RE: Java 7 0day actively exploited in the wild | BeyondTrust
Java released update 11 last night. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, January 11, 2013 2:36 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ From: Mark Boeck [netadmin...@gmail.com] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Java 7 0day actively exploited in the wild | BeyondTrust
Wonder if there's a negative-one-day exploit? Thanks, though, just now got through doing a bunch of JRE upgrades. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Monday, January 14, 2013 8:22 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Java released update 11 last night. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, January 11, 2013 2:36 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ From: Mark Boeck [netadmin...@gmail.com] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC/server management
Windows Intune? From: Tom Miller [mailto:tmil...@sfgtrust.com] Sent: Monday, January 14, 2013 9:32 AM To: NT System Admin Issues Subject: PC/server management Folks, Looking for recommendations for pc/server management (Windows devices only at this time). At my last job I used Kace appliances and they were great. I am looking at those this time but thought I'd ask the list for additional suggestions. At my new job we have System Center Essentials 2007. It's not so good but it is old and I understand that product is EOL. Looking for: patch distribution/management, inventorying, reporting, ability to create granular groups based on factors like IP, machine type, AD memberships, OU location, software deployment, and remote control (not super important since we already own a product for this). Embedded help desk, even if basic, would be a bonus. This place doesn't have one currently. This would be for about 350 nodes. Can be appliance, vmware machine, or even hosted. As long as it does what I need. Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: GPP drive mapping 'reconnect'
Thanks for the responses. Tom, can you expand on why reconnect is helpful for remote users? On Sat, Jan 12, 2013 at 7:44 AM, Tom Miller tmil...@sfgtrust.com wrote: I've used both. Reconnect is helpful for our remote users who only connect occasionally.I don't use reconnect for printers. I find that setting on printers makes the default printer be forgotten. -Original Message- From: James Hill [mailto:falc...@gmail.com] Sent: Saturday, January 12, 2013 5:18 AM To: NT System Admin Issues Subject: RE: GPP drive mapping 'reconnect' Never ever used reconnect. I always use a Replace policy and it has always worked. I use GPP in many places for drive mappings and other things. James. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Saturday, 12 January 2013 5:45 AM To: NT System Admin Issues Subject: GPP drive mapping 'reconnect' Hello, I'm working on using Group Policy Preferences for drive mapping, and am a little confused about the reconnect option. http://social.technet.microsoft.com/wiki/contents/articles/12221.troubleshoo ting-the-drive-maps-preference-extension-in-group-policy-replace-mode-only-m aps-the-drive-every-other-logon.aspx is pretty much exactly the scenario I'm curious about (reconnect not set). It says: - Expected Result: Drive Z: is mapped to \\CONTOSO-DC\netlogon every time the user logs on to their computer. Actual Result: Drive Z: is only mapped to \\CONTOSO-DC\netlogon every other time the user logs on. Note: This difference in when Drive Z is mapped will only be noticeable if either the administrator first deletes all mapped drives at the start of processing Group Policy or the user has changed Drive Z during their previous session. - I am confused about that Note. It seems to imply that the Z drive will be mapped correctly on subsequent logons (assuming no one has changed or deleted Drive Z), even though the drive maps preference extension doesn't apply preferences on every logon (because some logons process GP asynchronously). Is it the case that if the user does not modify the drive mappings, the drive mapping will be 'correct' on next logon? This implies there is some sort of caching of drive mappings other than the caching that would occur if 'reconnect' were set. Is that correct? Those of you that use GPP for drive mappings, do you have the 'reconnect' option set or not? Why? Thanks, Elijah Buck ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Java 7 0day actively exploited in the wild | BeyondTrust
They bumped the security settings up. It prompts every time now. -Original Message- From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Monday, January 14, 2013 9:32 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Wonder if there's a negative-one-day exploit? Thanks, though, just now got through doing a bunch of JRE upgrades. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Monday, January 14, 2013 8:22 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Java released update 11 last night. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, January 11, 2013 2:36 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ From: Mark Boeck [netadmin...@gmail.com] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals?? (ASPCA??) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: GPP drive mapping 'reconnect'
The reconnect isn't necessary helpful for remote users - I wasn't clear on that. What I mean is that using GPP is helpful for remote users. We have many VPN users here, so once they connect to the VPN, they can go to Windows Explorer to open their files. No script needed - the drives will be disconnected until the VPN is connected. I usually use reconnect when I have a change coming soon, so I will set that and remove this item when it is no longer applied. New printers, drive changes, etc. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Monday, January 14, 2013 10:16 AM To: NT System Admin Issues Subject: Re: GPP drive mapping 'reconnect' Thanks for the responses. Tom, can you expand on why reconnect is helpful for remote users? On Sat, Jan 12, 2013 at 7:44 AM, Tom Miller tmil...@sfgtrust.com wrote: I've used both. Reconnect is helpful for our remote users who only connect occasionally.I don't use reconnect for printers. I find that setting on printers makes the default printer be forgotten. -Original Message- From: James Hill [mailto:falc...@gmail.com] Sent: Saturday, January 12, 2013 5:18 AM To: NT System Admin Issues Subject: RE: GPP drive mapping 'reconnect' Never ever used reconnect. I always use a Replace policy and it has always worked. I use GPP in many places for drive mappings and other things. James. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Saturday, 12 January 2013 5:45 AM To: NT System Admin Issues Subject: GPP drive mapping 'reconnect' Hello, I'm working on using Group Policy Preferences for drive mapping, and am a little confused about the reconnect option. http://social.technet.microsoft.com/wiki/contents/articles/12221.troub leshoo ting-the-drive-maps-preference-extension-in-group-policy-replace-mode- only-m aps-the-drive-every-other-logon.aspx is pretty much exactly the scenario I'm curious about (reconnect not set). It says: - Expected Result: Drive Z: is mapped to \\CONTOSO-DC\netlogon every time the user logs on to their computer. Actual Result: Drive Z: is only mapped to \\CONTOSO-DC\netlogon every other time the user logs on. Note: This difference in when Drive Z is mapped will only be noticeable if either the administrator first deletes all mapped drives at the start of processing Group Policy or the user has changed Drive Z during their previous session. - I am confused about that Note. It seems to imply that the Z drive will be mapped correctly on subsequent logons (assuming no one has changed or deleted Drive Z), even though the drive maps preference extension doesn't apply preferences on every logon (because some logons process GP asynchronously). Is it the case that if the user does not modify the drive mappings, the drive mapping will be 'correct' on next logon? This implies there is some sort of caching of drive mappings other than the caching that would occur if 'reconnect' were set. Is that correct? Those of you that use GPP for drive mappings, do you have the 'reconnect' option set or not? Why? Thanks, Elijah Buck ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: smb firewall recommendation
I've got a dozen TZ series Sonicwalls across the country all connected to my main office. They run great. On Mon, Jan 14, 2013 at 10:32 AM, Jimmy Tran jt...@teachtci.com wrote: Hi All, ** ** I’m in the market for a firewall for a small office with les that 15 users. I was looking at the Sonicwall TZ series but people are telling me to stay away from Sonicwall. Has the product improved? Any other recommendations. Would like the UTM features. ** ** Thanks, ** ** Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: smb firewall recommendation
I have no problem with my Sonicwalls. On Mon, Jan 14, 2013 at 11:57 AM, Steve Ens stevey...@gmail.com wrote: I've got a dozen TZ series Sonicwalls across the country all connected to my main office. They run great. On Mon, Jan 14, 2013 at 10:32 AM, Jimmy Tran jt...@teachtci.com wrote: Hi All, ** ** I’m in the market for a firewall for a small office with les that 15 users. I was looking at the Sonicwall TZ series but people are telling me to stay away from Sonicwall. Has the product improved? Any other recommendations. Would like the UTM features. ** ** Thanks, ** ** Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: GPP drive mapping 'reconnect'
Do you have “Always wait for the network at computer startup and logon” enabled? The more I read the less I understand about what ‘reconnect’ does. I’m dense, so how does the reconnect option help when a change is coming? *From:* Tom Miller tmil...@sfgtrust.com *Sent:* January 14, 2013 11:37 AM *To:* NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com *Subject:* RE: GPP drive mapping 'reconnect' The reconnect isn't necessary helpful for remote users - I wasn't clear on that. What I mean is that using GPP is helpful for remote users. We have many VPN users here, so once they connect to the VPN, they can go to Windows Explorer to open their files. No script needed - the drives will be disconnected until the VPN is connected. I usually use reconnect when I have a change coming soon, so I will set that and remove this item when it is no longer applied. New printers, drive changes, etc. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Monday, January 14, 2013 10:16 AM To: NT System Admin Issues Subject: Re: GPP drive mapping 'reconnect' Thanks for the responses. Tom, can you expand on why reconnect is helpful for remote users? On Sat, Jan 12, 2013 at 7:44 AM, Tom Miller tmil...@sfgtrust.com wrote: I've used both. Reconnect is helpful for our remote users who only connect occasionally.I don't use reconnect for printers. I find that setting on printers makes the default printer be forgotten. -Original Message- From: James Hill [mailto:falc...@gmail.com] Sent: Saturday, January 12, 2013 5:18 AM To: NT System Admin Issues Subject: RE: GPP drive mapping 'reconnect' Never ever used reconnect. I always use a Replace policy and it has always worked. I use GPP in many places for drive mappings and other things. James. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Saturday, 12 January 2013 5:45 AM To: NT System Admin Issues Subject: GPP drive mapping 'reconnect' Hello, I'm working on using Group Policy Preferences for drive mapping, and am a little confused about the reconnect option. http://social.technet.microsoft.com/wiki/contents/articles/12221.troub leshoo ting-the-drive-maps-preference-extension-in-group-policy-replace-mode- only-m aps-the-drive-every-other-logon.aspx is pretty much exactly the scenario I'm curious about (reconnect not set). It says: - Expected Result: Drive Z: is mapped to \\CONTOSO-DC\netlogon every time the user logs on to their computer. Actual Result: Drive Z: is only mapped to \\CONTOSO-DC\netlogon every other time the user logs on. Note: This difference in when Drive Z is mapped will only be noticeable if either the administrator first deletes all mapped drives at the start of processing Group Policy or the user has changed Drive Z during their previous session. - I am confused about that Note. It seems to imply that the Z drive will be mapped correctly on subsequent logons (assuming no one has changed or deleted Drive Z), even though the drive maps preference extension doesn't apply preferences on every logon (because some logons process GP asynchronously). Is it the case that if the user does not modify the drive mappings, the drive mapping will be 'correct' on next logon? This implies there is some sort of caching of drive mappings other than the caching that would occur if 'reconnect' were set. Is that correct? Those of you that use GPP for drive mappings, do you have the 'reconnect' option set or not? Why? Thanks, Elijah Buck ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: smb firewall recommendation
I've used Sonicwalls, and currently have a TZ100 in a small remote office. It works very well and has given me no trouble. The old complaint was that their support was horrible. Now that they are owned by Dell, I have no idea what the support situation is like. YMMV. We have recently moved to a FortiGate. I really like it, so I recommend that you check them out as well. Last, you can always go really cheap and get pfSense or ClearOS, or some other software-based firewall. --Matt Ross Ephrata School District - Original Message - From: Jimmy Tran [mailto:jt...@teachtci.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Mon, 14 Jan 2013 08:32:22 -0800 Subject: smb firewall recommendation Hi All, I'm in the market for a firewall for a small office with les that 15 users. I was looking at the Sonicwall TZ series but people are telling me to stay away from Sonicwall. Has the product improved? Any other recommendations. Would like the UTM features. Thanks, Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: smb firewall recommendation
I use SonicWall for anti-malware and have found their support to be very good. TVK -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Monday, January 14, 2013 11:47 AM To: NT System Admin Issues Subject: Re: smb firewall recommendation I've used Sonicwalls, and currently have a TZ100 in a small remote office. It works very well and has given me no trouble. The old complaint was that their support was horrible. Now that they are owned by Dell, I have no idea what the support situation is like. YMMV. We have recently moved to a FortiGate. I really like it, so I recommend that you check them out as well. Last, you can always go really cheap and get pfSense or ClearOS, or some other software-based firewall. --Matt Ross Ephrata School District - Original Message - From: Jimmy Tran [mailto:jt...@teachtci.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Mon, 14 Jan 2013 08:32:22 -0800 Subject: smb firewall recommendation Hi All, I'm in the market for a firewall for a small office with les that 15 users. I was looking at the Sonicwall TZ series but people are telling me to stay away from Sonicwall. Has the product improved? Any other recommendations. Would like the UTM features. Thanks, Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Java 7 0day actively exploited in the wild, update
Java 7 update 11 security patch fixes nothing: http://betanews.com/2013/01/14/java-7-update-11-security-patch-fixes-nothing/?utm_source=feedburnerutm_medium=feedutm_campaign=Feed+-+bn+-+Betanews+Full+Content+Feed+-+BN Oracle has issued an emergency fix for its cross-platform Java software. Java 7 update 11 for Windows, Mac and Linux, and Java 7 Update 11 64-bit for 64-bit versions of Windows and Linux, aims to plug a number of alarming security holes that were being used for phishing attacks and other crimeware. While update 11 should be considered an essential update for all Java users, researchers have warned that the new build is little more than a sticking plaster for the problem, and recommend users actually disable Java from running inside web browsers. Update 11 specifically acts on a Java exploit in web browsers that the US Department of Homeland Security warned is being actively exploited by malware. This allows code to be executed outside of Java's sandbox, allowing keyloggers and botnet code to be distributed through the Java exploit. The update basically sets Java's default security settings to High, which means all code from unknown sources will be flagged before running on the user's say-so. Researchers warn that despite this new setting, the security can be bypassed by hackers able to mask their code through social engineering, which allows them to mask its true origins and claim to be from a trusted source, encouraging users to accept the code even though it's been flagged. As a result, the Department of Homeland Security's Computer Emergency Readiness Team has recommended users should actually disable Java from running in web browsers -- even after applying the latest update. The warning is echoed by other experts, including Rapid 7 and Polish company Security Explorations. At the present time, Mac OS X disables Java browser plug-ins by default, while Firefox has implemented click-to-play protection on recent updates (but not for this newer build). Users of other web browsers and OSes should check their browser's add-on settings and - if wishing to follow the recommended advice - disable Java manually. In the meantime, Java 7 Update 11 32-bit and Java 7 Update 11 64-bit are both available as free downloads for Windows, Mac and Linux. Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Monday, January 14, 2013 10:50 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust They bumped the security settings up. It prompts every time now. -Original Message- From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Monday, January 14, 2013 9:32 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Wonder if there's a negative-one-day exploit? Thanks, though, just now got through doing a bunch of JRE upgrades. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Monday, January 14, 2013 8:22 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Java released update 11 last night. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, January 11, 2013 2:36 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-flaw-709713/ From: Mark Boeck [netadmin...@gmail.com] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
RE: GPP drive mapping 'reconnect'
I had that setting enabled back when we started to use GPPs on Windows 7 devices. I do not see a need for in here - our network is Windows 7 workstations. Recreate (not reconnect, sorry) just deletes the printer/mapping, whatever at each processing of the GPP, then recreates it. From: Elijah Buck [mailto:elijah.b...@gmail.com] Sent: Monday, January 14, 2013 12:28 PM To: NT System Admin Issues Subject: RE: GPP drive mapping 'reconnect' Do you have Always wait for the network at computer startup and logon enabled? The more I read the less I understand about what 'reconnect' does. I'm dense, so how does the reconnect option help when a change is coming? From: Tom Miller tmil...@sfgtrust.commailto:tmil...@sfgtrust.com Sent: January 14, 2013 11:37 AM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: GPP drive mapping 'reconnect' The reconnect isn't necessary helpful for remote users - I wasn't clear on that. What I mean is that using GPP is helpful for remote users. We have many VPN users here, so once they connect to the VPN, they can go to Windows Explorer to open their files. No script needed - the drives will be disconnected until the VPN is connected. I usually use reconnect when I have a change coming soon, so I will set that and remove this item when it is no longer applied. New printers, drive changes, etc. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.commailto:elijah.b...@gmail.com] Sent: Monday, January 14, 2013 10:16 AM To: NT System Admin Issues Subject: Re: GPP drive mapping 'reconnect' Thanks for the responses. Tom, can you expand on why reconnect is helpful for remote users? On Sat, Jan 12, 2013 at 7:44 AM, Tom Miller tmil...@sfgtrust.commailto:tmil...@sfgtrust.com wrote: I've used both. Reconnect is helpful for our remote users who only connect occasionally.I don't use reconnect for printers. I find that setting on printers makes the default printer be forgotten. -Original Message- From: James Hill [mailto:falc...@gmail.commailto:falc...@gmail.com] Sent: Saturday, January 12, 2013 5:18 AM To: NT System Admin Issues Subject: RE: GPP drive mapping 'reconnect' Never ever used reconnect. I always use a Replace policy and it has always worked. I use GPP in many places for drive mappings and other things. James. -Original Message- From: Elijah Buck [mailto:elijah.b...@gmail.commailto:elijah.b...@gmail.com] Sent: Saturday, 12 January 2013 5:45 AM To: NT System Admin Issues Subject: GPP drive mapping 'reconnect' Hello, I'm working on using Group Policy Preferences for drive mapping, and am a little confused about the reconnect option. http://social.technet.microsoft.com/wiki/contents/articles/12221.troub leshoo ting-the-drive-maps-preference-extension-in-group-policy-replace-mode- only-m aps-the-drive-every-other-logon.aspx is pretty much exactly the scenario I'm curious about (reconnect not set). It says: - Expected Result: Drive Z: is mapped to \\CONTOSO-DC\netlogonfile:///\\CONTOSO-DC\netlogon every time the user logs on to their computer. Actual Result: Drive Z: is only mapped to \\CONTOSO-DC\netlogonfile:///\\CONTOSO-DC\netlogon every other time the user logs on. Note: This difference in when Drive Z is mapped will only be noticeable if either the administrator first deletes all mapped drives at the start of processing Group Policy or the user has changed Drive Z during their previous session. - I am confused about that Note. It seems to imply that the Z drive will be mapped correctly on subsequent logons (assuming no one has changed or deleted Drive Z), even though the drive maps preference extension doesn't apply preferences on every logon (because some logons process GP asynchronously). Is it the case that if the user does not modify the drive mappings, the drive mapping will be 'correct' on next logon? This implies there is some sort of caching of drive mappings other than the caching that would occur if 'reconnect' were set. Is that correct? Those of you that use GPP for drive mappings, do you have the 'reconnect' option set or not? Why? Thanks, Elijah Buck ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with
RE: PC/server management
That does not appear to do everything I need. From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Monday, January 14, 2013 9:45 AM To: NT System Admin Issues Subject: RE: PC/server management Windows Intune? From: Tom Miller [mailto:tmil...@sfgtrust.com] Sent: Monday, January 14, 2013 9:32 AM To: NT System Admin Issues Subject: PC/server management Folks, Looking for recommendations for pc/server management (Windows devices only at this time). At my last job I used Kace appliances and they were great. I am looking at those this time but thought I'd ask the list for additional suggestions. At my new job we have System Center Essentials 2007. It's not so good but it is old and I understand that product is EOL. Looking for: patch distribution/management, inventorying, reporting, ability to create granular groups based on factors like IP, machine type, AD memberships, OU location, software deployment, and remote control (not super important since we already own a product for this). Embedded help desk, even if basic, would be a bonus. This place doesn't have one currently. This would be for about 350 nodes. Can be appliance, vmware machine, or even hosted. As long as it does what I need. Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Time sync issues
Quick brainstorm requiredwhat's the most common issues you'd expect in a Windows/AD environment if some servers have incorrect time settings? Obviously AD replication and logging inconsistencies spring to mind...just looking for a few to flesh out a blog post that deals with preventing admins from changing the system time. TIA, JRR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Out of band IE patch issued
This alert is to provide you with an overview of one new security bulletin being released (out of band) on January 14, 2013, for a new vulnerability in Internet Explorer. Microsoft Security Bulletin MS13-008 Security Update for Internet Explorer (2799329) Full Details: http://technet.microsoft.com/security/bulletin/MS13-008. Regards, Microsoft CSS Security Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Fine unused folders
AFind v2.0 - Copyright(c) 2000, Foundstone, Inc. NTFS Last Access Time Finder Command Line Switches [dirname] Directory to search -f [filename] List last access time of file -s [seconds]Files accessed less than x seconds ago -m [minutes]Files accessed less than x minutes ago -h [hours] Files accessed less than x hours ago -d [days] Files accessed less than x days ago -a [d/m/y-h:m:s]Files accessed after this date/time -ns Exclude sub-directories - or / Either switch statement can be used -? Help Additional time frame usage: afind /s 2-4 Files accessed between 2 and 4 seconds ago afind /m 2-4 Files between 2 and 4 minutes ago afind /s 2-4 Files between 2 and 4 seconds ago afind /a 14/7/1998-3:12:06-15/7/1998-2:05:30 Files between these dates COMMAND PROMPT MUST HAVE A MINIMUM WIDTH OF 80 CHARACTERS See http://www.foundstone.com for updates/fixes Probably help u out in this reguard. Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org From: David Lum [mailto:david@nwea.org] Sent: Monday, January 14, 2013 3:41 PM To: NT System Admin Issues Subject: Fine unused folders Is there a tool that can report on folders that have files with a modified date of no more recent than n and give me a report? Example Scan S:\Users Contents S:\Users\Bill\Stuff0 S:\Users\Heather\Stuff1\Stuff6 S:\Users\Steve\Stuff2\Stuff3 And tell me any folders at name level that have no files modified in the last x days? Essentially I want to know if that after Steve, etc left that nobody is using any files in any of his folders so I can remove them. What I don't necessarily want is a detail of ever folder under each users ID, just to know there are no files anywhere in that users' folder structure being used. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Time sync issues
On Mon, Jan 14, 2013 at 12:49 PM, kz2...@googlemail.com wrote: Quick brainstorm requiredwhat's the most common issues you'd expect in a Windows/AD environment if some servers have incorrect time settings? Obviously AD replication and logging inconsistencies spring to mind...just looking for a few to flesh out a blog post that deals with preventing admins from changing the system time. TIA, JRR Anything that demands tight control on time - what springs to mind immediately is higher volume database updates, where tampering with the time on the machine, especially moving the clock backward, can really fubar things. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Time sync issues
Kerberos authentication fails if time drifts too far off and you lose access to network resources, such as shares. The tolerance for time drift varies with server editions. I think Server 2003 had a 5 minute drift tolerance and I think Server 2008 has a 10-minute tolerance. Best regards, Michael Merker Director of Technology Infrastructure Voice (561) 868-3252 Fax (561) 868-3259 merk...@palmbeachstate.edu Palm Beach State College 4200 Congress Avenue Lake Worth, FL 33461 Please note: Palm Beach State College e-mail addresses have changed. Please update your address book to reflect the new domain name for all College faculty and staff e-mail addresses: palmbeachstate.edu. Example: OLD: smi...@pbcc.edumailto:smi...@pbcc.edu NEW: smi...@palmbeachstate.edumailto:smi...@palmbeachstate.edu. My new address is merk...@palmbeachstate.edumailto:mmerk...@palmbeachstate.edu. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, January 14, 2013 4:13 PM To: NT System Admin Issues Subject: Re: Time sync issues On Mon, Jan 14, 2013 at 12:49 PM, kz2...@googlemail.com wrote: Quick brainstorm requiredwhat's the most common issues you'd expect in a Windows/AD environment if some servers have incorrect time settings? Obviously AD replication and logging inconsistencies spring to mind...just looking for a few to flesh out a blog post that deals with preventing admins from changing the system time. TIA, JRR Anything that demands tight control on time - what springs to mind immediately is higher volume database updates, where tampering with the time on the machine, especially moving the clock backward, can really fubar things. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Please note: Due to Florida’s broad open records law, most written communication to or from College employees is public record, available to the public and the media upon request. Therefore, this e-mail communication may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: smb firewall recommendation
Thanks for the input guys and gals. -Original Message- From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Monday, January 14, 2013 9:57 AM To: NT System Admin Issues Subject: RE: smb firewall recommendation I use SonicWall for anti-malware and have found their support to be very good. TVK -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Monday, January 14, 2013 11:47 AM To: NT System Admin Issues Subject: Re: smb firewall recommendation I've used Sonicwalls, and currently have a TZ100 in a small remote office. It works very well and has given me no trouble. The old complaint was that their support was horrible. Now that they are owned by Dell, I have no idea what the support situation is like. YMMV. We have recently moved to a FortiGate. I really like it, so I recommend that you check them out as well. Last, you can always go really cheap and get pfSense or ClearOS, or some other software-based firewall. --Matt Ross Ephrata School District - Original Message - From: Jimmy Tran [mailto:jt...@teachtci.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Mon, 14 Jan 2013 08:32:22 -0800 Subject: smb firewall recommendation Hi All, I'm in the market for a firewall for a small office with les that 15 users. I was looking at the Sonicwall TZ series but people are telling me to stay away from Sonicwall. Has the product improved? Any other recommendations. Would like the UTM features. Thanks, Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Time sync issues
That is not a 100% accurate statement. http://blogs.technet.com/b/askds/archive/2012/08/24/friday-i-mean-saturday-mail-sack-very-wordy-edition.aspx •The semi-myth of Kerberos time skew Thanks Webster -Original Message- From: Merker, Michael R [mailto:merk...@palmbeachstate.edu] Subject: RE: Time sync issues Kerberos authentication fails if time drifts too far off and you lose access to network resources, such as shares. The tolerance for time drift varies with server editions. I think Server 2003 had a 5 minute drift tolerance and I think Server 2008 has a 10-minute tolerance. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Time sync issues
I stand semi-corrected!! ;-} Michael Merker Director of Technology Infrastructure Voice (561) 868-3252 Fax (561) 868-3259 merk...@palmbeachstate.edu Palm Beach State College 4200 Congress Ave Lake Worth, FL 33461 From: Webster [webs...@carlwebster.com] Sent: Monday, January 14, 2013 6:46 PM To: NT System Admin Issues Subject: RE: Time sync issues That is not a 100% accurate statement. http://blogs.technet.com/b/askds/archive/2012/08/24/friday-i-mean-saturday-mail-sack-very-wordy-edition.aspx •The semi-myth of Kerberos time skew Thanks Webster -Original Message- From: Merker, Michael R [mailto:merk...@palmbeachstate.edu] Subject: RE: Time sync issues Kerberos authentication fails if time drifts too far off and you lose access to network resources, such as shares. The tolerance for time drift varies with server editions. I think Server 2003 had a 5 minute drift tolerance and I think Server 2008 has a 10-minute tolerance. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Please note: Due to Florida’s broad open records law, most written communication to or from College employees is public record, available to the public and the media upon request. Therefore, this e-mail communication may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Out of band IE patch issued
Thanks, Z *ASB **http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker* **Providing Virtual CIO Services (IT Operations Information Security) for the SMB market…*** On Mon, Jan 14, 2013 at 3:52 PM, Ziots, Edward ezi...@lifespan.org wrote: This alert is to provide you with an overview of one new security bulletin being released (out of band) on January 14, 2013, for a new vulnerability in Internet Explorer. Microsoft Security Bulletin MS13-008 Security Update for Internet Explorer (2799329) Full Details: http://technet.microsoft.com/security/bulletin/MS13-008. Regards, Microsoft CSS Security Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org *ASB* *http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker** *Providing Expert Technology Consulting Services for the SMB market…* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Linksys exploit - what does this mean to my remote users?
Well, it looks to me like they've figured out how to get a root shell open on various Linksys routers. What that means, essentially, is that the attacker can make that little Internet-connected computer do pretty much whatever he or she wants it to do. Packet capture and forwarding of all your Internet traffic to an external server, spamming, you name it and it's theoretically possible. What isn't clear (at least to me) is whether the attack is successful from the outside. The demo is from the LAN. On Mon, Jan 14, 2013 at 10:07 PM, David Lum david@nwea.org wrote: I am not smart enough to know what this means other than to tell any of my users who have this to update to the latest firmware when it comes out. http://www.net-security.org/secworld.php?id=14234 ** ** Yeah, they can see stuff on the router, ASP pages, etc. I would assume a VPN link is vulnerable, or no? I mean, I know what this exploit does, but I don’t know what it allows the exploiter to DO. I am never in a router, so can only guess it can spoof DNS, etc. *David Lum* Sr. Systems Engineer // NWEATM Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 ** ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Linksys exploit - what does this mean to my remote users?
On Mon, Jan 14, 2013 at 7:07 PM, David Lum david@nwea.org wrote: I am not smart enough to know what this means other than to tell any of my users who have this to update to the latest firmware when it comes out. http://www.net-security.org/secworld.php?id=14234 Yeah, they can see stuff on the router, ASP pages, etc. I would assume a VPN link is vulnerable, or no? I mean, I know what this exploit does, but I don’t know what it allows the exploiter to DO. I am never in a router, so can only guess it can spoof DNS, etc. For one, they can spoof DNS lookups. This is bad. For another, they can probably figure out what banking/financial sites you're visiting. Put those two together, and you have a good recipe for losing money, quickly, with spoofed web sites. That's just the start of it. Ouch. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin