Re: LoJack
I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LoJack
Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. Dave From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 1:36 AM To: NT System Admin Issues Subject: Re: LoJack I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.commailto:jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.commailto:kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.ukhttp://appsensebigot.blogspot.co.uk/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. ** ** Dave ** ** *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, April 23, 2013 1:36 AM *To:* NT System Admin Issues *Subject:* Re: LoJack ** ** I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LoJack
Sorry I don't know the answer to that part. I only know that in the past I have used a Dell utility to configure an EXE that I can use to flip just about any BIOS setting that I wanted and it would take effect at the next system boot. Surely your questions aren't unique enough to be worried about asking LoJack directly. I apologize for not having better answers. Dave From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 7:38 AM To: NT System Admin Issues Subject: Re: LoJack But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.orgmailto:david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. Dave From: James Rankin [mailto:kz2...@googlemail.commailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 1:36 AM To: NT System Admin Issues Subject: Re: LoJack I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.commailto:jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.commailto:kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.ukhttp://appsensebigot.blogspot.co.uk/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.ukhttp://appsensebigot.blogspot.co.uk/ ~ Finally, powerful endpoint security that
Re: LoJack
IIRC, you can ask Dell and pay a nominal fee for Dell to futz with BIOS settings, but due diligence to ensure that it is Activated almost negates the effort, since it takes as much time to check that it is activated (unless you can see that via pre-installed software) during a workstation setup and config. On Tue, Apr 23, 2013 at 10:38 AM, James Rankin kz2...@googlemail.comwrote: But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. ** ** Dave ** ** *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, April 23, 2013 1:36 AM *To:* NT System Admin Issues *Subject:* Re: LoJack ** ** I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that
Re: LoJack
You have a point there - he would need to check somehow anyway so he might as well do them himself :-) On 23 April 2013 15:44, Jonathan Link jonathan.l...@gmail.com wrote: IIRC, you can ask Dell and pay a nominal fee for Dell to futz with BIOS settings, but due diligence to ensure that it is Activated almost negates the effort, since it takes as much time to check that it is activated (unless you can see that via pre-installed software) during a workstation setup and config. On Tue, Apr 23, 2013 at 10:38 AM, James Rankin kz2...@googlemail.comwrote: But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. ** ** Dave ** ** *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, April 23, 2013 1:36 AM *To:* NT System Admin Issues *Subject:* Re: LoJack ** ** I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
Re: OT ? Powershell error trapping
Wait - I think got it! w00t! On Tue, Apr 23, 2013 at 11:04 AM, Candee can...@gmail.com wrote: Okay, okay, I know this isn't my new PowerShell help list ;') But if you have a second... I'm having trouble with error trapping. This is what I want to do: import the users check if username (firstinitiallastname) is in use. If it is, try (firstinitialsecondletterlastname) This works the way I want it to (yay!). I'm having trouble with error trapping if the second username I try is in use. and display ***Create user manually** instead of the whole, qaduser is in use... any help, pointers, or fish appreciated! __ #Start creating users Import-Csv $newusers |foreach { $preferredfirstname = $_.preferredfirstname $lastnamepreferred = $_.lastnamepreferred $SAM = $preferredfirstname.substring(0,1)+$lastnamepreferred $SAM2 = $preferredfirstname.substring(0,2)+$lastnamepreferred+2 $UPN = $preferredfirstname +.+$lastnamepreferred+$DNSROOT $Displayname = $lastnamepreferred + +$preferredfirstname $Email = $UPN $testemail = get-recipient -identity $email -ErrorAction SilentlyContinue $user = Get-qADUser -SamAccountName $SAM #Determine if the employee account name is already in use try{ if($user -eq $Null) { * Creating a new user account for $($SAM) #If the user name and email are available, start creating the account $NewUser = New-qaduser -name $SAM ` -parentcontainer $OU ` -userprincipalname $UPN ` -samaccountname $SAM ` -displayname $displayname ` -mail $email ` -givenname $_.preferredfirstname` -sn $_.lastnamepreferred ` -userPassword $pass ` -company $_.Company ` -department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone ` -city $_.city -postalcode $_.zip -state $_.state ` -streetaddress $_.street -manager $_.manager ` -oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} ` } if($user -ne $Null){ *** Creating a new user account for $($SAM2) $NewUser2 = New-qaduser -name $SAM2 ` -parentcontainer $OU ` -userprincipalname $UPN ` -samaccountname $SAM2 ` -displayname $displayname ` -mail $email ` -givenname $_.preferredfirstname` -sn $_.lastnamepreferred ` -userPassword $pass ` -company $_.Company ` -department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone ` -city $_.city -postalcode $_.zip -state $_.state ` -streetaddress $_.street -manager $_.manager ` -oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} ` } } catch{ ErrorAction silentlycontinue write-host CANNOT CREATE USER $($SAM2) } finally { } } ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT ? Powershell error trapping
I used try/catch; and so far it's good! Here it is: try{ if($user -eq $Null) { * Creating a new user account for $($SAM) #If the user name and email are available, start creating the account $NewUser = New-qaduser -name $SAM ` -parentcontainer $OU ` -userprincipalname $UPN ` -samaccountname $SAM ` -displayname $displayname ` -mail $email ` -givenname $_.preferredfirstname` -sn $_.lastnamepreferred ` -userPassword $pass ` -company $_.Company ` -department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone ` -city $_.city -postalcode $_.zip -state $_.state ` -streetaddress $_.street -manager $_.manager ` -oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} ` } if($user -ne $Null){ $NewUser2 = New-qaduser -name $SAM2 ` -erroraction stop ` -parentcontainer $OU ` -userprincipalname $UPN ` -samaccountname $SAM2 ` -displayname $displayname ` -mail $email ` -givenname $_.preferredfirstname` -sn $_.lastnamepreferred ` -userPassword $pass ` -company $_.Company ` -department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone ` -city $_.city -postalcode $_.zip -state $_.state ` -streetaddress $_.street -manager $_.manager ` -oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} ` * Creating a new user account for $($SAM2) }} catch{ write-host CANNOT CREATE USER $($SAM2) } } #stop the logging On Tue, Apr 23, 2013 at 11:40 AM, Ben Scott mailvor...@gmail.com wrote: On Tue, Apr 23, 2013 at 11:28 AM, Candee can...@gmail.com wrote: Wait - I think got it! w00t! Well, don't keep us in suspense. What was the solution? :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LoJack
If I understand your questions correctly. You need the BIOS set to Activated and the software application agent installed on the computer for it to fully work. The software agent is what communicates with the recovery center. The BIOS piece maintains its presence even through reinstalls or different hard drives. So if it is stolen you call them up and then they can track it down or you can send a delete or lock command. Depending on the computer vendor you should be able to have them activate the BIOS setting for you. Though it will not work until the software agent is installed, you create an account and the laptop calls in for the first time. If the vendor can not do this either choose another vendor or plan on touching each system. Like Dave said depending on the vendor model you might be able to create a BIOS file and install that file on each laptop. Still have to touch each laptop. Though you might be able to script something with one of the management systems. An example, Intel has a tool where we can basically create a custom BIOS file then install it on the other systems using Win PE or an EFI boot from a USB drive. Especially when the systems you get are usually a few BIOS revisions behind. From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 7:38 AM To: NT System Admin Issues Subject: Re: LoJack But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.org mailto:david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. Dave From: James Rankin [mailto:kz2...@googlemail.com mailto:kz2...@googlemail.com ] Sent: Tuesday, April 23, 2013 1:36 AM To: NT System Admin Issues Subject: Re: LoJack I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com mailto:jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com mailto:ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com mailto:kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
Thanks Art, that clears up my question quite nicely. I will pass the info on! Cheers, JR On 23 April 2013 17:07, Art DeKneef art.dekn...@cox.net wrote: If I understand your questions correctly. ** ** You need the BIOS set to Activated and the software application agent installed on the computer for it to fully work. The software agent is what communicates with the recovery center. The BIOS piece maintains its presence even through reinstalls or different hard drives. So if it is stolen you call them up and then they can track it down or you can send a delete or lock command. ** ** Depending on the computer vendor you should be able to have them activate the BIOS setting for you. Though it will not work until the software agent is installed, you create an account and the laptop calls in for the first time. If the vendor can not do this either choose another vendor or plan on touching each system. Like Dave said depending on the vendor model you might be able to create a BIOS file and install that file on each laptop. Still have to touch each laptop. Though you might be able to script something with one of the management systems. ** ** An example, Intel has a tool where we can basically create a custom BIOS file then install it on the other systems using Win PE or an EFI boot from a USB drive. Especially when the systems you get are usually a few BIOS revisions behind. ** ** *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, April 23, 2013 7:38 AM *To:* NT System Admin Issues *Subject:* Re: LoJack ** ** But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum david@nwea.org wrote: Depending on the vendor, you might be able to flip the BIOS setting by running an EXE. I know Dell machines can have their BIOS settings changed without having to physically touch each system. Takes some work but depending on the # of systems it might be worth looking at. Dave *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, April 23, 2013 1:36 AM *To:* NT System Admin Issues *Subject:* Re: LoJack I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris jk.har...@live.com wrote: You might want to take a look at the Dell web site. I believe they sell it as an option with their business line of laptops. I think the BIOS part does all the work but I also think that the software does some configuration changes. Jon Subject: LoJack To: ntsysadmin@lyris.sunbelt-software.com From: kz2...@googlemail.com Date: Sat, 20 Apr 2013 13:01:33 + Does anyone know if LoJack CompuTrace can be activated without the software installed? I am looking into this sort of software for a client but am not sure whether it needs to actually have the software installed or if the embedded BIOS feature does everything required? Their website isn't particularly clear about it and most Googling just turns up people complaining about civil liberties. TIA, JR Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
RE: Cross post on latest round of Java Bugs from Bugtraq
And here is a writeup about the attacks that are starting on these: http://malware.dontneedcoffee.com/ Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org Work:401-444-9081 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, April 22, 2013 3:08 PM To: NT System Admin Issues Subject: Cross post on latest round of Java Bugs from Bugtraq Hello All, Today, a vulnerability report with an accompanying Proof of Concept code was sent to Oracle notifying the company of a new security weakness affecting Java SE 7 software. The new flaw was verified to affect all versions of Java SE 7 (including the recently released 1.7.0_21-b11). It can be used to achieve a complete Java security sandbox bypass on a target system. Successful exploitation in a web browser scenario requires proper user interaction (a user needs to accept the risk of executing a potentially malicious Java application when a security warning window is displayed). What's interesting is that the new issue is present not only in JRE Plugin / JDK software, but also the recently announced Server JRE as well [1]. Those concerned about a feasibility of exploitation of Java flaws in a server environment should consult Guideline 3-8 of Secure Coding Guidelines for a Java Programming Language [2]. It lists the following software components and APIs as potentially prone to the execution of untrusted Java code: - Sun implementation of the XSLT interpreter, - Long Term Persistence of JavaBeans Components, - RMI and LDAP (RFC 2713), - Many SQL implementations. In Apr 2012 [3], we reported our first vulnerability report to Oracle corporation signaling multiple security problems in Java SE 7 and the Reflection API in particular. It's been a year since then and to our true surprise, we were still able to discover one of the simplest and most powerful instances of Java Reflection API based vulnerabilities. It looks Oracle was primarily focused on hunting down potentially dangerous Reflection API calls in the allowed classes space. If so, no surprise that Issue 61 was overlooked. Thank you. Best Regards Adam Gowdiak Looks like more Java patching to come.. and the flaws continue... Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.orgmailto:ezi...@lifespan.org Work:401-444-9081 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpg
Re: LoJack
On Tue, Apr 23, 2013 at 12:07 PM, Art DeKneef art.dekn...@cox.net wrote: You need the BIOS set to Activated and the software application agent installed on the computer for it to fully work. The software agent is what communicates with the recovery center. The BIOS piece maintains its presence even through reinstalls or different hard drives. So what if I wipe the hard drive and install a different OS? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
I think the BIOS piece, if Activated, puts the agent back onto it. How this works cross-platform is beyond me though On 23 April 2013 19:49, Ben Scott mailvor...@gmail.com wrote: On Tue, Apr 23, 2013 at 12:07 PM, Art DeKneef art.dekn...@cox.net wrote: You need the BIOS set to Activated and the software application agent installed on the computer for it to fully work. The software agent is what communicates with the recovery center. The BIOS piece maintains its presence even through reinstalls or different hard drives. So what if I wipe the hard drive and install a different OS? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: LoJack
Excellent question. And I don't have a good answer. LoJack supports Windows 2000 up to Windows 8 and Mac OS 10.3 or higher. But nothing for Linux. So I guess the question is what do you mean by a different OS. If to the same or different Windows version it should be reinstalled. If it was a Windows OS and somebody tried to install the Mac software I don't know. Can they even do that? If going from Windows to a Linux distro I don't know. My guess is it wouldn't work but I'm probably wrong. I'm sure it is something they thought about. Fortunately, the couple of clients that have this on their laptops haven't lost them. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, April 23, 2013 11:50 AM To: NT System Admin Issues Subject: Re: LoJack On Tue, Apr 23, 2013 at 12:07 PM, Art DeKneef art.dekn...@cox.net wrote: You need the BIOS set to Activated and the software application agent installed on the computer for it to fully work. The software agent is what communicates with the recovery center. The BIOS piece maintains its presence even through reinstalls or different hard drives. So what if I wipe the hard drive and install a different OS? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
I see the same problem with windows 8 client and 2012 server. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, April 23, 2013 3:32 PM To: NT System Admin Issues Subject: RE: Very weird file rename issue FWIW, my redirected my docs do the same exact thing and only on 2008 R2 servers. 2003 are fine. Happens even if I hit the server via \\server\sharefile:///\\server\share. From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Tuesday, April 23, 2013 3:26 PM To: NT System Admin Issues Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected My Documents, and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file. However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE 500 North Meridian St Suite 500 Indianapolis, IN 46204-1213 www.harrison.eduhttp://www.harrison.edu/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected My Documents, and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file. However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
That matches the description. Was hoping there was a fix. :) DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: Webster [mailto:webs...@carlwebster.com] Sent: Tuesday, April 23, 2013 3:59 PM To: NT System Admin Issues Subject: RE: Very weird file rename issue Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected My Documents, and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file. However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Very weird file rename issue
Reminds me why I hate the Offline Files feature - generally naff. Wherever its possible, if the functionality is needed I try to replace it with some cloudy sorta solution. Sent from my Blackberry, which may be an antique but delivers email RELIABLY -Original Message- From: Webster webs...@carlwebster.com Date: Tue, 23 Apr 2013 19:59:28 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Reply-To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.comSubject: RE: Very weird file rename issue Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected My Documents, and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file. However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
That's because it is always cloudy where you live. :) Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 3:06 PM To: NT System Admin Issues Subject: Re: Very weird file rename issue Reminds me why I hate the Offline Files feature - generally naff. Wherever its possible, if the functionality is needed I try to replace it with some cloudy sorta solution. Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Webster webs...@carlwebster.commailto:webs...@carlwebster.com Date: Tue, 23 Apr 2013 19:59:28 + To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Very weird file rename issue Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected My Documents, and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file. However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
On Tue, Apr 23, 2013 at 2:53 PM, James Rankin kz2...@googlemail.com wrote: I think the BIOS piece, if Activated, puts the agent back onto it. Yah, that's scary enough. I mean, sure, if someone else can control the hardware, in theory they can do anything, but think about the implications. Is there some kind of hook in Windows that lets the BIOS run arbitrary code? If so, that's kind of spooky. Or are they using a higher privilege level to inject code directly into the kernel? If so, what happens when a kernel update comes out? Or does it depend on the PC vendor's special Windows disc? In which case, it's easily defeated by using generic media. How this works cross-platform is beyond me though I went there first because it's an extreme case. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
On Tue, Apr 23, 2013 at 3:41 PM, Art DeKneef art.dekn...@cox.net wrote: Excellent question. And I don't have a good answer. LoJack supports Windows 2000 up to Windows 8 and Mac OS 10.3 or higher. But nothing for Linux. So I guess the question is what do you mean by a different OS. I'm curious what mechanism they're using to modify the OS. I went to Linux just because support is inconsistent so it makes a good example. I'm sure it is something they thought about. You have far more faith in technology companies than I do. :-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Dual Wan Soho High Speed Router Suggestions
Folks, Thank you all for your input. I ended up with Pfsense and WOW! Dave From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, April 18, 2013 9:16 AM To: NT System Admin Issues Subject: RE: Dual Wan Soho High Speed Router Suggestions Does that free Sophos UTM firewall mentioned here a bit back meet your needs? I'm not sure about the failover part, but you might want to have a look. http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx -sc From: Beach Computers Web Hosting [mailto:gro...@beachcomp.com] Sent: Wednesday, April 17, 2013 2:02 PM To: NT System Admin Issues Subject: RE: Dual Wan Soho High Speed Router Suggestions Ideally $150 tops. I don't mind using a PC as I have so many laying around, but whatever I end up with would ideally be a little idiot proof as I'm no linux guru. :) From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, April 17, 2013 9:55 AM To: NT System Admin Issues Subject: Re: Dual Wan Soho High Speed Router Suggestions OpenBSD is a popular option in the PC router realm. As for appliances, Sophos (Astaro) and Fortinet sell very affordable devices that would handle this function as well. What's your budget? ASB http://xeeme.com/AndrewBaker http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market. On Wed, Apr 17, 2013 at 9:23 AM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 9:09 AM, Shane Mullins tsmulli...@gmail.com wrote: Since you mentioned using a PC based router, OpenBSD has supported failover for at least eight years. Performance is great and their security is top notch. OpenBSD uses pf as a firewall. Pf is much easier to use, for me, than iptables. FYI, Linux *can* do this too, but if I didn't have experience with either, I'd go with OpenBSD/pf, too. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
Sorry for the delay - many balls in the air... On Thu, Apr 18, 2013 at 5:11 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Apr 18, 2013 at 12:53 AM, Kurt Buff kurt.b...@gmail.com wrote: Not that they're equivalent in power, but that each kind of account can do and has access is different and equally valuable. For the typical home user, which is what that comic is focused on[1], not so much. Root/Administrator is valuable because it can subvert the protections on, or directly access, the data that end-user accounts have, and end-user accounts because that's the actual money/IP resides. And for a home PC *THERE IS ONLY ONE USER*. [1] Note what's in the bubbles around the edges. Yes, I noted the bubbles. But a), even for home users, while there might be only one user, there should be *at least* n+1 users, where n is the number of individuals who actually use the machine, plus an administrator account ... You're still steadfastly refusing to go near the point. But, the multi-user at home question is a valid one, and involves a previously unstated assumption on both your part and mine. I've been assuming dedicated personal hardware, because I know Randall has no children, is unmarried, and referred to his laptop, which is a dedicated personal machine. So, my assumption is n=1. With that in mind: Your statement about how an admin account can access the data of other user accounts goes directly to the heart of the problem Munroe is describing: The only other user account is Randall's. The only data is the data in Randall's user account. This doesn't make the admin account worthless, because breaking into the admin account would enable breaking into Randall's user account. But it does mean breaking into the one is roughly equivalent to breaking into the other, in either direction. A lot of people/security design treats the admin account a uniquely high-value asset, even in this scenario, which is a fallacy. And this scenario may well be the most common scenario, although I lack the data to make that determination. No, I don't agree here. Breaking into one account is definitely not the rough equivalent of breaking into the other, or at least it shouldn't be. Each must be protected (in many, but not all of, the same ways), and each should be used only in ways that are germane to its function. The user account shouldn't be used for anything but user-type activities, not admin-type activities, and vice versa. ... given all of those bubbles, the end user is in a threat-rich environment, so must exercise the vigilance techniques I and others have described/prescribed, if they care about their data, privacy and finances. True but unremarkable. Specifically: Not anything have to do with the comic. You keep launching into this list of unrelated techniques like it has anything to do with the discussion. I could talk about DoD personnel security requirements, but it wouldn't be particularly pertinent. I think it has everything to do with the comic, or at least my understanding of the comic. What I'm reading from it is that he's using poor web browsing techniques, and not protecting his personal data via the mechanisms I've outlined, including different IDs and passwords (and even different browsers) for different web sites, etc. Perhaps you have a different understanding of the meaning of that comic - if so, please provide me with illumination. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: mobile scanner
On 19 Apr 2013 at 14:04, Tigran K wrote: The difficulty is in two steps 1 to get the image to the phone 2 to send the picture to the final destination. There's an app for that. CamScanner HD - Scanner, Fax - Android Apps on Google Play https://play.google.com/store/apps/details?id=com.intsig.camscannerhdhl=en CamScanner HD turns your tablet into a scanner. With CamScanner, you are able to digitize any paper documents by photo shooting. Simply take a picture of any paper documents such as receipts, agreements, notes, whiteboards and so forth, and CamScanner can auto-crop image, enhance image quality and create an industry standard PDF file. You can easily share the scanned documents via Email, Google Cloud Print, and fax, upload them to cloud like Dropbox, Google Docs, Box.net, and manage them by grouping or searching. Phone version: CamScanner -Phone PDF Creator - Android Apps on Google Play https://play.google.com/store/apps/details?id=com.intsig.camscanner -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
On 18 Apr 2013 at 9:09, Tom Miller wrote: Our users use Firefox and Internet Explorer. Are there any utilities that I could use so that the booksmarks between browsers are synchronized? This allows Firefox to use Internet Explorer Favorites in addition to bookmarks. PlainOldFavorites :: Add-ons for Firefox https://addons.mozilla.org/en-us/firefox/addon/plainoldfavorites/ According to the project page you can also create an IEF from Firefox, so as long as your users remember to do that, it should work. XMarks is now owned by LastPass; that also works and has the advantage of being cross-platform and cross-machine. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-895-3270 / 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
On 18 Apr 2013 at 20:31, Jon Harris wrote: Speaking of which does Chrome still allow a user to install without Administrator permission? Yes, it installs under User's AppData instead of in ProgFiles -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
On 19 Apr 2013 at 17:49, Free, Bob wrote: xmarks looks very intriguing. I like the parent company and their flagship product so that's a big plus in my mind. Anyone use it for a while and care to comment? I'd love to have bookmarks synched between my iThing, multiple laptops and Surface running different browsers, looks like the premium can do most of that. I haven't been able to use it as my places.sqlite is too large to sync successfully once (21 MB). I would need to start with no bookmarks; then it would probably work. I don't want the same set of bookmarks on my mobile as on my desktop. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
On 23 Apr 2013 at 17:47, Ben Scott wrote: On Tue, Apr 23, 2013 at 2:53 PM, James Rankin kz2...@googlemail.com wrote: I think the BIOS piece, if Activated, puts the agent back onto it. It downloads the software from Lojack and installs it silently. Yah, that's scary enough. I mean, sure, if someone else can control the hardware, in theory they can do anything, but think about the implications. Is there some kind of hook in Windows that lets the BIOS run arbitrary code? If so, that's kind of spooky. Or are they using a higher privilege level to inject code directly into the kernel? If so, what happens when a kernel update comes out? My guess is that the software re-installs itself pre-boot (much like CHKDSK /F can be made to run before Windows loads). Not sure what would happen if it started up and tried to write to a Truecrypted or Bitlocked drive. In 2009 this got some bad press at BlackHat: Researchers find insecure BIOS 'rootkit' pre-loaded in laptops | ZDNet LAS VEGAS -- A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers. The service -- called Computrace LoJack for Laptops -- contains design vulnerabilities and a lack of strong authentication that can lead to a complete and persistent compromise of an affected system, according to Black Hat conference presentation by researchers Alfredo Ortega and Anibal Sacco from Core Security Technologies. Seen here: http://www.zdnet.com/blog/security/researchers-find-insecure-bios-rootkit-pre-loaded-in-laptops/3828 Not sure if these vulnerabilities have been fixed since. FWIW, the publish list of laptops which have this in the BIOS: BIOS Compatibility | Absolute Software http://www.absolute.com/en/partners/bios-compatibility -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
On 18 Apr 2013 at 21:11, Jon Harris wrote: Thanks guys I think an 19 almost 20 YO can make the decision it just sort of pissed me off having to remove it. She has the admin password so she could have done it on purpose but claimed she did not. I do email her when I need her to do updates and she has been good about doing them so I guess daddy needs to teach her to look before clicking again. Google Earth will install Chrome (and maybe even make it the default browser) unless you select Advanced Install and uncheck it. Evil, thy name is Google. I'm sure there are other apps which have [X] Install Chrome buried in the fine print. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Very weird file rename issue
On 23 Apr 2013 at 20:02, Damien Solodow wrote: That matches the description. Was hoping there was a fix. J That issue has been around since the advent of long filenames (Windows 95?) ... you can't have two files with the same name but different case in the same folder. Windows treats FileName.TxT and FileNAME.TXT as the same internally. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
On Tue, Apr 23, 2013 at 8:24 PM, Angus Scott-Fleming angu...@geoapps.com wrote: Yah, that's scary enough. I mean, sure, if someone else can control the hardware, in theory they can do anything, but think about the implications. Is there some kind of hook in Windows that lets the BIOS run arbitrary code? My guess is that the software re-installs itself pre-boot That's the assertion. My question is, what does the software do to re-install itself pre-boot? The BIOS is not magic. The BIOS is a chunk of software stored in ROM that the processor starts executing at power on or reset. Before it hands over control to the MBR, it can do anything it wants, but it has to actually do it. There's no install Windows software BIOS interrupt. While I suppose it could have an NTFS implementation, a registry implementation, plus whatever other code is needed to install something in to Windows, that strikes me as being halfway to just having Windows in the BIOS. I would expect it would be a lot easier to simply use something like System Management Mode to preempt the OS and then borrow the wifi (after sniffing the IP address the OS is using), but the theory seems to be that the communication is handled by an agent running on the OS. (much like CHKDSK /F can be made to run before Windows loads). CHKDSK runs after the Windows kernel is running, boot start drivers are loaded, the filesystems are mounted, and the registry is opened. There's a registry key that tells the Windows startup code to invoke a program called AUTOCHK.EXE, which fires off CHKDSK if needed. This doesn't lead to anything of particular help for the above. I'm pretty sure you know this already. :) http://www.zdnet.com/blog/security/researchers-find-insecure-bios-rootkit-pre-loaded-in-laptops/3828 Yah, as usual, the press gives so little information as to be useless. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 7:52 PM, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Subject: Re: On the subject of security... No running executables from untrusted sources, turn off scripting in my browsers, view all email as plain text, no remembering/caching of passwords in browsers, using a unique password per web site and per other accounts, regular clearing of cookies, no linking of accounts between web sites, running current AV, no browsing with elevated accounts, laptops have full disk encryption, etc., etc., etc. Without an evaluation of risks, this would be a complete waste of time for most people IMHO. Sure - if you don't browse the Internet, share USB sticks, etc., you probably don't need to do those things. But I do browse the internet, and I do share USB sticks. Yet I don't do most of what you list above. Everything is about /management/ of risk, not 99.99% avoidance of risk. You manage risk by taking countermeasures, I believe, not by ignoring them. To me, your approach sounds like ignoring, not managing. But, as you point out, it's a matter of what makes you comfortable. Just as people don’t live in impenetrable fortresses, and keep their money in Fort Knox, it's not actually necessary (or even desirable IMHO) to do some of things you do to have an acceptable level of risk. The marginal benefit from each additional step you are taking vs. the cost to usability and time taken isn't worth it (again, IMHO) Well, yes, of course. My firearms are in a safe, and so are my most valuable, irreplaceable papers - which are just about none. I run as an admin on my personal machine. I don't bother reading all mail in plain text, and I don’t full disk encrypt all my machines, and I don't clear my cookies. I've got better things to do with my time, and if I focus on protecting my identity and data instead, I'm probably just as likely as you to be safe. So, care to share how you protect your identity and data without any technologies or processes? Let's be clear - I'm not saying I have no technology, and my strategy is to rely on magic. I start by worrying about what my family needs/wants to be able to do, and then what apps and data we need to do it, and then work out what the threats/risks are. You can draw a parallel to business - info - technology architecture from TOGAF or similar framework if you want. Malware and hackers getting into my home network is probably about half-way down the list at the moment. Additionally, instead of inconveniencing end users with restrictions on either user experience, I want technology to work in the background to protect us (if possible). So, we use 802.1x for our wireless since we're all on an AD domain, and SOHO APs all support it now (there's a guest wireless network for visitors), and I use centralised malware scanning on the Exchange server. I'm researching some options for outsourcing the malware/junk scanning for incoming (it's a pity that Postini doesn't seem to be available anymore) But things I worry about more are hardware failure, lightning strikes (had two of those in two different homes), being burgled, having a fire or something else similar that destroys things. The information I worry about protecting isn't just what's electronic/digital, but also paper records, passports, birth certificates and so on. So, it's starting from a different starting point. It's not starting from you should encrypt your disk, delete your cookies, run as a non-admin. It's starting from what types of critical/important/throw-away data do I have in order to live/work/interact with friends, and then what are the risks to that data, and what can I do about it. And weigh all that against usability So, I'm not particularly worried about someone getting access to the password for the media centre PC's default user account. I'm more worried about that account somehow getting logged out, and whoever is using our media centre not being able to log back in again. I mitigate the risk of people knowing the password doing something bad by restricting what that account is allowed to do. Likewise I want to be able to share things with my family overseas, bank online and do various other things - at the same time without impacting my user experience significantly, so I take other measures to help reduce risk: I get notifications for purchases on my CCs over a certain amount. Most of my banks require (or at least offer) 2FA for authentication now. Etc. While I agree that the account(s) on your media server aren't a big deal, that's only to the extent that they don't have the same passwords as accounts on other machines, or have access to valuable data elsewhere. 2FA is good for your financial accounts, and also good backups and physical protection - all of which I strive for as well. I've had my
RE: On the subject of security...
-Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Subject: Re: On the subject of security... Everything is about /management/ of risk, not 99.99% avoidance of risk. You manage risk by taking countermeasures, I believe, not by ignoring them. Where do you get this framework from? Most risk management people I've talked to would say that all the below are legitimate responses to risks a) mitigate b) transfer c) accept d) avoid OTOH, I think you seriously underestimate the risks of web browsing to your finances, identity and reputation, and also the costs of repairing them. OK - please educate us on these risks and costs. My understanding is that most fraud and identity theft occurs offline. Secondly some of the things you do (like encrypt drives) aren't going to help with dangerous web browsing habits. So, what's the real risks of browing the web? I've never seen any real research on this. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: On the subject of security...
-Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Subject: Re: On the subject of security... I think it has everything to do with the comic, or at least my understanding of the comic. What I'm reading from it is that he's using poor web browsing techniques, and not protecting his personal data via the mechanisms I've outlined, including different IDs and passwords (and even different browsers) for different web sites, etc. Perhaps you have a different understanding of the meaning of that comic - if so, please provide me with illumination. The text in the comic does state if someone steals my computer whilst I am logged in...” in which case, disk encryption, multiple passwords, multiple browsers etc. would mostly be useless – the assumption being that the user is logged into these sites or apps already. I think explainxkcd.com does a good job of explaining the comic (emphasis added): http://www.explainxkcd.com/wiki/index.php?title=1200 quote Computer operating systems were initially written for the business environment. Thus they were made to be accessible to multiple employees, or users, but only fully accessible to administrators (or admins). Regular users can access and use programs on the computer, but only the admin is allowed to make changes to how the computer runs. This same split level of security continues to this day, even in privately owned, or home, computers. The joke here is that the most important things on a computer are no longer the programs that it runs, but the private personal data it accesses (usually online). Anyone who wished to do real mischief on an active computer could do considerable damage without ever caring what the admin password was. The admin password, in effect, now guards a vault no one cares about. This comic pokes fun at the authorization mechanisms surrounding most operating systems' administrator accounts. It makes the argument that the user's data is more valuable than the integrity of the system. (This is arguably true for most personal systems, although it is probably not true in a shared-server setup, where a system compromise could lead to the exposure of many users' data.) Essentially, once a user is logged in, he or she can typically access all of his or her data without any further restriction. Modifying the operating system (for example, to install drivers) requires a separate password. /quote ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin