the
*name* Windows until fairly late in it's development.  I don't know
how to make that any clearer to you.

  You can get the source and check yourself if you don't believe me --
the NT 4.0 code was stolen and circulated publicaly several years
back.  I bet  you can find it on file sharing sites.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: SMTP server

2011-05-18 Thread Steven Peck

We just tossed IIS on a box of our dev/pre environment and lock it down by
IP address.  You can use user authentication if you want though.  You should
have some sort of restrictions on the system.

Any automation senders we have a documented company formart for this type of
thing
noreply-@example.com

We require an applicationName or some identifier intheir so that should
their script go beserk we can more easily hunt down the offender by glancing
at logs instead of really digging into them

Steven Peck
http://www.blkmtn.org




On Wed, May 18, 2011 at 11:42 AM, Lewin, Greg  wrote:

>
>
> We have a sister company that recently moved to Hosted Exchange 2010 and no
> longer have an SMTP server in house.  They have a old  copier that used to
> send emails via
>
> The old internal Exchange server(5.5).  It does not have authentication
> capabilities, only the ability to send to an IP address.  They would like to
> be able to send mail to their internal users from this device.
>
> I have a call into the Hosting company looking for suggestions.  I was
> wondering if you folks might have any ideas.
>
>
>
> Thanks
>
>
>
> Greg
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

2011-05-18 Thread Joe Morlino

Sorry, typo it's www.stunnell.org ...

  _  

From: Joe Morlino [mailto:islands...@comcast.net] 
Sent: Wednesday, May 18, 2011 2:58 PM
To: NT System Admin Issues
Subject: RE: SMTP server


Greg,
You might want to look at STunnel ( http://www.stunnel.com ) The scanner can
connect to a machine running Stunnel and then it can send to a SSL SMTP like
Gmail
 
Joe Morlino
Islands Computer
Beaufort, SC

  _  

From: Lewin, Greg [mailto:le...@infimed.com] 
Sent: Wednesday, May 18, 2011 2:42 PM
To: NT System Admin Issues
Subject: SMTP server



 

We have a sister company that recently moved to Hosted Exchange 2010 and no
longer have an SMTP server in house.  They have a old  copier that used to
send emails via

The old internal Exchange server(5.5).  It does not have authentication
capabilities, only the ability to send to an IP address.  They would like to
be able to send mail to their internal users from this device.

I have a call into the Hosting company looking for suggestions.  I was
wondering if you folks might have any ideas.  

 

Thanks

 

Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

2011-05-18 Thread Joe Morlino

Greg,
You might want to look at STunnel ( http://www.stunnel.com ) The scanner can
connect to a machine running Stunnel and then it can send to a SSL SMTP like
Gmail
 
Joe Morlino
Islands Computer
Beaufort, SC

  _  

From: Lewin, Greg [mailto:le...@infimed.com] 
Sent: Wednesday, May 18, 2011 2:42 PM
To: NT System Admin Issues
Subject: SMTP server



 

We have a sister company that recently moved to Hosted Exchange 2010 and no
longer have an SMTP server in house.  They have a old  copier that used to
send emails via

The old internal Exchange server(5.5).  It does not have authentication
capabilities, only the ability to send to an IP address.  They would like to
be able to send mail to their internal users from this device.

I have a call into the Hosting company looking for suggestions.  I was
wondering if you folks might have any ideas.  

 

Thanks

 

Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

"NT was never a "mainframe" OS" - I was actually referring to Linux as a 
slimmed down mainframe. We can debate the NT OS kernel all day but in the end 
it still had basic Windows genes (flaws)

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 2:22 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 2:01 PM, John Cook  wrote:
> Not to argue the point ...

  No, that's exactly what you're doing.  Arguing the point.  :)

> ... but NT is a version that was "hardened" for business use ...

  The core of NT is a completely new operating system.  It is not
derived from MS-DOS or the "classic Windows" code base.  The UI,
shell, and various other bits and pieces that ride on top of the OS
were based on the classic code, but the security model comes from the
NT OS.

  I do disagree with MBS on one count: Bad decisions affecting
security were being made from the first days of NT 3.1.  The whole
system could have been more secure, but Microsoft still had the "PC
mindset".  The default config was nowhere near as secure as it should
have been.  That set a precedent we're still paying for, almost two
decades later.

> Windows (WFW, 3.11, 98, whatever you want to use as the baseline)
> was created as a consumer friendly OS, not a simplified Mainframe.

  NT was never a "mainframe" OS.

  NT began life as a research project at DEC, where Dave Cutler was
developing an OS he intended to succeed VMS, DEC's minicomputer OS.
Microsoft hired Cutler away from DEC, and the work he was doing on the
new OS was put toward Microsoft's New Technology OS project.  MSFT's
original plan was for NT to be "NT OS/2", AKA "OS/2 3.0".  Then IBM
and MSFT had their falling out.  NT was finally released to the public
as "Windows NT 3.1".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

You can get by without a server since you are not relaying.

 

As long as outgoing TCP 25 is open for that device, it can send SMTP
unauthenticated to internal users via the external IP address of the mail
server instead of the MX record.  Just remember to update the IP if it ever
changes

 

From: Lewin, Greg [mailto:le...@infimed.com] 
Sent: Wednesday, May 18, 2011 1:42 PM
To: NT System Admin Issues
Subject: SMTP server

 

 

We have a sister company that recently moved to Hosted Exchange 2010 and no
longer have an SMTP server in house.  They have a old  copier that used to
send emails via

The old internal Exchange server(5.5).  It does not have authentication
capabilities, only the ability to send to an IP address.  They would like to
be able to send mail to their internal users from this device.

I have a call into the Hosting company looking for suggestions.  I was
wondering if you folks might have any ideas.  

 

Thanks

 

Greg

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

Same...

Exactly what we did with the move to Postini.

Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com


-Original Message-
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] 
Sent: Wednesday, May 18, 2011 2:46 PM
To: NT System Admin Issues
Subject: RE: SMTP server

>I was wondering if you folks might have any ideas.  

Setup a secure smtp on your network, allow only that unauthed ip address to 
relay
off it, you might even setup relay restrictions further...

Any MS os can do this if you don't have any liux box's or your ISP might even 
have smart server etc...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 2:35 PM, Steven Peck  wrote:
> I am not sure it was entirely a 'mindset' issue either.  Keep in mind these
> were the days of 486 and Pentium 100 system.

  Computer security has been an identified issues since the 1950s, and
well understood in the 1970s.  The NT kernel has (and had) almost
ridiculously fine-grained security options.  The knowledge existing on
the team, the capabilities were there.  They had all the pieces.

  But they gave the first user an admin account by default.  Giving
all users admin access was common.  There was the whole "Power User"
thing, which has admin rights in all but name.  Their own software
often did not run properly without admin rights.  Even today, their
development tools (Visual Studio) have non-admin issues.  Back then it
was impossible.

  People say Microsoft's customers were demanding this for
"compatibility", but I really don't think that explains it.  Companies
who were rolling out NT weren't consumers.  They were businesses
interested in enterprise applications, which includes things like
security.  When Microsoft's own stuff needed admin rights; why would
developers do anything different?

  Microsoft came from the PC world, where the user sitting at the
console had full access to everything, because it was "their" personal
computer.  Their OSes before NT didn't have any security features,
largely because the hardware didn't have any support for it.  It was
the mode of operation Microsoft was used to, and it was how most of
their own developers worked.

  I'm not surprised it happened this way, but I think the world would
have benefited tremendously from a little more foresight on
Microsoft's part.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

Set up a small PC running linux as an SMTP server and set it to ONLY send to
the hosted Exchange?

From: Lewin, Greg [mailto:le...@infimed.com] 
Sent: Wednesday, May 18, 2011 2:42 PM
To: NT System Admin Issues
Subject: SMTP server

We have a sister company that recently moved to Hosted Exchange 2010 and no
longer have an SMTP server in house.  They have a old  copier that used to
send emails via
The old internal Exchange server(5.5).  It does not have authentication
capabilities, only the ability to send to an IP address.  They would like to
be able to send mail to their internal users from this device.
I have a call into the Hosting company looking for suggestions.  I was
wondering if you folks might have any ideas.  

Thanks

Greg
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: SMTP server

2011-05-18 Thread Joseph L. Casale

>I was wondering if you folks might have any ideas.  

Setup a secure smtp on your network, allow only that unauthed ip address to 
relay
off it, you might even setup relay restrictions further...

Any MS os can do this if you don't have any liux box's or your ISP might even 
have smart server etc...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: [OT] Sony is down again

Indeed.  This does make me feel better about my Xbox 360 selection, although
I miss playing the Gran Turismo series...

--
ME2





On Wed, May 18, 2011 at 11:00 AM, Guyer, Don  wrote:

> My Son's been bugging the cr@p out of me to buy a PS3 for awhile now.
>
> Just another reason to add to my list of reasons I haven't gotten one
> (he would definitely want to play online).
>
> Don Guyer
> Windows Systems Engineer
> RIM Operations Engineering Distributed - A Team, Tier 2
> Enterprise Technology Group
> Fiserv
> don.gu...@fiserv.com
> Office: 1-800-523-7282 x 1673
> Fax: 610-233-0404
> www.fiserv.com
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Wednesday, May 18, 2011 1:48 PM
> To: NT System Admin Issues
> Subject: [OT] Sony is down again
>
>
>  This is too good not to pass on.
>
>  So, we all know about the massive breach in Sony's security.
> Millions of customers had their personal info stolen.  As a result,
> Sony voluntarily shut down most of their online entertainment
> operations, including the PlayStation Network, and Qriocity (their
> streaming media Netflix-wannabe service).  It's been down going on
> five weeks now, but Sony has been turning things back on this week.
> Until now -- they've pulled the plug again.
>
>  Sony was asking people to reset their account passwords, and
> authenticating them with their email address and date-of-birth.
>
>  Email and DOB was among the information stolen.
>
> http://games.slashdot.org/story/11/05/18/151211/PSN-Up-And-Then-Down-Aga
> in
>
>  Great job Sony!  You really set a standard for corporate
> responsibility and security planning!
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Server service will not start on windows 2008 R2 enterprise

2011-05-18 Thread Rankin, James R

Good catch. Glad I was able to offer a pointer.

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: Mathew Shember 
Date: Wed, 18 May 2011 11:02:08 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Server service will not 
start on windows 2008 R2 enterprise

We finally figured this out.

If you have a url in the PATH which references the filer, this error will 
appear.

Thanks for the info, it helped.

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Monday, May 16, 2011 2:07 AM
To: NT System Admin Issues
Subject: Re: Server service will not start on windows 2008 R2 enterprise

I saw that error (ERROR_NOLOGON_WORKSTATION_TRUST_ACCOUNT, error 1808) before 
when I was having some problems with logon actions. I was trying to create 
shortcuts on a redirected desktop that pointed to a shared area on a NetApp 
filer. For some reason, the security context seemed to be a little screwed-up. 
I got around this by copying the shortcuts locally first and then moving them 
to the shared area later in the logon process.

I'm a little confused as to what correlation the Server service could have with 
a shared area on your filer, though - AFAIK the Server service deals with 
hosting shares, rather than accessing them, that's the job of the Workstation 
service - but it seems a little coincidental. Do you have folder redirection 
configured in any way? Is there a drive being mapped out to the filer at login? 
Is there some sort of shared storage connected to the NetApp from the server?

I also remember that this error was generated specifically when creating App-V 
shortcuts using AppSense, so I don't know if you are using either of these 
technologies as well.

It might be an idea to run a Process Monitor as you try and start the Server 
service to see exactly what it is trying to do, and if it is trying to access a 
network location in some way.

Sorry couldn't be of more help,

On 13 May 2011 19:21, Mathew Shember 
mailto:mathew.shem...@synopsys.com>> wrote:
Greetings,

This one has a couple people stumped.

HP G6's 70 gig Ram 24 cores.

Windows 2008 R2 Enterprise with terminal services enabled.

The server service will not start.

I get an error:

Services
  Windows could not start the Server service on Local Computer
  Error: 1808: The account used is a computer account.   Use your
 Global user account or local user account to access this server.

The event log shows:

Log Name:  System
Source:Service Control Manager
Date:  5/13/2011 11:10:28 AM
Event ID:  7023
Task Category: None
Level: Error
Keywords:  Classic
User:  N/A
Computer:  
us01sbureg1.internal.synopsys.com
Description:
The Server service terminated with the following error:
The account used is a computer account. Use your global user account or local 
user account to access this server.

Note:  This was built from a wim file.

I have done many things.
Sfc /scannow
Reinstalled file and print
Played with the user accounts on the service.

Nothing seems to be able to correct it and it's a weird error.

Any suggestions would be greatly appreciated.

Thanks,
Mathew

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."

IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are 
disclosed in any way my lawyers will swoop down from black helicopters like 
Seal Team Six and drag you away with a black bag over your head. They will then 
take you to a secret prison and make you fight to the death with other people 
who dared to share this email. You will be given a large bowie knife and a 
supply of methamphetamines while I watch the said deathmatch and wager vast 
sums of money on who will be the winner. If the fight becomes boring or there 
is a stalemate, I will release rabid dogs and my two-stone cat into the arena 
to liven things up a bit. If these animals become in any way docile, I will 
squirt them with water pistols until they become a bit more temperamental.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsy

Re: Interesting news from Apple

2011-05-18 Thread Steven Peck

I am not sure it was entirely a 'mindset' issue either.  Keep in mind these
were the days of 486 and Pentium 100 system.  Also as major corporations
were deploying NT3.51 and then NT4, their business customers were making
demands for compatibility with various applications that ran on a variety of
platforms even then.

We have gained a tremendous depth of knowledge and understanding of the long
term costs some of these choices have had and these are being solved or
mitigated against.  The overall model between *NIX and Windows is
substantially different.  People keep limiting their scope 'UNIX is better
Windows sucks' primarly discussing single user /desktop systems.  Managing
UNIX securely in an enterprise vs Windows in an enterprise is a vastly
different thing and I thing the tools for Windows are and have better for
this.

Steven Peck
http://www.blkmtn.org


On Wed, May 18, 2011 at 11:21 AM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 2:01 PM, John Cook  wrote:
> > Not to argue the point ...
>
>  No, that's exactly what you're doing.  Arguing the point.  :)
>
> > ... but NT is a version that was "hardened" for business use ...
>
>  The core of NT is a completely new operating system.  It is not
> derived from MS-DOS or the "classic Windows" code base.  The UI,
> shell, and various other bits and pieces that ride on top of the OS
> were based on the classic code, but the security model comes from the
> NT OS.
>
>  I do disagree with MBS on one count: Bad decisions affecting
> security were being made from the first days of NT 3.1.  The whole
> system could have been more secure, but Microsoft still had the "PC
> mindset".  The default config was nowhere near as secure as it should
> have been.  That set a precedent we're still paying for, almost two
> decades later.
>
> > Windows (WFW, 3.11, 98, whatever you want to use as the baseline)
> > was created as a consumer friendly OS, not a simplified Mainframe.
>
>   NT was never a "mainframe" OS.
>
>  NT began life as a research project at DEC, where Dave Cutler was
> developing an OS he intended to succeed VMS, DEC's minicomputer OS.
> Microsoft hired Cutler away from DEC, and the work he was doing on the
> new OS was put toward Microsoft's New Technology OS project.  MSFT's
> original plan was for NT to be "NT OS/2", AKA "OS/2 3.0".  Then IBM
> and MSFT had their falling out.  NT was finally released to the public
> as "Windows NT 3.1".
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 2:01 PM, John Cook  wrote:
> Not to argue the point ...

  No, that's exactly what you're doing.  Arguing the point.  :)

> ... but NT is a version that was "hardened" for business use ...

  The core of NT is a completely new operating system.  It is not
derived from MS-DOS or the "classic Windows" code base.  The UI,
shell, and various other bits and pieces that ride on top of the OS
were based on the classic code, but the security model comes from the
NT OS.

  I do disagree with MBS on one count: Bad decisions affecting
security were being made from the first days of NT 3.1.  The whole
system could have been more secure, but Microsoft still had the "PC
mindset".  The default config was nowhere near as secure as it should
have been.  That set a precedent we're still paying for, almost two
decades later.

> Windows (WFW, 3.11, 98, whatever you want to use as the baseline)
> was created as a consumer friendly OS, not a simplified Mainframe.

  NT was never a "mainframe" OS.

  NT began life as a research project at DEC, where Dave Cutler was
developing an OS he intended to succeed VMS, DEC's minicomputer OS.
Microsoft hired Cutler away from DEC, and the work he was doing on the
new OS was put toward Microsoft's New Technology OS project.  MSFT's
original plan was for NT to be "NT OS/2", AKA "OS/2 3.0".  Then IBM
and MSFT had their falling out.  NT was finally released to the public
as "Windows NT 3.1".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Android Vulnerability

Actually, it looks like they are released an out of band patch to close the
hole already today.
http://www.pcmag.com/article2/0,2817,2385565,00.asp




-Original Message-
From: Sam Cayze [mailto:sca...@gmail.com] 
Sent: Wednesday, May 18, 2011 1:00 PM
To: NT System Admin Issues
Subject: RE: Android Vulnerability

I'm a little concerned, I might send out an email to our users.

I know for a fact that 99% of our users don't even know their phone has
wireless, not do they use it.  Heck, I don't even use mine ever.

Our phones are scheduled to get the update any day now.  And, all of our
corporate info is on 'Good Messaging', an encrypted sandbox, so I'm not too
worried about that aspect.

Sam

-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com]
Sent: Wednesday, May 18, 2011 10:06 AM
To: NT System Admin Issues
Subject: Re: Android Vulnerability

i'm worried about connecting anything to a free, public wi-fi.

bill


John Aldrich wrote:
> Any of you Android users here want to comment on this story about the 
> newly discovered vulnerability in Android's O/S:
> http://preview.tinyurl.com/6xk8bwp
>
> Are you worried about connecting your Android phone to a free public 
> Wi-Fi after this?
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>   


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Server service will not start on windows 2008 R2 enterprise

2011-05-18 Thread Mathew Shember

We finally figured this out.

If you have a url in the PATH which references the filer, this error will 
appear.

Thanks for the info, it helped.



From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Monday, May 16, 2011 2:07 AM
To: NT System Admin Issues
Subject: Re: Server service will not start on windows 2008 R2 enterprise

I saw that error (ERROR_NOLOGON_WORKSTATION_TRUST_ACCOUNT, error 1808) before 
when I was having some problems with logon actions. I was trying to create 
shortcuts on a redirected desktop that pointed to a shared area on a NetApp 
filer. For some reason, the security context seemed to be a little screwed-up. 
I got around this by copying the shortcuts locally first and then moving them 
to the shared area later in the logon process.

I'm a little confused as to what correlation the Server service could have with 
a shared area on your filer, though - AFAIK the Server service deals with 
hosting shares, rather than accessing them, that's the job of the Workstation 
service - but it seems a little coincidental. Do you have folder redirection 
configured in any way? Is there a drive being mapped out to the filer at login? 
Is there some sort of shared storage connected to the NetApp from the server?

I also remember that this error was generated specifically when creating App-V 
shortcuts using AppSense, so I don't know if you are using either of these 
technologies as well.

It might be an idea to run a Process Monitor as you try and start the Server 
service to see exactly what it is trying to do, and if it is trying to access a 
network location in some way.

Sorry couldn't be of more help,



On 13 May 2011 19:21, Mathew Shember 
mailto:mathew.shem...@synopsys.com>> wrote:
Greetings,

This one has a couple people stumped.

HP G6's 70 gig Ram 24 cores.

Windows 2008 R2 Enterprise with terminal services enabled.

The server service will not start.

I get an error:

Services
  Windows could not start the Server service on Local Computer
  Error: 1808: The account used is a computer account.   Use your
 Global user account or local user account to access this server.

The event log shows:

Log Name:  System
Source:Service Control Manager
Date:  5/13/2011 11:10:28 AM
Event ID:  7023
Task Category: None
Level: Error
Keywords:  Classic
User:  N/A
Computer:  
us01sbureg1.internal.synopsys.com
Description:
The Server service terminated with the following error:
The account used is a computer account. Use your global user account or local 
user account to access this server.


Note:  This was built from a wim file.

I have done many things.
Sfc /scannow
Reinstalled file and print
Played with the user accounts on the service.

Nothing seems to be able to correct it and it's a weird error.

Any suggestions would be greatly appreciated.

Thanks,
Mathew



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."

IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are 
disclosed in any way my lawyers will swoop down from black helicopters like 
Seal Team Six and drag you away with a black bag over your head. They will then 
take you to a secret prison and make you fight to the death with other people 
who dared to share this email. You will be given a large bowie knife and a 
supply of methamphetamines while I watch the said deathmatch and wager vast 
sums of money on who will be the winner. If the fight becomes boring or there 
is a stalemate, I will release rabid dogs and my two-stone cat into the arena 
to liven things up a bit. If these animals become in any way docile, I will 
squirt them with water pistols until they become a bit more temperamental.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

Not to argue the point but NT is a version that was "hardened" for business 
use, Windows (WFW, 3.11, 98, whatever you want to use as the baseline) was 
created as a consumer friendly OS, not a simplified Mainframe.

-Original Message-
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in order to 
not scare off the consumer users and because of poorly behaved applications, 
even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

  Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

  "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

  The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

  In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

  But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or e

RE: Android Vulnerability

I'm a little concerned, I might send out an email to our users.

I know for a fact that 99% of our users don't even know their phone has
wireless, not do they use it.  Heck, I don't even use mine ever.

Our phones are scheduled to get the update any day now.  And, all of our
corporate info is on 'Good Messaging', an encrypted sandbox, so I'm not too
worried about that aspect.

Sam

-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com] 
Sent: Wednesday, May 18, 2011 10:06 AM
To: NT System Admin Issues
Subject: Re: Android Vulnerability

i'm worried about connecting anything to a free, public wi-fi.

bill


John Aldrich wrote:
> Any of you Android users here want to comment on this story about the 
> newly discovered vulnerability in Android's O/S:
> http://preview.tinyurl.com/6xk8bwp
>
> Are you worried about connecting your Android phone to a free public 
> Wi-Fi after this?
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>   


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Sony is down again

My Son's been bugging the cr@p out of me to buy a PS3 for awhile now.

Just another reason to add to my list of reasons I haven't gotten one
(he would definitely want to play online).

Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Wednesday, May 18, 2011 1:48 PM
To: NT System Admin Issues
Subject: [OT] Sony is down again


  This is too good not to pass on.

  So, we all know about the massive breach in Sony's security.
Millions of customers had their personal info stolen.  As a result,
Sony voluntarily shut down most of their online entertainment
operations, including the PlayStation Network, and Qriocity (their
streaming media Netflix-wannabe service).  It's been down going on
five weeks now, but Sony has been turning things back on this week.
Until now -- they've pulled the plug again.

  Sony was asking people to reset their account passwords, and
authenticating them with their email address and date-of-birth.

  Email and DOB was among the information stolen.

http://games.slashdot.org/story/11/05/18/151211/PSN-Up-And-Then-Down-Aga
in

  Great job Sony!  You really set a standard for corporate
responsibility and security planning!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Sony is down again

They did that when they put a rootkit on consumer DVDs.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Wednesday, May 18, 2011 1:48 PM
To: NT System Admin Issues
Subject: [OT] Sony is down again

  This is too good not to pass on.

  So, we all know about the massive breach in Sony's security.
Millions of customers had their personal info stolen.  As a result,
Sony voluntarily shut down most of their online entertainment
operations, including the PlayStation Network, and Qriocity (their
streaming media Netflix-wannabe service).  It's been down going on
five weeks now, but Sony has been turning things back on this week.
Until now -- they've pulled the plug again.

  Sony was asking people to reset their account passwords, and
authenticating them with their email address and date-of-birth.

  Email and DOB was among the information stolen.

http://games.slashdot.org/story/11/05/18/151211/PSN-Up-And-Then-Down-Again

  Great job Sony!  You really set a standard for corporate
responsibility and security planning!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

Windows NT was never created as a consumer product.

Choices were made in Windows XP that made it inherently less secure in order to 
not scare off the consumer users and because of poorly behaved applications, 
even then.

We are still paying that price.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Wednesday, May 18, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

  Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

  "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

  The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

  In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

  But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Don Ely

Tranquilizer darts help with that...

On Wed, May 18, 2011 at 10:50 AM, John Cook  wrote:

> Big difference is that 'nix was created as more of a professional level OS
> and Windows was created as a consumer product. It's pretty hard to "get the
> cat back in the bag" once it's out.
>
> -Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Wednesday, May 18, 2011 1:36 PM
> To: NT System Admin Issues
> Subject: Re: Interesting news from Apple
>
>  On Wed, May 18, 2011 at 12:25 PM, John Aldrich
>  wrote:
> > Mostly I was thinking of the typical Windows type
> > stuff where they trick you into downloading an EXE file and running it.
>
>  Same thing can happen on Linux.  And from the sound of the report,
> that's what's hitting the Mac's.  It's really just a social
> engineering attack: Trick the user into downloading and running
> malicious software.  There's not much you can do to combat that,
> except have the admins take away the ability for users to run
> software.  And that won't help home users who are their own admins.
>
>  "There are seldom good technological solutions to behavioral
> problems." (Ed Crowley)
>
>  The one thing traditional *nix systems have going for them is that
> it's easier to lock down the environment, since they've been doing
> that pretty much from the start.  Just mount /tmp and /home with
> "noexec" and users can't execute anything they can write to.
>
>  In the Windows world, you've got to deal with a fsckton of crappy
> software that breaks in weird ways when you try this or other
> nominally sensible things.  And I include Windows itself in that.
> Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
> via several methods, such as the command line.  So you either block
> .LNK files from running -- breaking *all user shortcuts*, including
> "Recent Documents" -- or you allow an obvious path for attackers.
> Great job Microsoft.
>
>  But that's not a security model thing, it's a crappy implementation
> thing.  You can work around it with enough time and money.  And
> someday Microsoft might fix their bugs, at least.  Dealing with the
> crappy third-party software... well, hopefully one has enough pull
> with one's vendors to have them fix their bugs.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
> attached to or with this Notice is intended only for the person or entity to
> which it is addressed and may contain Protected Health Information (PHI),
> confidential and/or privileged material. Any review, transmission,
> dissemination, or other use of, and taking any action in reliance upon this
> information by persons or entities other than the intended recipient without
> the express written consent of the sender are prohibited. This information
> may be protected by the Health Insurance Portability and Accountability Act
> of 1996 (HIPAA), and other Federal and Florida laws. Improper or
> unauthorized use or disclosure of this information could result in civil
> and/or criminal penalties.
>  Consider the environment. Please don't print this e-mail unless you really
> need to.
>
>  ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Vipre Newbie

>>> Blocking zips can cause you a little strife

 

Yeah, like bringing our business to a halt.  Seems very extreme to me.

 

I know with Symantec Mail Security, all ZIP contents are scanned.  If it
cannot be scanned and verified that included every file is clean and on the
whitelist, it is quarantined and the admin is issued an email.  This does
happen, about once every six months.  And password protected ZIPs do not get
let through, regardless.

 

I can't imagine Vipre would work any differently.  If it works as Symantec
does, I can't see the point of blocking of ZIPs.

 

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Wednesday, May 18, 2011 9:46 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

 

IIRC there is a list of recommended file types (scr, exe, etc.) but we also
block bitmap and zip files. Blocking zips can cause you a little strife from
time to time (Office 2007 files sometimes get blocked in spite of the allow
rule) but we prefer to be safe not sorry.

 

From: Kelsey, John [mailto:jckel...@drmc.org] 
Sent: Wednesday, May 18, 2011 10:38 AM
To: NT System Admin Issues
Subject: Vipre Newbie

 

We recently became proud parents of Vipre for Exchange (2003).  In the
process of setting it up now.  Anybody care to share their attachment
filtering policy?  As in what is best practice to block/allow and in which
direction?

 

Thanks all!

 

*
John C. Kelsey

DuBois Regional Medical Center
(:  814.375.3073  
2  :   814.375.4005
*: jckel...@drmc.org 
*

 

This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
company. Warning: Although precautions have been taken to make sure no
viruses are present in this email, the company cannot accept responsibility
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

  _  

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or entity to
which it is addressed and may contain Protected Health Information (PHI),
confidential and/or privileged material. Any review, transmission,
dissemination, or other use of, and taking any action in reliance upon this
information by persons or entities other than the intended recipient without
the express written consent of the sender are prohibited. This information
may be protected by the Health Insurance Portability and Accountability Act
of 1996 (HIPAA), and other Federal and Florida laws. Improper or
unauthorized use or disclosure of this information could result in civil
and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really
need to.



This email and any attached files are confidential and intended solely for
the intended recipient(s). If you are not the named recipient you should not
read, distribute, copy or alter this email. Any views or opinions expressed
in this email are those of the author and do not represent those of the
company. Warning: Although precautions have been taken to make sure no
viruses are present in this email, the company cannot accept responsibility
for any loss or damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

Big difference is that 'nix was created as more of a professional level OS and 
Windows was created as a consumer product. It's pretty hard to "get the cat 
back in the bag" once it's out.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Wednesday, May 18, 2011 1:36 PM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

  Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

  "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

  The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

  In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

  But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 1:43 PM, Jonathan Link  wrote:
>>> If I recall correctly, there has been this recommendation in Apple
>>> Support documentation for years.
>>
>> Now all we have to do is wait for their marketing documentation to
>> catch-up.
>
> Show me how that's different from any other organization...

  For some reason, people *believe* Apple's marketing.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

[OT] Sony is down again

  This is too good not to pass on.

  So, we all know about the massive breach in Sony's security.
Millions of customers had their personal info stolen.  As a result,
Sony voluntarily shut down most of their online entertainment
operations, including the PlayStation Network, and Qriocity (their
streaming media Netflix-wannabe service).  It's been down going on
five weeks now, but Sony has been turning things back on this week.
Until now -- they've pulled the plug again.

  Sony was asking people to reset their account passwords, and
authenticating them with their email address and date-of-birth.

  Email and DOB was among the information stolen.

http://games.slashdot.org/story/11/05/18/151211/PSN-Up-And-Then-Down-Again

  Great job Sony!  You really set a standard for corporate
responsibility and security planning!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OT: Danger

You probably had to download an Adobe update to read it!

From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, May 18, 2011 1:34 PM
To: NT System Admin Issues
Subject: Re: OT: Danger

I'm glad they're looking out for me, but it pushed back my whole deployment 
schedule when I had to RTFM.
On Wed, May 18, 2011 at 1:16 PM, John Cook 
mailto:john.c...@pfsf.org>> wrote:
No doubt OSHA prompted to save your life.
John W. Cook
Systems Administrator
Partnership for Strong Families

From: Richard Stovall mailto:rich...@gmail.com>>
To: NT System Admin Issues 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Sent: Wed May 18 13:12:15 2011
Subject: OT: Danger
I just unpacked a new HP ProCurve switch.  There was a warning tape over the 
receptacle for the power cord that had to be removed before plugging in the 
switch.  It said:

"Refer to users guide for power supply cord instructions."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

Re: Interesting news from Apple

2011-05-18 Thread Jonathan Link

Show me how that's different from any other organization...

On Wed, May 18, 2011 at 1:36 PM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 12:15 PM, Michael White 
> wrote:
> > If I recall correctly, there has been this recommendation in Apple
> > Support documentation for years.
>
>  Now all we have to do is wait for their marketing documentation to
> catch-up.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:15 PM, Michael White  wrote:
> If I recall correctly, there has been this recommendation in Apple
> Support documentation for years.

  Now all we have to do is wait for their marketing documentation to catch-up.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 12:25 PM, John Aldrich
 wrote:
> Mostly I was thinking of the typical Windows type
> stuff where they trick you into downloading an EXE file and running it.

  Same thing can happen on Linux.  And from the sound of the report,
that's what's hitting the Mac's.  It's really just a social
engineering attack: Trick the user into downloading and running
malicious software.  There's not much you can do to combat that,
except have the admins take away the ability for users to run
software.  And that won't help home users who are their own admins.

  "There are seldom good technological solutions to behavioral
problems." (Ed Crowley)

  The one thing traditional *nix systems have going for them is that
it's easier to lock down the environment, since they've been doing
that pretty much from the start.  Just mount /tmp and /home with
"noexec" and users can't execute anything they can write to.

  In the Windows world, you've got to deal with a fsckton of crappy
software that breaks in weird ways when you try this or other
nominally sensible things.  And I include Windows itself in that.
Here's a fun trick: Copy WINVER.EXE to EXAMPLE.LNK.  It will still run
via several methods, such as the command line.  So you either block
.LNK files from running -- breaking *all user shortcuts*, including
"Recent Documents" -- or you allow an obvious path for attackers.
Great job Microsoft.

  But that's not a security model thing, it's a crappy implementation
thing.  You can work around it with enough time and money.  And
someday Microsoft might fix their bugs, at least.  Dealing with the
crappy third-party software... well, hopefully one has enough pull
with one's vendors to have them fix their bugs.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

This is my 3rd ProCurve and I don't remember it on the other two.  Thank
goodness nothing happened when I plugged them in.  I'm apparently a very
lucky man!

On Wed, May 18, 2011 at 1:25 PM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 1:12 PM, Richard Stovall 
> wrote:
> > I just unpacked a new HP ProCurve switch.  There was a warning tape over
> the
> > receptacle for the power cord that had to be removed before plugging in
> the
> > switch.
>
>  Yah, they've been doing that for a number of years.
>
>  Someone prolly found the cord wouldn't fit, hotwired their router to
> a 440 volt outlet, and then sued HP when it caught on fire.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

I'm glad they're looking out for me, but it pushed back my whole deployment
schedule when I had to RTFM.

On Wed, May 18, 2011 at 1:16 PM, John Cook  wrote:

>  No doubt OSHA prompted to save your life.
> John W. Cook
> Systems Administrator
> Partnership for Strong Families
>
>  --
> *From*: Richard Stovall 
> *To*: NT System Admin Issues 
> *Sent*: Wed May 18 13:12:15 2011
> *Subject*: OT: Danger
>
>   I just unpacked a new HP ProCurve switch.  There was a warning tape over
> the receptacle for the power cord that had to be removed before plugging in
> the switch.  It said:
>
> "Refer to users guide for power supply cord instructions."
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> --
> CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
> attached to or with this Notice is intended only for the person or entity to
> which it is addressed and may contain Protected Health Information (PHI),
> confidential and/or privileged material. Any review, transmission,
> dissemination, or other use of, and taking any action in reliance upon this
> information by persons or entities other than the intended recipient without
> the express written consent of the sender are prohibited. This information
> may be protected by the Health Insurance Portability and Accountability Act
> of 1996 (HIPAA), and other Federal and Florida laws. Improper or
> unauthorized use or disclosure of this information could result in civil
> and/or criminal penalties.
> Consider the environment. Please don't print this e-mail unless you really
> need to.
>
> This email and any attached files are confidential and intended solely for
> the intended recipient(s). If you are not the named recipient you should not
> read, distribute, copy or alter this email. Any views or opinions expressed
> in this email are those of the author and do not represent those of the
> company. Warning: Although precautions have been taken to make sure no
> viruses are present in this email, the company cannot accept responsibility
> for any loss or damage that arise from the use of this email or attachments.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

2011-05-18 Thread Daniel Rodriguez

Shucks! You found out! How did you find out?!?
On May 18, 2011 1:26 PM, "Ben Scott"  wrote:
> On Wed, May 18, 2011 at 1:12 PM, Richard Stovall 
wrote:
>> I just unpacked a new HP ProCurve switch.  There was a warning tape over
the
>> receptacle for the power cord that had to be removed before plugging in
the
>> switch.
>
> Yah, they've been doing that for a number of years.
>
> Someone prolly found the cord wouldn't fit, hotwired their router to
> a 440 volt outlet, and then sued HP when it caught on fire.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

On Wed, May 18, 2011 at 1:12 PM, Richard Stovall  wrote:
> I just unpacked a new HP ProCurve switch.  There was a warning tape over the
> receptacle for the power cord that had to be removed before plugging in the
> switch.

  Yah, they've been doing that for a number of years.

  Someone prolly found the cord wouldn't fit, hotwired their router to
a 440 volt outlet, and then sued HP when it caught on fire.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Danger

No doubt OSHA prompted to save your life.
John W. Cook
Systems Administrator
Partnership for Strong Families

From: Richard Stovall 
To: NT System Admin Issues 
Sent: Wed May 18 13:12:15 2011
Subject: OT: Danger

I just unpacked a new HP ProCurve switch.  There was a warning tape over the 
receptacle for the power cord that had to be removed before plugging in the 
switch.  It said:

"Refer to users guide for power supply cord instructions."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

OT: Danger

I just unpacked a new HP ProCurve switch.  There was a warning tape over the
receptacle for the power cord that had to be removed before plugging in the
switch.  It said:

"Refer to users guide for power supply cord instructions."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Vipre Newbie

2011-05-18 Thread Kelsey, John

I absolutely agree.

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Wednesday, May 18, 2011 11:07 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

Should = most of the time as far as I'm concerned. I suspect you are
regulated by HIPAA just as we are and I take no chances. It consumes a
lot less time to release blocked files than it does to clean up from a
users "honest mistake"

From: Kelsey, John [mailto:jckel...@drmc.org] 
Sent: Wednesday, May 18, 2011 10:54 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

If its working as expected, it *should* be scanning the files inside the
zip, unless its password protected, right?  I do remember a virus that
was going around with a password protected zip that caused some issues
though.

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Wednesday, May 18, 2011 10:46 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

IIRC there is a list of recommended file types (scr, exe, etc...) but we
also block bitmap and zip files. Blocking zips can cause you a little
strife from time to time (Office 2007 files sometimes get blocked in
spite of the allow rule) but we prefer to be safe not sorry.

From: Kelsey, John [mailto:jckel...@drmc.org] 
Sent: Wednesday, May 18, 2011 10:38 AM
To: NT System Admin Issues
Subject: Vipre Newbie

We recently became proud parents of Vipre for Exchange (2003).  In the
process of setting it up now.  Anybody care to share their attachment
filtering policy?  As in what is best practice to block/allow and in
which direction?

Thanks all!

*
John C. Kelsey

DuBois Regional Medical Center
(:  814.375.3073  
2  :   814.375.4005
*:   jckel...@drmc.org   
*

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or
entity to which it is addressed and may contain Protected Health
Information (PHI), confidential and/or privileged material. Any review,
transmission, dissemination, or other use of, and taking any action in
reliance upon this information by persons or entities other than the
intended recipient without the express written consent of the sender are
prohibited. This information may be protected by the Health Insurance
Portability and Accountability Act of 1996 (HIPAA), and other Federal
and Florida laws. Improper or unauthorized use or disclosure of this
information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you
really need to.

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: Interesting news from Apple

Ok, I see your point. Mostly I was thinking of the typical Windows type
stuff where they trick you into downloading an EXE file and running it.
Granted Microsoft finally seems to have gotten serious about security in
Windows 7, it still seems like it would be easier to get the "infected exe"
run in Windows than in Linux.

NOT trying to turn this into a "Windows VS Linux" (although it may seem that
way.) I do have to give Microsoft "props" for finally starting to take
security seriously. I just personally think the security model in Linux is a
bit stronger "out of the box" but that may also have something to do with
the fact that it *doesn't* have a broad userbase like Windows or Apple. It's
mainly geeks that run Linux and they are probably more security conscious
than the general public. :D

-Original Message-
From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, May 18, 2011 12:16 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Vulnerabilities exploits that execute privilege escalation don't care if
you're admin, root, supervisor, or whatever the superuser account is.

Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 12:11 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Well, the security *model* is different under Linux. By default, you're not
the admin. That makes it inherently more secure. Not to say it can't be
defeated by social engineering, just that it takes more work to pwn a Linux
machine. :D

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, May 18, 2011 12:05 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

It doesn't surprise me either that for so-long that Apple systems haven't
really been attacked, but just using another OS, doesn't make you more
secure because it hasn't been tested by the security community. Linux is no
different, even with the "so-called" hardened appliances. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 11:55 AM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

*grin* Yep... I can't wait for Linux to be in this predicament. :D Right now
there *is* antivirus for Linux, but it's a niche market, and mainly for
scanning Windows files. :D

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:36 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

That's the definition of a mixed blessing... :)

ASB (Professional Bio) 
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note - Rod Trent brought this to my attention via Linkedin..
>
>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
ses-mac-users-use-antivirus-now.html#post160264
 But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

 Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an

RE: Interesting news from Apple

2011-05-18 Thread Erik Goldoff

Vulnerabilities exploits that execute privilege escalation don't care if
you're admin, root, supervisor, or whatever the superuser account is.

Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 12:11 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

Well, the security *model* is different under Linux. By default, you're not
the admin. That makes it inherently more secure. Not to say it can't be
defeated by social engineering, just that it takes more work to pwn a Linux
machine. :D

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, May 18, 2011 12:05 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

It doesn't surprise me either that for so-long that Apple systems haven't
really been attacked, but just using another OS, doesn't make you more
secure because it hasn't been tested by the security community. Linux is no
different, even with the "so-called" hardened appliances. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 11:55 AM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

*grin* Yep... I can't wait for Linux to be in this predicament. :D Right now
there *is* antivirus for Linux, but it's a niche market, and mainly for
scanning Windows files. :D

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:36 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

That's the definition of a mixed blessing... :)

ASB (Professional Bio) 
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note - Rod Trent brought this to my attention via Linkedin..
>
>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
ses-mac-users-use-antivirus-now.html#post160264
 But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

 Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Michael White

If I recall correctly, there has been this recommendation in Apple
Support documentation for years.  This isn't really anything new.

On Wed, May 18, 2011 at 8:27 AM, John Cook  wrote:
> Note – Rod Trent brought this to my attention via Linkedin..
>
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

2011-05-18 Thread Jonathan Link

No.  Vulnerabilities exist and can be exploited in all OS's.  That's why
there's patching.  Security is a process, it's never complete, and certainly
isn't because of the choice of OS.

On Wed, May 18, 2011 at 12:11 PM, John Aldrich  wrote:

> Well, the security *model* is different under Linux. By default, you're not
> the admin. That makes it inherently more secure. Not to say it can't be
> defeated by social engineering, just that it takes more work to pwn a Linux
> machine. :D
>
>
>
>
> -Original Message-
> From: Ziots, Edward [mailto:ezi...@lifespan.org]
> Sent: Wednesday, May 18, 2011 12:05 PM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> It doesn't surprise me either that for so-long that Apple systems haven't
> really been attacked, but just using another OS, doesn't make you more
> secure because it hasn't been tested by the security community. Linux is no
> different, even with the "so-called" hardened appliances.
>
> Z
>
> Edward E. Ziots
> CISSP, Network +, Security +
> Security Engineer
> Lifespan Organization
> Email:ezi...@lifespan.org
> Cell:401-639-3505
>
>
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> Sent: Wednesday, May 18, 2011 11:55 AM
> To: NT System Admin Issues
> Subject: RE: Interesting news from Apple
>
> *grin* Yep... I can't wait for Linux to be in this predicament. :D Right
> now
> there *is* antivirus for Linux, but it's a niche market, and mainly for
> scanning Windows files. :D
>
>
>
> From: Andrew S. Baker [mailto:asbz...@gmail.com]
> Sent: Wednesday, May 18, 2011 11:36 AM
> To: NT System Admin Issues
> Subject: Re: Interesting news from Apple
>
> That's the definition of a mixed blessing... :)
>
>
> ASB (Professional Bio)
> Harnessing the Advantages of Technology for the SMB market...
>
>
>
>
> On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
> On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> > Note - Rod Trent brought this to my attention via Linkedin..
> >
> >
>
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
> ses-mac-users-use-antivirus-now.html#post160264
>  But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
> all the time!  ;-)
>
>  Actually, fans of Apple should see this as a success.  Apple
> apparently now has enough of a presence to be worth attacking.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

Well, the security *model* is different under Linux. By default, you're not
the admin. That makes it inherently more secure. Not to say it can't be
defeated by social engineering, just that it takes more work to pwn a Linux
machine. :D

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, May 18, 2011 12:05 PM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

It doesn't surprise me either that for so-long that Apple systems haven't
really been attacked, but just using another OS, doesn't make you more
secure because it hasn't been tested by the security community. Linux is no
different, even with the "so-called" hardened appliances. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 11:55 AM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

*grin* Yep... I can't wait for Linux to be in this predicament. :D Right now
there *is* antivirus for Linux, but it's a niche market, and mainly for
scanning Windows files. :D

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:36 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

That's the definition of a mixed blessing... :)

ASB (Professional Bio) 
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note - Rod Trent brought this to my attention via Linkedin..
>
>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
ses-mac-users-use-antivirus-now.html#post160264
 But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

 Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

2011-05-18 Thread Ziots, Edward

It doesn't surprise me either that for so-long that Apple systems haven't 
really been attacked, but just using another OS, doesn't make you more secure 
because it hasn't been tested by the security community. Linux is no different, 
even with the "so-called" hardened appliances. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, May 18, 2011 11:55 AM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

*grin* Yep... I can't wait for Linux to be in this predicament. :D Right now
there *is* antivirus for Linux, but it's a niche market, and mainly for
scanning Windows files. :D

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:36 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

That's the definition of a mixed blessing... :)

ASB (Professional Bio) 
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note - Rod Trent brought this to my attention via Linkedin..
>
>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
ses-mac-users-use-antivirus-now.html#post160264
 But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

 Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

*grin* Yep... I can't wait for Linux to be in this predicament. :D Right now
there *is* antivirus for Linux, but it's a niche market, and mainly for
scanning Windows files. :D

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:36 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

That's the definition of a mixed blessing... :)

ASB (Professional Bio) 
Harnessing the Advantages of Technology for the SMB market...

On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:
On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note  Rod Trent brought this to my attention via Linkedin..
>
>
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advi
ses-mac-users-use-antivirus-now.html#post160264
 But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

 Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

They've made it to the big leagues.  *sniff* they grow up so fast!

--
ME2





On Wed, May 18, 2011 at 8:32 AM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> > Note – Rod Trent brought this to my attention via Linkedin..
> >
> >
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264
>
>   But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
> all the time!  ;-)
>
>  Actually, fans of Apple should see this as a success.  Apple
> apparently now has enough of a presence to be worth attacking.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

2011-05-18 Thread Crawford, Scott

Apparently we're evil, but I agree :)

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, May 18, 2011 10:30 AM
To: NT System Admin Issues
Subject: RE: Interesting news from Apple

That makes me smile.

And I know it shouldn't, but it does.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 11:27 AM
To: NT System Admin Issues
Subject: Interesting news from Apple

Note - Rod Trent brought this to my attention via Linkedin..
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

2011-05-18 Thread Sean Rector

  Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

+1

Sean Rector, MCSE

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Wednesday, May 18, 2011 11:33 AM
To: NT System Admin Issues
Subject: Re: Interesting news from Apple

On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note - Rod Trent brought this to my attention via Linkedin..
>
> http://forum.thewindowsclub.com/technology-news/32627-applecare-suppor
> t-advises-mac-users-use-antivirus-now.html#post160264

  But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

  Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Information Technology Manager
Virginia Opera Association 
E-Mail:   sean.rec...@vaopera.org
Phone:(757) 213-4548 (direct line)
{+}
On Sale NOW 2011-2012 Subscriptions featuring four NEW Productions
Aida | Hansel And Gretel | Orph?e | The Mikado
Visit us online at www.VaOpera.org or call 1-866-OPERA-VA

The vision of Virginia Opera is to enrich lives through the powerful 
integration of music, voice and human drama.

This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.
{*}

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

That's the definition of a mixed blessing... :)



*ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, May 18, 2011 at 11:32 AM, Ben Scott  wrote:

> On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> > Note – Rod Trent brought this to my attention via Linkedin..
> >
> >
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264
>
>   But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
> all the time!  ;-)
>
>  Actually, fans of Apple should see this as a success.  Apple
> apparently now has enough of a presence to be worth attacking.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Interesting news from Apple

On Wed, May 18, 2011 at 11:27 AM, John Cook  wrote:
> Note – Rod Trent brought this to my attention via Linkedin..
>
> http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264

  But... but... *MAC'S DON'T GET VIRUSES*.  Apple owners tell me that
all the time!  ;-)

  Actually, fans of Apple should see this as a success.  Apple
apparently now has enough of a presence to be worth attacking.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Interesting news from Apple

That makes me smile.

And I know it shouldn't, but it does.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 11:27 AM
To: NT System Admin Issues
Subject: Interesting news from Apple

Note - Rod Trent brought this to my attention via Linkedin..
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264


CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.


This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: WinSxS folder on Server 2008 R2

On Wed, May 18, 2011 at 11:13 AM, John Cook  wrote:
> Seriously, why do I need to keep all those AMD related files
> (I'm sure the AMD server people feel the same way about
> Intel files)

  The 64-bit x86-compatible architecture commonly called "x86" began
life as AMD64.  Intel copied AMD.  Even if you've got Intel silicon,
you're running the AMD64 architecture.  So the architecture name is
"AMD" in many OSes, Windows included.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Interesting news from Apple

Note - Rod Trent brought this to my attention via Linkedin..
http://forum.thewindowsclub.com/technology-news/32627-applecare-support-advises-mac-users-use-antivirus-now.html#post160264

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or entity to
which it is addressed and may contain Protected Health Information (PHI),
confidential and/or privileged material. Any review, transmission,
dissemination, or other use of, and taking any action in reliance upon this
information by persons or entities other than the intended recipient without
the express written consent of the sender are prohibited. This information may
be protected by the Health Insurance Portability and Accountability Act of 1996
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need
to.

This email and any attached files are confidential and intended solely for the
intended recipient(s). If you are not the named recipient you should not read,
distribute, copy or alter this email. Any views or opinions expressed in this
email are those of the author and do not represent those of the company.
Warning: Although precautions have been taken to make sure no viruses are
present in this email, the company cannot accept responsibility for any loss or
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: WinSxS folder on Server 2008 R2

M$ must be secretly getting into the hard drive business..  
Seriously, why do I need to keep all those AMD related files (I'm sure the AMD 
server people feel the same way about Intel files) once the OS is installed on 
a platform? It's an IDGAF attitude from M$ (storage is cheap, right), trivial 
to them but in the real world a pain for some of us 

-Original Message-
From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, May 18, 2011 11:04 AM
To: NT System Admin Issues
Subject: RE: WinSxS folder on Server 2008 R2

"a repository of Microsoft patch files"...on *every* computer.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Tuesday, May 17, 2011 7:34 PM
To: NT System Admin Issues
Subject: Re: WinSxS folder on Server 2008 R2

  Microsoft does not appear overly concerned about resource consumption.
>>> When a 1tb 7200 rpm 6Gb/s Seagate SATA drive costs less than $150, I
>>> can't say I really blame them...
>> But, if you're not using DAS...
> Or even if you are, and your blade server only has 2.5" 32GB disks...

  Or if you're using SSDs with smaller capacities / higher costs per unit of 
storage.

  Or you're using a tiny form factor and there simply isn't that much storage 
available.

  Or if you simply want to spend your money on something other than a 
repository of Microsoft patch files.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Account Names Not Resolving

Then I wouldn't worry about it.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 11:06 AM
To: NT System Admin Issues
Subject: Re: Account Names Not Resolving

LOL...no it isn't!...Had to double check..LOL
On Wed, May 18, 2011 at 11:04 AM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
It isn't point to itself, right?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 11:01 AM

To: NT System Admin Issues
Subject: Re: Account Names Not Resolving

Yes it does (ran nltest /sc_verify:domain - successful). DNS updated...as in 
pointing to a different DNS server?...no, that hasn't changed.
On Wed, May 18, 2011 at 10:52 AM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
Does it have a secure channel to another DC in the site? Has DNS been updated 
on the server's NIC(s) since it was demoted?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 10:27 AM
To: NT System Admin Issues
Subject: Account Names Not Resolving

Good morning all,

I'm finally getting around to an issue that has been driving me a *bit* crazy 
for months. The scenario...
- Win2K Server - did have Exchange 2003 installed and *was* a DC 
- Installed new server and did a swing migration to Exchange 2010
- Uninstalled Exchange 2003
- DCPromo'd the Win2K server to member server 

Now the problem
- When you look at any shares on that server that have specific users added, 
all you see are the SIDs instead of account name.
- If you add a new user, they show fine...for a bit...
- When you go back into the security settings, all you see that resolve 
correctly are default ID's (Administrators/Everyone/Etc)

The server is due to be nuked and repaved, but there are a whack of 
Shares/Folders with really silly securities set on them that have to be moved 
to a new box.

Any ideas?

TIA!
Cameron

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Vipre Newbie

Should = most of the time as far as I'm concerned. I suspect you are regulated 
by HIPAA just as we are and I take no chances. It consumes a lot less time to 
release blocked files than it does to clean up from a users "honest mistake"

From: Kelsey, John [mailto:jckel...@drmc.org]
Sent: Wednesday, May 18, 2011 10:54 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

If its working as expected, it *should* be scanning the files inside the zip, 
unless its password protected, right?  I do remember a virus that was going 
around with a password protected zip that caused some issues though.

From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, May 18, 2011 10:46 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

IIRC there is a list of recommended file types (scr, exe, etc...) but we also 
block bitmap and zip files. Blocking zips can cause you a little strife from 
time to time (Office 2007 files sometimes get blocked in spite of the allow 
rule) but we prefer to be safe not sorry.

From: Kelsey, John [mailto:jckel...@drmc.org]
Sent: Wednesday, May 18, 2011 10:38 AM
To: NT System Admin Issues
Subject: Vipre Newbie

We recently became proud parents of Vipre for Exchange (2003).  In the process 
of setting it up now.  Anybody care to share their attachment filtering policy? 
 As in what is best practice to block/allow and in which direction?

Thanks all!

*
John C. Kelsey
DuBois Regional Medical Center
*:  814.375.3073
*  :   814.375.4005
*:   jckel...@drmc.org
*

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http:

Re: Account Names Not Resolving

2011-05-18 Thread Cameron

LOL...no it isn't!...Had to double check..LOL

On Wed, May 18, 2011 at 11:04 AM, Michael B. Smith wrote:

>  It isn’t point to itself, right?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Cameron [mailto:cameron.orl...@gmail.com]
> *Sent:* Wednesday, May 18, 2011 11:01 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Account Names Not Resolving
>
>
>
> Yes it does (ran nltest /sc_verify:domain - successful). DNS updated...as
> in pointing to a different DNS server?...no, that hasn't changed.
>
> On Wed, May 18, 2011 at 10:52 AM, Michael B. Smith 
> wrote:
>
> Does it have a secure channel to another DC in the site? Has DNS been
> updated on the server’s NIC(s) since it was demoted?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Cameron [mailto:cameron.orl...@gmail.com]
> *Sent:* Wednesday, May 18, 2011 10:27 AM
> *To:* NT System Admin Issues
>  *Subject:* Account Names Not Resolving
>
>
>
> Good morning all,
>
>
>
> I'm finally getting around to an issue that has been driving me a *bit*
> crazy for months. The scenario...
>
> - Win2K Server - did have Exchange 2003 installed and *was* a DC  didn't do it!>
>
> - Installed new server and did a swing migration to Exchange 2010
>
> - Uninstalled Exchange 2003
>
> - DCPromo'd the Win2K server to member server 
>
>
>
> Now the problem
>
> - When you look at any shares on that server that have specific users
> added, all you see are the SIDs instead of account name.
>
> - If you add a new user, they show fine...for a bit...
>
> - When you go back into the security settings, all you see that resolve
> correctly are default ID's (Administrators/Everyone/Etc)
>
>
>
> The server is due to be nuked and repaved, but there are a whack of
> Shares/Folders with really silly securities set on them that have to be
> moved to a new box.
>
>
>
> Any ideas?
>
>
>
> TIA!
>
> Cameron
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Android Vulnerability

2011-05-18 Thread Bill Humphries


i'm worried about connecting anything to a free, public wi-fi.

bill


John Aldrich wrote:

Any of you Android users here want to comment on this story about the newly
discovered vulnerability in Android's O/S:
http://preview.tinyurl.com/6xk8bwp

Are you worried about connecting your Android phone to a free public Wi-Fi
after this?






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

  



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Account Names Not Resolving

It isn't point to itself, right?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 11:01 AM
To: NT System Admin Issues
Subject: Re: Account Names Not Resolving

Yes it does (ran nltest /sc_verify:domain - successful). DNS updated...as in 
pointing to a different DNS server?...no, that hasn't changed.
On Wed, May 18, 2011 at 10:52 AM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
Does it have a secure channel to another DC in the site? Has DNS been updated 
on the server's NIC(s) since it was demoted?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 10:27 AM
To: NT System Admin Issues
Subject: Account Names Not Resolving

Good morning all,

I'm finally getting around to an issue that has been driving me a *bit* crazy 
for months. The scenario...
- Win2K Server - did have Exchange 2003 installed and *was* a DC 
- Installed new server and did a swing migration to Exchange 2010
- Uninstalled Exchange 2003
- DCPromo'd the Win2K server to member server 

Now the problem
- When you look at any shares on that server that have specific users added, 
all you see are the SIDs instead of account name.
- If you add a new user, they show fine...for a bit...
- When you go back into the security settings, all you see that resolve 
correctly are default ID's (Administrators/Everyone/Etc)

The server is due to be nuked and repaved, but there are a whack of 
Shares/Folders with really silly securities set on them that have to be moved 
to a new box.

Any ideas?

TIA!
Cameron

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: WinSxS folder on Server 2008 R2

2011-05-18 Thread Crawford, Scott

"a repository of Microsoft patch files"...on *every* computer.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Tuesday, May 17, 2011 7:34 PM
To: NT System Admin Issues
Subject: Re: WinSxS folder on Server 2008 R2

  Microsoft does not appear overly concerned about resource consumption.
>>> When a 1tb 7200 rpm 6Gb/s Seagate SATA drive costs less than $150, I 
>>> can't say I really blame them...
>> But, if you're not using DAS...
> Or even if you are, and your blade server only has 2.5" 32GB disks...

  Or if you're using SSDs with smaller capacities / higher costs per unit of 
storage.

  Or you're using a tiny form factor and there simply isn't that much storage 
available.

  Or if you simply want to spend your money on something other than a 
repository of Microsoft patch files.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Account Names Not Resolving

2011-05-18 Thread RichardMcClary

Probably not what you are wanting to read, but...

We had two Win2K servers which were DCs.  We eventually got new hardware, 
built some new Win2003 servers, did all the preliminary checks and preps, 
and promoted them to DCs.  We then went though the motions of transfering 
FSMO roles to the new servers.  Finally, we ran "DCPROMO" on the old 
servers to make them member servers.

Although we've not seen your situation (perhaps because we never were in 
an Exchange enviromnent?), we do still see indications that the Win2K 
servers resent no longer being DCs.  This is mostly "userenv" events in 
the APP and SYS logs, and we are not identifying any other more serious 
issues.  We'd persue this situation if not for the fact that these boxes 
are both Dell PE-2550s.  One has already been scrapped, and we can hardly 
wait to scrap the second one...
--
richard





Cameron  
05/18/2011 09:28 AM
Please respond to
"NT System Admin Issues" 


To
"NT System Admin Issues" 
 Press this button if the "To" is a fax number. Enter in the fax number 
like 123-456-7890.
cc

Subject
Account Names Not Resolving






Good morning all,
 
I'm finally getting around to an issue that has been driving me a *bit* 
crazy for months. The scenario...
- Win2K Server - did have Exchange 2003 installed and *was* a DC 
- Installed new server and did a swing migration to Exchange 2010
- Uninstalled Exchange 2003
- DCPromo'd the Win2K server to member server 
 
Now the problem
- When you look at any shares on that server that have specific users 
added, all you see are the SIDs instead of account name.
- If you add a new user, they show fine...for a bit...
- When you go back into the security settings, all you see that resolve 
correctly are default ID's (Administrators/Everyone/Etc)
 
The server is due to be nuked and repaved, but there are a whack of 
Shares/Folders with really silly securities set on them that have to be 
moved to a new box.
 
Any ideas?
 
TIA!
Cameron
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Account Names Not Resolving

2011-05-18 Thread Cameron

Yes it does (ran nltest /sc_verify:domain - successful). DNS updated...as in
pointing to a different DNS server?...no, that hasn't changed.

On Wed, May 18, 2011 at 10:52 AM, Michael B. Smith wrote:

>  Does it have a secure channel to another DC in the site? Has DNS been
> updated on the server’s NIC(s) since it was demoted?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com 
>
>
>
> *From:* Cameron [mailto:cameron.orl...@gmail.com]
> *Sent:* Wednesday, May 18, 2011 10:27 AM
> *To:* NT System Admin Issues
> *Subject:* Account Names Not Resolving
>
>
>
> Good morning all,
>
>
>
> I'm finally getting around to an issue that has been driving me a *bit*
> crazy for months. The scenario...
>
> - Win2K Server - did have Exchange 2003 installed and *was* a DC  didn't do it!>
>
> - Installed new server and did a swing migration to Exchange 2010
>
> - Uninstalled Exchange 2003
>
> - DCPromo'd the Win2K server to member server 
>
>
>
> Now the problem
>
> - When you look at any shares on that server that have specific users
> added, all you see are the SIDs instead of account name.
>
> - If you add a new user, they show fine...for a bit...
>
> - When you go back into the security settings, all you see that resolve
> correctly are default ID's (Administrators/Everyone/Etc)
>
>
>
> The server is due to be nuked and repaved, but there are a whack of
> Shares/Folders with really silly securities set on them that have to be
> moved to a new box.
>
>
>
> Any ideas?
>
>
>
> TIA!
>
> Cameron
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Android Vulnerability

Any of you Android users here want to comment on this story about the newly
discovered vulnerability in Android's O/S:
http://preview.tinyurl.com/6xk8bwp

Are you worried about connecting your Android phone to a free public Wi-Fi
after this?






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus SAAS

Thanks, guys... I don't see this as a benefit for us with Vipre Enterprise
Premium. That already includes web protection and since we don't host our
own email or website I don't see any benefit for that sort of thing.
'Preciate the input and explanation.



-Original Message-
From: Alan Davies [mailto:adav...@cls-services.com] 
Sent: Wednesday, May 18, 2011 4:50 AM
To: NT System Admin Issues
Subject: RE: Antivirus SAAS

Almost certainly.  We use SaaS for email and a separate SaaS offering
for all web traffic.  On top of that we have endpoint AV for all clients
and servers plus alternate AV for internet service facing servers (eg.
proxy and mail).  Point being .. cloud stuff doesn't affect what you do
internally, it just (hopefully) significantly bolsters it!



a

-Original Message-
From: James Hill [mailto:j.h...@coffeeclub.com.au] 
Sent: 18 May 2011 02:08
To: NT System Admin Issues
Subject: RE: Antivirus SAAS

Cloud based web and email virus/malware scanning is probably what they
were referring to.

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Wednesday, 18 May 2011 3:16 AM
To: NT System Admin Issues
Subject: RE: Antivirus SAAS

Well, I got a call today from a company who handles the hardware
maintenance on the AS/400. Seems they also resell McAfee and McAfee just
bought another company recently and is trying to sell their antivirus as
a service. They were talking about how you just proxy everything and
don't have to worry about it ever again. I'm sitting here thinking
"yeah, right!" :D More typical sales rep BS! :D

Thanks for confirming my suspicions.




-Original Message-
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, May 17, 2011 1:01 PM
To: NT System Admin Issues
Subject: RE: Antivirus SAAS

What vendor told you that you didn't have to load something on each
machine?

Typically, SaaS a/v just means that the management is in the cloud. You
still have a local a/v application, that still requires updating...

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Tuesday, May 17, 2011 12:45 PM
To: NT System Admin Issues
Subject: Antivirus SAAS

Anyone here using any sort of SAAS antivirus/anti-malware protection?
I've had a couple different vendors cold-call me about that. Call me
old-fashioned, but I'd still want something on the local PC to help
catch/prevent something from spreading through the PCs, wouldn't I??? I
mean "cloud-based" antivirus sounds great in principle, in that you
don't have to load it on to each individual machine, but the drawback is
that the workstations aren't protected.

Just wondering if there's something I'm missing here.

Thanks!






~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




WARNING:
The information in this email and any attachments is confidential and may be
legally privileged.

If you are not the named addressee, you must not use, copy or disclose this
email (including any attachments) or the information in it save to the named
addressee nor take any action in reliance on it. If you receive this email
or any attachments in error, please notify the sender immediately and then
delete the same and any copies.

"CLS Services Ltd × Registered in England No 4132704 × Registered Office:
Exchange Tower × One Harbour Exchange Square × London E14 9GE"


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_for

RE: Vipre Newbie

2011-05-18 Thread Kelsey, John

If its working as expected, it *should* be scanning the files inside the
zip, unless its password protected, right?  I do remember a virus that
was going around with a password protected zip that caused some issues
though.

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Wednesday, May 18, 2011 10:46 AM
To: NT System Admin Issues
Subject: RE: Vipre Newbie

IIRC there is a list of recommended file types (scr, exe, etc...) but we
also block bitmap and zip files. Blocking zips can cause you a little
strife from time to time (Office 2007 files sometimes get blocked in
spite of the allow rule) but we prefer to be safe not sorry.

From: Kelsey, John [mailto:jckel...@drmc.org] 
Sent: Wednesday, May 18, 2011 10:38 AM
To: NT System Admin Issues
Subject: Vipre Newbie

We recently became proud parents of Vipre for Exchange (2003).  In the
process of setting it up now.  Anybody care to share their attachment
filtering policy?  As in what is best practice to block/allow and in
which direction?

Thanks all!

*
John C. Kelsey

DuBois Regional Medical Center
(:  814.375.3073  
2  :   814.375.4005
*:   jckel...@drmc.org   
*

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or
entity to which it is addressed and may contain Protected Health
Information (PHI), confidential and/or privileged material. Any review,
transmission, dissemination, or other use of, and taking any action in
reliance upon this information by persons or entities other than the
intended recipient without the express written consent of the sender are
prohibited. This information may be protected by the Health Insurance
Portability and Accountability Act of 1996 (HIPAA), and other Federal
and Florida laws. Improper or unauthorized use or disclosure of this
information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you
really need to.

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the  company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Account Names Not Resolving

Does it have a secure channel to another DC in the site? Has DNS been updated 
on the server's NIC(s) since it was demoted?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Cameron [mailto:cameron.orl...@gmail.com]
Sent: Wednesday, May 18, 2011 10:27 AM
To: NT System Admin Issues
Subject: Account Names Not Resolving

Good morning all,

I'm finally getting around to an issue that has been driving me a *bit* crazy 
for months. The scenario...
- Win2K Server - did have Exchange 2003 installed and *was* a DC 
- Installed new server and did a swing migration to Exchange 2010
- Uninstalled Exchange 2003
- DCPromo'd the Win2K server to member server 

Now the problem
- When you look at any shares on that server that have specific users added, 
all you see are the SIDs instead of account name.
- If you add a new user, they show fine...for a bit...
- When you go back into the security settings, all you see that resolve 
correctly are default ID's (Administrators/Everyone/Etc)

The server is due to be nuked and repaved, but there are a whack of 
Shares/Folders with really silly securities set on them that have to be moved 
to a new box.

Any ideas?

TIA!
Cameron

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Vipre Newbie