Re: Software deployment ?
Check whether the uninstall this app when out of scope of management box is ticked or not for your install GPOs. Sent from my Blackberry, which may be an antique but delivers email RELIABLY -Original Message- From: Glen Johnson gjohn...@vhcc.edu Date: Fri, 11 Jan 2013 14:11:57 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.comSubject: Software deployment ? We are migrating away from group policy software deployments to a Dell/KACE system. How do I decommission the group policy software deployments for programs like Java, Adobe and such. If I just remove the GPO, will it remove the software from the users computers at the next policy processing cycle? I'd just like to disable the policy so no new installs run, but not remove the existing installs. Thanks. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Software deployment ?
When you delete each software policy (the individual for the software to install under Software in the GPO) you will have the option to leave it on installed computers or remove it. Best Regards, Dan Bartley From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Friday, January 11, 2013 09:12 To: NT System Admin Issues Subject: Software deployment ? We are migrating away from group policy software deployments to a Dell/KACE system. How do I decommission the group policy software deployments for programs like Java, Adobe and such. If I just remove the GPO, will it remove the software from the users computers at the next policy processing cycle? I'd just like to disable the policy so no new installs run, but not remove the existing installs. Thanks. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE***The information contained in this message may be privileged, confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or any employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: FoxIT reader vulnerability
I still have to recommend Evince. Small, Fast, Open source, and MSI installer for Windows. http://projects.gnome.org/evince/ --Matt Ross Ephrata School District - Original Message - From: Richard McClary [mailto:richard.mccl...@aspca.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Fri, 11 Jan 2013 07:50:40 -0800 Subject: FoxIT reader vulnerability Greetings! http://www.theregister.co.uk/2013/01/11/foxit_pdf_plugin_vuln/ Just now checked the FoxIT web site. The currently offered version is 5.4.4.1128, which the article mentions as being vulnerable (as are older versions). May end up having to use Adobe anyway... -- richard The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Java 7 0day actively exploited in the wild | BeyondTrust
http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ From: Mark Boeck [netadmin...@gmail.com] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
GPP drive mapping 'reconnect'
Hello, I'm working on using Group Policy Preferences for drive mapping, and am a little confused about the reconnect option. http://social.technet.microsoft.com/wiki/contents/articles/12221.troubleshooting-the-drive-maps-preference-extension-in-group-policy-replace-mode-only-maps-the-drive-every-other-logon.aspx is pretty much exactly the scenario I'm curious about (reconnect not set). It says: - Expected Result: Drive Z: is mapped to \\CONTOSO-DC\netlogon every time the user logs on to their computer. Actual Result: Drive Z: is only mapped to \\CONTOSO-DC\netlogon every other time the user logs on. Note: This difference in when Drive Z is mapped will only be noticeable if either the administrator first deletes all mapped drives at the start of processing Group Policy or the user has changed Drive Z during their previous session. - I am confused about that Note. It seems to imply that the Z drive will be mapped correctly on subsequent logons (assuming no one has changed or deleted Drive Z), even though the drive maps preference extension doesn't apply preferences on every logon (because some logons process GP asynchronously). Is it the case that if the user does not modify the drive mappings, the drive mapping will be 'correct' on next logon? This implies there is some sort of caching of drive mappings other than the caching that would occur if 'reconnect' were set. Is that correct? Those of you that use GPP for drive mappings, do you have the 'reconnect' option set or not? Why? Thanks, Elijah Buck ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Fwd: US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability
Not a lot new here, but there is just a bit more information Kurt -- Forwarded message -- From: US-CERT Alerts technical-ale...@us-cert.gov Date: Thu, Jan 10, 2013 at 3:07 PM Subject: US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability To: technical-ale...@us-cert.gov -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA13-010A Oracle Java 7 Security Manager Bypass Vulnerability Original release date: January 10, 2013 Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including * Java Platform Standard Edition 7 (Java SE 7) * Java SE Development Kit (JDK 7) * Java SE Runtime Environment (JRE 7) All versions of Java 7 through update 10 are affected. Web browsers using the Java 7 plug-in are at high risk. Overview A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system. Description A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a drive-by download attack). Any web browser using the Java 7 plug-in is affected. The Java Deployment Toolkit plug-in and Java Web Start can also be used as attack vectors. Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available. Further technical details are available in Vulnerability Note VU#625617. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Solution Disable Java in web browsers This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, disable Java in web browsers. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per browser basis. References * Vulnerability Note VU#625617 http://www.kb.cert.org/vuls/id/625617 * Setting the Security Level of the Java Client http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html * The Security Manager http://docs.oracle.com/javase/tutorial/essential/environment/security.html * How to disable the Java web plug-in in Safari https://support.apple.com/kb/HT5241 * How to turn off Java applets https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets * NoScript http://noscript.net/ * Securing Your Web Browser https://www.us-cert.gov/reading_room/securing_browser/#Safari * Vulnerability Note VU#636312 http://www.kb.cert.org/vuls/id/636312#solution Revision History January 10, 2013: Initial release Feedback can be directed to US-CERT Technical Staff. Please send email to c...@cert.org with TA13-010A Feedback VU#625617 in the subject. Produced by US-CERT, a government organization. This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA13-010A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUO83IXdnhE8Qi3ZhAQLdxQf6A2LhLrArDieg41fxTuIViOXbgH6fZrDt 6bODaZIeTcvQfMMURbUb8MnTQEe7ogNbytb+XQaEzXE6A0YMdWp+93TxFy80wUI0 VpF0lBDwNyeAlwtzicLSQa5oa5Me0k5KPVUn9/mFJZh5Ff0cYjW1dt8dfXJUbH9/ OZ6ZJsnJchymJFlVax3Y87yZh9fPQC4n6dJ86CdLXqC9GaBihgBd1DUpborfWYoR njvrtbcX+7iy+J8fS2C8/JtnQ5M+uilvqxrdU/Z9SdmebIF5HQjafLae9OmwH7Te nxUcwwmuNqIA1Y9aN2DrStv+HnTi121DIxyaVgNOKjPnO/t5mDPKlw== =xi3d
Re: Looking for affordable load balancing solution
NetScalers kick ass...if you know someone who can work them :-) Sent from my Blackberry, which may be an antique but delivers email RELIABLY -Original Message- From: Michael B. Smith mich...@smithcons.com Date: Fri, 11 Jan 2013 20:53:53 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.comSubject: RE: Looking for affordable load balancing solution If you have NetScalers, then use them. If you are looking for a nice low-cost but good function solution, take a look at Coyote Point and at Kemp Technologies. From: Tom Miller [mailto:tmil...@sfgtrust.com] Sent: Friday, January 11, 2013 3:50 PM To: NT System Admin Issues Subject: Looking for affordable load balancing solution We currently use Windows Network Load Balancing for our Exchange 2010 environment. It's okay, but not great. There was a hiccup yesterday in NLB and it caused our system to disconnect all users at once. Looking to avoid this in the future, anyone have any suggestions for alternatives? Appliance or software solution - either is fine. I've used Citrix Netscalers in the past for XenApp, but I know they can also do load balancing. Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Looking for affordable load balancing solution
Some idiot wrote a half-decent blog post on using them to load-balance AppSense servers too :-o Sent from my Blackberry, which may be an antique but delivers email RELIABLY -Original Message- From: Webster webs...@carlwebster.com Date: Fri, 11 Jan 2013 20:53:44 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.comSubject: RE: Looking for affordable load balancing solution NetScalers have built-in stuff for Exchange (and SQL and SharePoint and...) Thanks Webster From: Tom Miller [mailto:tmil...@sfgtrust.com] Sent: Friday, January 11, 2013 2:50 PM To: NT System Admin Issues Subject: Looking for affordable load balancing solution We currently use Windows Network Load Balancing for our Exchange 2010 environment. It's okay, but not great. There was a hiccup yesterday in NLB and it caused our system to disconnect all users at once. Looking to avoid this in the future, anyone have any suggestions for alternatives? Appliance or software solution - either is fine. I've used Citrix Netscalers in the past for XenApp, but I know they can also do load balancing. Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Looking for affordable load balancing solution
Revised: We were cheap (No Budget) and bought two Kemp LM-2200 with 7x24 support for around $4K. They were very easy to set up and have been solid for the last 18 months. Michael Walker Senior Network Engineer Citrus Valley Health Partners 140 W. College Street, Covina, CA 91723 Phone/Fax/Pager: (888) 299-6882 mwal...@mail.cvhp.orgmailto:mwal...@mail.cvhp.org From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, January 11, 2013 12:54 PM To: NT System Admin Issues Subject: RE: Looking for affordable load balancing solution If you have NetScalers, then use them. If you are looking for a nice low-cost but good function solution, take a look at Coyote Point and at Kemp Technologies. From: Tom Miller [mailto:tmil...@sfgtrust.com] Sent: Friday, January 11, 2013 3:50 PM To: NT System Admin Issues Subject: Looking for affordable load balancing solution We currently use Windows Network Load Balancing for our Exchange 2010 environment. It's okay, but not great. There was a hiccup yesterday in NLB and it caused our system to disconnect all users at once. Looking to avoid this in the future, anyone have any suggestions for alternatives? Appliance or software solution - either is fine. I've used Citrix Netscalers in the past for XenApp, but I know they can also do load balancing. Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin