Re: IIS Question

[Ben Scott]

On Wed, May 8, 2013 at 6:17 PM,   wrote:
>> The new address is: nysys...@lists.myitforum.com
>
> Shouldn't that have been NTSysAdm?

  Yes.

  This thread will now self-destruct.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: IIS Question

[Ben Scott]

On Wed, May 8, 2013 at 6:17 PM, Crawford, Scott  wrote:
> Why'd you change the subject line?

  I didn't, OP apparently posted the same message body twice with two
different subject lines.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: IIS Question

[Ben Scott]

On Wed, May 8, 2013 at 5:30 PM, Daniele Bartoli
 wrote:
> Got an IIS question that I am hoping someone can help with.

  boo-bee-BEEP

  We're sorry, the list you have posted to is no longer in service.

  The new address is: nysys...@lists.myitforum.com

  Please close this message, and try your post again.

  This is a recording.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: The list status

[Ben Scott]

  What if they had a list and nobody subscribed?

  It seems like the membership has moved to the MyITForum.com host in
the meantime.

http://myitforum.com/myitforumwp/services/email-lists/

mailto:comm...@lists.myitforum.com?body=subscribe%20NTSysAdm

  I don't think anyone here subscribed because of who hosted the list.
 Rather, people subscribe for who's *on* the list.  If the community
has moved, then that's where the list is now, for all practical
purposes.

On Fri, May 3, 2013 at 9:20 AM, Sandy  wrote:
> Hello Everyone!  My name is Sandy Vandebult and I was a long Sunbelter and 
> currently work with Stu at his new company Knowbe4.  GoodNews!!  GFI has 
> given the list over to Stu and the list will live on!
>
> We are looking at moving the list over to Google groups but I am open to any 
> suggestions if anybody knows of a better way to go.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: The list?

[Ben Scott]

On Thu, May 2, 2013 at 12:31 PM, Steven M. Caesare  wrote:
>> ... he isn’t aware we are freaking out.
>
> Freaking out?
> Hardly.
> More like what happens in the classroom when the teacher steps out for a
> moment…

  Except when the teacher steps back in, usually the class is still there.  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Tue, Apr 30, 2013 at 2:01 PM, Pete Howard  wrote:
>
> Bob Free wrote:
>> I had to work with one of the Ed’s, (Crowley) when he used to work here and
>> we migrated to win95/Exchange/NT from win31/Vines.
>
> Going old school now .. you must have had some SNADS and PROFS ?

  I bet they had SCMODS too.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Tue, Apr 30, 2013 at 12:39 PM, Free, Bob  wrote:
> In a sense we had ~500 because each Banyan server was a separate entity from
> a mail perspective that had to be dealt with individually.
>
> The project name had a fancy acronym but Ed just called it the Darwin
> project.

  Millennium Year Application Software System?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Mon, Apr 29, 2013 at 2:10 PM, MMF  wrote:
> I'm having a problem with signing up for the new list. ... I keep getting
> error messages each time I click on the second link to the new
> NTSYSADMIN list.

1. Compose a new email
2. Send to: comm...@lists.myitforum.com
3. Leave subject line blank
4. In the message body, put: subscribe NTSysADM
5. Send

  That will skip the web site entirely.

 > I'm using Windows Live as my email client, and Anybody
> have any ideas?

  I have the idea that you should get a better email system.  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Mon, Apr 29, 2013 at 10:39 AM, Richard McClary
 wrote:
> Question – we’ve had both Rod and Ben offer to host, and both have given
> links.

  Correction: All I did was throw up a web page for people to check in
case the existing list server suddenly went offline.

> Do those wishing to continue a mail-based (rather than web-based) forum go
> with Rod’s?  Is that what the agreement seems to be?

  I interpreted one of Rod's statements to mean his system can provide
both a web interface and an email interface to the same forum, so I
think we may have the best of both worlds.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Disk space management software

[Ben Scott]

On Mon, Apr 29, 2013 at 11:13 AM, Angus Scott-Fleming
 wrote:
>> Just FYI, but there *is* a Portable version of windirstat too ( I use
>> it on client's systems specifically because it doesn't need to be
>> "installed"
>
> From PortableApps.com?  Or somewhere else?

  Same binary.

http://www.mail-archive.com/ntsysadmin@lyris.sunbelt-software.com/msg120093.html

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Mon, Apr 29, 2013 at 8:46 AM, Mike Hoffman  wrote:
> I know I have approx. 12 years of posts in a few public folders and .pst
> files. I could have a go at uploading stuff?

  Several years back I subscribed NTSYSADMIN and ExchangeList to
.  Partly because Friggin' Lyris is bad
at archives, too, but also in case the list ever died.  If you wanted
to, you could find the oldest message there, and then inject anything
you have that's older into that archive.  You would need to submit the
messages to arch...@mail-archive.com with their original headers (or
an approximation thereof -- it will need at least the
To/From/Subject/Message-ID headers, I'm sure).

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Mon, Apr 29, 2013 at 10:28 AM, Rod Trent  wrote:
> Done.  Link is here:
>
> http://myitforum.com/myitforumwp/services/email-lists/

  Cool.  Thanks, Rod!

  Suggestion: Rename from "NTSysADM" to "NTSysADMIN".  If we keep the
list names exactly the same, then Bingle searches for "NTSYSADMIN"
will find both sets of archives.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: End of month plan B for list shutdown.

[Ben Scott]

On Mon, Apr 29, 2013 at 8:14 AM, Kennedy, Jim
 wrote:
> The end of the month and allegedly the end of the list is tomorrow. We need a 
> plan
> B to get back in contact to get this going again if possible. Someone got a 
> blog we
> can bookmark for new/announcements that would be willing to post anything 
> they hear?

  Until something better comes along, I offer this:

https://sites.google.com/site/mailvortex/ntsysadmin

  I'll also update that after something better comes along.  This is
intended to be a quick response, not a good one.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Bad symbolic link in registry

[Ben Scott]

On Sun, Apr 28, 2013 at 2:19 PM, Joseph L. Casale
 wrote:
> I have a symlink in the registry of a 08r2 server that I can not remove which 
> is
> preventing the installation of an app.
>
> If i recreate the target I can access it, but still can not delete it. Anyone 
> a tool
> to remove such a stubborn problem?

FORMAT C:

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Disk space management software

[Ben Scott]

On Fri, Apr 26, 2013 at 12:05 PM, Angus Scott-Fleming
 wrote:
> I use Spacemonger 1.4, the last free version.  Prefer it to WinDirStat as it 
> is
> a standalone executable which doesn't have to be "installed".

  WinDirStat is basically a stand-alone executable.  They distribute
it as an "installer" but if you unpack it with 7-Zip it runs just
fine.  Or just install it once and then copy the binary out.  I just
have a copy of WinDirStat.EXE in our network "miscellaneous utilities"
folder and run it from there.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ALERT : NTSYSADMIN LIST MIGRATION

[Ben Scott]

On Fri, Apr 26, 2013 at 5:10 AM, Richard Sobey  wrote:
RS> I was also "taught" to delete everything not immediately relevant
to your reply.
RS>
RS> Ah well. I'm a fan of bottom posting - back in the NNTP days. Using Outlook
RS> makes it very hard :(

  I've never really understood that objection.  People talk about the
position the cursor starts in as if it's some insurmountable barrier.
Some composers start the cursor at the top of the edit buffer.  Others
start it at the bottom.  They're otherwise identical.  Doesn't seem
like a big difference to me.  :-)

  One thing I miss from my Fidonet days is the convention of prefixing
people's initials to the quoted text leader (done above manually, for
illustration).  Made it easier to follow a complicated, nested
conversation.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ALERT : NTSYSADMIN LIST MIGRATION

[Ben Scott]

On Thu, Apr 25, 2013 at 5:19 PM, Jonathan Link  wrote:
> No, it's a Ben9K thing.  He doesn't believe in top posting.

  That wasn't me Rod was replying to.

  Good luck blaming that on posting styles.  :)

> On Thu, Apr 25, 2013 at 4:38 PM, Rod Trent  wrote:
>>
>> Every time I see your messages come through I almost delete it
>> automatically, thinking someone accidentally hit Send too soon.  Then, I
>> realize your response is *under* the original text.  Tricky.  Is that a
>> Gmail thing?
>>
>>
>> -Original Message-
>> From: Kurt Buff [mailto:kurt.b...@gmail.com]
>> Sent: Thursday, April 25, 2013 4:13 PM
>> To: NT System Admin Issues
>> Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION
>>
>> On Thu, Apr 25, 2013 at 11:44 AM,   wrote:
>> >
>> >
>> > Hi All,
>> >
>> > You are invited to the new NTSYSADMIN list hosted by KnowBe4.
>> >
>> > This replaces the Lyris list hosted by Sunbelt Software / GFI, which
>> > will shut down at the end of this month.
>> >
>> > GFI will confirm this with a separate message.
>> >
>> > I will continue to moderate the NTSYSADMIN list from KnowBe4.
>> >
>> > Warm regards,
>> >
>> > Stu
>>
>> Continuity? That is, will the archives migrate too?
>>
>> You say "invited" does this mean I have to do a new signup? If so, where's
>> the subscription info?
>>
>> Can you ban the "indeed" when used as a single word response? :)
>>
>> Will you finally migrate to mailman so that we can have a sane list
>> handler?
>>
>> Kurt
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>>   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ALERT : NTSYSADMIN LIST MIGRATION

[Ben Scott]

On Thu, Apr 25, 2013 at 2:44 PM,   wrote:
> You are invited to the new NTSYSADMIN list hosted by KnowBe4.
>
> This replaces the Lyris list hosted by Sunbelt Software / GFI,
> which will shut down at the end of this month.

The list is dead!  Long live the list!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Startup processes

[Ben Scott]

On Thu, Apr 25, 2013 at 9:35 AM, James Rankin  wrote:
> I'd think that it would be the ability to copy files and folders from a 
> remote location that
> would be the definition required in this case.

  You could do an "IF EXIST \\server\share\path\file.txt ..." (or the
moral equivalent in your scripting language of choice) then.  Make
sure that script is asynchronous from the rest of computer startup, or
the startup will hang waiting for a while if the network isn't up.

  If you want to loop/retry, suggest using a SLEEP call (or
equivalent) to suspend the process for a minute or three.  That's a
lot less rude than spinning in a loop, and a lot less kludgy than
ping'ing an invalid address.

> Basically I have a lot of clients who insist on using the Computer Startup
> trigger to do things (like copy files and folders to the endpoint).

  Consider using standard Group Policy for that.  GP
scripts/preferences don't run if the network isn't working (which, in
this case, I think means, "Can files be read from SYSVOL on a DC?").

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Startup processes

[Ben Scott]

On Thu, Apr 25, 2013 at 8:11 AM,   wrote:
> On a Windows system, is there a process that runs on startup that will only 
> run if there
> is network connectivity present? I've got a strange requirement and I need to 
> be able to
> tell when the network is available, if possible.

  Define "network connectivity".  Layer two link up?  Has an IP
address?  Has a default route?  Can ping the default gateway?  Can
reach an arbitrary host on the Internet?  Can do lookups against the
Active Directory Domain Controller?  Can ping your AppSense server?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: LoJack

[Ben Scott]

On Tue, Apr 23, 2013 at 8:24 PM, Angus Scott-Fleming
 wrote:
>>   Yah, that's scary enough.  I mean, sure, if someone else can control
>> the hardware, in theory they can do anything, but think about the
>> implications.  Is there some kind of hook in Windows that lets the
>> BIOS run arbitrary code?
>
> My guess is that the software re-installs itself pre-boot

  That's the assertion.  My question is, what does the software do to
"re-install itself" pre-boot?

  The BIOS is not magic.  The BIOS is a chunk of software stored in
ROM that the processor starts executing at power on or reset.  Before
it hands over control to the MBR, it can do anything it wants, but it
has to actually do it.  There's no "install Windows software" BIOS
interrupt.  While I suppose it could have an NTFS implementation, a
registry implementation, plus whatever other code is needed to
"install" something in to Windows, that strikes me as being halfway to
just having Windows in the BIOS.

  I would expect it would be a lot easier to simply use something like
System Management Mode to preempt the OS and then "borrow" the wifi
(after sniffing the IP address the OS is using), but the theory seems
to be that the communication is handled by an agent running on the OS.

> (much like CHKDSK /F can be made to run before Windows loads).

  CHKDSK runs after the Windows kernel is running, boot start drivers
are loaded, the filesystems are mounted, and the registry is opened.
There's a registry key that tells the Windows startup code to invoke a
program called AUTOCHK.EXE, which fires off CHKDSK if needed.  This
doesn't lead to anything of particular help for the above.

  I'm pretty sure you know this already.  :)

> http://www.zdnet.com/blog/security/researchers-find-insecure-bios-rootkit-pre-loaded-in-laptops/3828

  Yah, as usual, the press gives so little information as to be useless.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: LoJack

[Ben Scott]

On Tue, Apr 23, 2013 at 3:41 PM, Art DeKneef  wrote:
> Excellent question. And I don't have a good answer. LoJack supports Windows
> 2000 up to Windows 8 and Mac OS 10.3 or higher. But nothing for Linux.
>
> So I guess the question is what do you mean by a different OS.

  I'm curious what mechanism they're using to modify the OS.  I went
to Linux just because support is inconsistent so it makes a good
example.

> I'm sure it is something they thought about.

  You have far more faith in technology companies than I do.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: LoJack

[Ben Scott]

On Tue, Apr 23, 2013 at 2:53 PM, James Rankin  wrote:
> I think the BIOS piece, if Activated, puts the agent back onto it.

  Yah, that's scary enough.  I mean, sure, if someone else can control
the hardware, in theory they can do anything, but think about the
implications.  Is there some kind of hook in Windows that lets the
BIOS run arbitrary code?  If so, that's kind of spooky.  Or are they
using a higher privilege level to inject code directly into the
kernel?  If so, what happens when a kernel update comes out?

  Or does it depend on the PC vendor's "special" Windows disc?  In
which case, it's easily defeated by using generic media.

> How this works cross-platform is beyond me though

  I went there first because it's an extreme case.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: LoJack

[Ben Scott]

On Tue, Apr 23, 2013 at 12:07 PM, Art DeKneef  wrote:
> You need the BIOS set to Activated and the software application agent
> installed on the computer for it to fully work. The software agent is what
> communicates with the recovery center. The BIOS piece maintains its presence
> even through reinstalls or different hard drives.

  So what if I wipe the hard drive and install a different OS?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Cross post on latest round of Java Bugs from Bugtraq

[Ben Scott]

On Mon, Apr 22, 2013 at 3:08 PM, Ziots, Edward  wrote:
> Today, a vulnerability report with an accompanying Proof of Concept code
> was sent to Oracle notifying the company of a new security weakness
> affecting Java SE 7 software.

  Can we just get an announcement when there *isn't* a Java hole?  I
think we'd cut down on mail...

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Color me skeptical

[Ben Scott]

On Mon, Apr 22, 2013 at 1:16 PM, Andrew S. Baker  wrote:
> >>  They hit paydirt with "search, don't sort" and "sell user
> >> data/advertising to others, not services to users".
>
> But that wasn't a paradigm shift

  Seems like it is mostly a discussion about what constitutes a
"paradigm shift", then, because I generally agree with the rest of
your analysis.  :-)  Some of it's quite apt -- especially the bit
about big companies floundering once their core competency market is
saturated and they're forced to branch out.

  A couple small additions:

> Microsoft's advantage was actually APIs upon which rich ecosystems could
> be built by 3rd parties and enterprises.  ... they lost their dominance in
> mobile by not understanding what their strengths really were

  Microsoft's big mistake in the mobile market was making something
that wasn't compatible with their existing stuff.  So when Apple came
along with a more compelling product, there was no reason not to jump
ship.  It wasn't so much that the API wasn't good enough (although
maybe that was a problem, too) but that it was *different*.

  The same will happen with Win 8, I suspect.  They think that putting
Windows Apps on desktop and mobile will mean tons of adoption of the
new Windows Apps platform.  I suspect it will actually mean a white
elephant on the desktop.  I don't think they have any other choice,
though.

> Google is a search company that sells data derived, in part, from search.
> All these other forays into different technologies are just distracting
> them.

  Largely agree, but they've had some success with GMail and GApps.
Of course, even there, a big part of GMail's success was the search
function.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Color me skeptical

[Ben Scott]

On Mon, Apr 22, 2013 at 12:42 PM, Andrew S. Baker  wrote:
>> I'm really interested to see if this is the paradigm shift that Google
>> thinks it's going to be.
>
> Has Google actually been right about *any* paradigm shifts?
> (Ponders Buzz and GoogleWave...)

  They hit paydirt with "search, don't sort" and "sell user
data/advertising to others, not services to users".  And they
definitely revolutionized web search -- before Google, it was all
about making the query as smart as possible.  Google made the index
smarter.

  But good point.  They've had some notable strike outs, too.  They
seem to do better with general strategies than specific products.  But
then, they missed the boat on social media, too.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Thu, Apr 18, 2013 at 11:16 AM, Andrew S. Baker  wrote:
> Protecting root access in a system does have some value when it comes to
> persistence of malware. Malware that is confined to userland is easier to
> detect and uproot than malware that makes it to a deeper level.

  There is certainly some value to the admin account, even on a
single-user dedicated device.  I certainly don't advocate ignoring
that.  :-)

> I think that the bigger problem is that most people don't realize the
> importance and criticality of their data until it is lost...

  No argument there.

  For that matter: s/their data/anything/

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Synchronize booksmarks?

[Ben Scott]

On Thu, Apr 18, 2013 at 10:36 AM, Maglinger, Paul  wrote:
> Based on previous experience I
> prompted removed it and therefore found the issue with Outlook.  Since then
> several others here have done the same and had the same issue.  The
> uninstall should be cleaner than it is.

  This is a problem with the way Windows handles "default browser".
Whenever the default browser is uninstalled, the file associations and
scheme handlers gets all horked up.  It's not specific to Chrome; any
browser will cause this.  Thank Microsoft for trying to cram MSIE down
everyone's throat in the 90s; we're still paying for that decision.

  Which is not to say that bundling unrelated products isn't evil,
too.  If the Adobe/Google thing you describe hadn't bundled Chrome
that way, you wouldn't have had to deal with this in the first place.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Synchronize booksmarks?

[Ben Scott]

On Thu, Apr 18, 2013 at 9:22 AM, James Rankin  wrote:
> If the Bookmarks folder in Firefox works the same way as Favourites in IE, I
> don't see why you couldn't redirect them both and then do some scripting to
> synchronize the folders at logoff.

  Firefox stores bookmarks in a database file ("places.sqlite") that's
not compatible with MSIE.

  (Before the current architecture, it used a single HTML file,
"bookmarks.html", also not compatible with MSIE.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Thu, Apr 18, 2013 at 12:53 AM, Kurt Buff  wrote:
>>> Not that they're equivalent in power, but that each kind of account
>>> can do and has access is different and equally valuable.
>>
>>   For the typical home user, which is what that comic is focused
>> on[1], not so much.
>>
>>> Root/Administrator is valuable because it can subvert the protections
>>> on, or directly access, the data that end-user accounts have, and
>>> end-user accounts because that's the actual money/IP resides.
>>
>>   And for a home PC *THERE IS ONLY ONE USER*.
>>
>> [1] Note what's in the bubbles around the edges.
>
> Yes, I noted the bubbles. But a), even for home users, while there
> might be only one user, there should be *at least* n+1 users, where n
> is the number of individuals who actually use the machine, plus an
> administrator account ...

  You're still steadfastly refusing to go near the point.

  But, the multi-user at home question is a valid one, and involves a
previously unstated assumption on both your part and mine.  I've been
assuming dedicated personal hardware, because I know Randall has no
children, is unmarried, and referred to his laptop, which is a
dedicated personal machine.  So, my assumption is n=1.  With that in
mind:

  Your statement about how an admin account can access the data of
other user accounts goes directly to the heart of the problem Munroe
is describing: The only other user account is Randall's.  The only
data is the data in Randall's user account.

  This doesn't make the admin account worthless, because breaking into
the admin account would enable breaking into Randall's user account.
But it does mean breaking into the one is roughly equivalent to
breaking into the other, in either direction.  A lot of
people/security design treats the admin account a uniquely high-value
asset, even in this scenario, which is a fallacy.  And this scenario
may well be the most common scenario, although I lack the data to make
that determination.

> ... given all of those bubbles, the end user
> is in a threat-rich environment, so must exercise the vigilance
> techniques I and others have described/prescribed, if they care about
> their data, privacy and finances.

  "True but unremarkable".  Specifically: Not anything have to do with
the comic.  You keep launching into this list of unrelated techniques
like it has anything to do with the discussion.

  I could talk about DoD personnel security requirements, but it
wouldn't be particularly pertinent.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Wed, Apr 17, 2013 at 4:07 PM, Kurt Buff  wrote:
> My point is that you have to use
> the same methods to protect unprivileged accounts as you do
> root/administrator.

  "True and unremarkable."

  There, I did it, too.  See how that fails to contribute to the discussion?

> Not that they're equivalent in power, but that each kind of account
> can do and has access is different and equally valuable.

  For the typical home user, which is what that comic is focused
on[1], not so much.

> Root/Administrator is valuable because it can subvert the protections
> on, or directly access, the data that end-user accounts have, and
> end-user accounts because that's the actual money/IP resides.

  And for a home PC *THERE IS ONLY ONE USER*.

-- Ben

[1] Note what's in the bubbles around the edges.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Can you do this with .CMD?

[Ben Scott]

On Wed, Apr 17, 2013 at 5:25 PM, Michael B. Smith  wrote:
>>> Please, no PoSh because I have tons of XP machines that need to run
>>> this...
>>
>> If my guess is correct, PoSh will have the same problem.
>
> PowerShell would allow you to use Win32 to fake input, to use
> WPF to fake input, and Windows Forms to fake input.

  But would still have the same problem trying to redirect stdin.

  Admittedly, I didn't explain that very well.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Can you do this with .CMD?

[Ben Scott]

On Wed, Apr 17, 2013 at 5:16 PM, Daniel Rodriguez  wrote:
> Instead of doing a carriage return put a ^M at the end of your batch file.

  ^M is just a human-readable representation a carriage return, used
by some software to display something that's normally not printable.

  Typing the actual characters (caret, letter M) don't do anything
special in batch files.  Or in most other places.

--- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Can you do this with .CMD?

[Ben Scott]

On Wed, Apr 17, 2013 at 4:23 PM, David Lum  wrote:
> Use a batch file to launch an application and then send two carriage returns
> to this app?

  Well, maybe.

> The app runs but sits and waits for the password, so it’s only processesing
> the first .

  And let me guess, the password doesn't echo, or maybe shows stars or
dots or something, normally?

  My guess is the app isn't using the standard input/output routines
for the password, so redirecting stdin like that doesn't matter for
password entry.

  Otherwise, your current code should work.  (Assuming when you say
"Answerfile.txt" contains "", you actually mean a
CR+LF, which is what Microsoft uses.)

  If this is indeed the problem, you'll need something more
sophisticated to fake the keystrokes.  Back in the old days of DOS,
there was a utility called KEYFAKE.EXE that would do that, but I don't
expect it would work under 'doze.  Maybe something like AutoIt3?

> Please, no PoSh because I have tons of XP machines that need to run this…

  If my guess is correct, PoSh will have the same problem.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Wed, Apr 17, 2013 at 2:43 PM, Michael B. Smith  wrote:
> IOW: Security is for the MANAGEMENT of risk and MITIGATION of same. For real
> world systems, and usage of them, there is no such thing as perfect security.

  That's true, too, but the point Munroe is trying to make is that a
lot of people lose track of the forest for the trees.  They get so
caught up in protecting the computer that they forget why they're
protecting it.

  On my home PC, most of the the software I use is free and
unremarkable.  I could rebuild the software configuration from scratch
in a matter of hours.  Why do I care about protecting *that*?

  I don't.  I want to protect my photos, files, bank account, Facebook
account, etc., etc.  All of which are tied into my user account and
who-knows-how-many third-party web sites.  They don't much care about
my admin account.

  But a lot of computer security people focus on protecting the system
privileged account.  For example, I've gotten into strong arguments
with *nix weenies about how protecting the root account is the most
important thing on a system, and that's the fundamental flaw in
Microsoft Windows, or some such thing.  They don't get that the data
in my user account is a lot more valuable than the software install.
They don't get that a worm can propagate from my user account just as
easily.  And as I'm the only user of my home PC, I'm not even
protecting other users from me.  Yah, I protect the root account, but
only as a means to helping protect the stuff I care about.

  I've had the exact same discussion about Windows and UAC.  On this
forum, in fact.  If UAC works perfectly, it successfully protects an
admin account on a throw-away home PC with one user.  Meanwhile, the
malware is quite content to delete/steal all the user's data from
userland, and then propagate to other PCs, again from userland.  It's
mildly useful in helping prevent a reinstall of a bunch of software,
but that's not the high value asset.

  (Protecting system access is rather more relevant in business, where
you've got more than one level of privilege.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Wed, Apr 17, 2013 at 2:42 PM, Kurt Buff  wrote:
 http://xkcd.com/1200/
>>> So, yeah, that's true if you don't use full disk encryption, or a
>>   You're missing the point.
> No, I'm not missing the point.

  Well, then, you're apparently choosing not to discuss it, then.  For
an email conversation, they're equivalent.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On the subject of security...

[Ben Scott]

On Wed, Apr 17, 2013 at 2:29 PM, Kurt Buff  wrote:
> On Wed, Apr 17, 2013 at 1:59 AM, James Rankin  wrote:
>> ...today's XKCD sums it up nicely
>>
>> http://xkcd.com/1200/
>
> So, yeah, that's true if you don't use full disk encryption, or a
> password on your computer/domain account ...

  You're missing the point.

  A lot of devs and admins fall into the trap of protecting the system
and forgetting that there's a reason why we have the system in the
first place.  I ultimately don't care about my "root" account.
Protecting it is just a means to an end -- protecting my data, most of
which lives in my user account.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Dual Wan Soho High Speed Router Suggestions

[Ben Scott]

On Wed, Apr 17, 2013 at 2:01 PM, Beach Computers Web Hosting
 wrote:
> Ideally $150 tops.

  That narrows the field considerably.  Have you tried going to the
local Wal-Mart and seeing what's on the shelves?

> I don't mind using a PC as I have so many laying around, but whatever I
> end up with would ideally be a little idiot proof as I'm no linux guru. :)

  You can trade expertise for money; getting both free is tough.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Endpoint backups

[Ben Scott]

On Wed, Apr 17, 2013 at 12:37 PM, Kennedy, Jim
 wrote:
> Excellent point. We don’t do roaming profiles here. I view them as evil as
> Outlook cached mode, perhaps more so.  J

  I love roaming profiles.  Sure beats backing up workstations.

  Of course, I also drop the hammer pretty heavily on people who abuse things.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT - Google Apps down?

[Ben Scott]

On Wed, Apr 17, 2013 at 9:13 AM, Michael Leone  wrote:
> I'm having trouble signing into my Google Apps domain.

  Logging into Gmail is/was erratic for me this morning.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Dual Wan Soho High Speed Router Suggestions

[Ben Scott]

On Wed, Apr 17, 2013 at 9:09 AM, Shane Mullins  wrote:
> Since you mentioned using a PC based router, OpenBSD has supported failover
> for at least eight years.  Performance is great and their security is top
> notch.  OpenBSD uses pf as a firewall.  Pf is much easier to use, for me,
> than iptables.

  FYI, Linux *can* do this too, but if I didn't have experience with
either, I'd go with OpenBSD/pf, too.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 3:25 PM, Candee  wrote:
> Everything works, except the "employeenumber" ...
...
> Any ideas to get the employeenumber to export?

  I was waiting for someone with a clue to reply, but perhaps they're
all busy today.  :-)  So...

  Not knowing what I'm doing, I'd start by examining what
"employeenumber" is.  So, right before you do this:

$createdusers|select displayname,name,email,employeenumber
|export-csv "C:\temp\scripts\tryagain.csv"

add some code like:

$foo = $createdusers[0] | select employeenumber
echo "foo=<$foo>"
$foo | get-members
exit

  If $foo prints all the right info, then the problem is how
export-csv is interpreting $foo.  But if $foo prints nothing or some
other weirdness, then the problem is with how you're trying to get
$foo out of $createdusers.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 12:57 PM, James Rankin  wrote:
> Ben, you're a wizard, that worked first time out :-)

  I am but a humble student.  Indeed, I'm getting my feet wet with
PoSh for "real use" for the first time these past few weeks.  Part of
the reason I did this was to learn how to do it.  I had to learn
Select-String last week, but didn't know how to retrieve captured
groups yet, nor how to write to the registry.  So we both learned some
things!

  It helps that I had the web at my end of the thread.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 12:59 PM, Michael B. Smith
 wrote:
>> Some of these functions return values, which are captured into variables
>> by the caller.  But these functions also want to inform the user of what's
>> going on.  *And*, I'd also like to be able to optionally redirect the output
>> of the script as a whole, externally.
>
> ...and that is exactly why I have a 'msg' function (and I always had one
> in vbscript, too). It provides a single point of control for output 
> generation.

  I kind of suspected that was going to be the answer.  Indeed, when
you mentioned what "msg" did, that's what made me think of my script
-- which has a "LogMsg" function that serves much the same purpose.
But I was wondering if I missed something.

  Thanks again for all your help, PoSh and otherwise!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 12:14 PM, Michael B. Smith
 wrote:
> This should help. “msg” is just a function that logs all of its arguments to
> a text file.

  Hey... this is kind of a threadjack, but your sample code here makes
me think of it.

  In a PoSh script I'm evolving, I'm using functions to manage program
flow.  Some of these functions return values, which are captured into
variables by the caller.  But these functions also want to inform the
user of what's going on.  *And*, I'd also like to be able to
optionally redirect the output of the script as a whole, externally.
Is there a good way to do this?

  Write-Output writes to the main Powershell object pipeline, which
for functions, *is* the return value.  My in-band return value and my
out-of-band messages would get mixed together.

  Write-Host writes to the console, but cannot be redirected.

  Start-Transcript doesn't capture the output of external commands,
which makes it useless if you use such commands (and this script
does).

  Write-Verbose puts ugly "VERBOSE:" prefixes in front of everything,
and turns it all yellow.  (And cannot be redirected in PoSh ver 2.  I
can upgrade -- was thinking of doing so anyway -- but I haven't got
that far yet.)

  It's not real important to me right now, but I suspect it will be
some day, and this seemed like a good time to ask.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 12:07 PM, James Rankin  wrote:
> I've managed to use Select-String to get my output and my variable, it's
> splitting the variable up (from something like ClientOS=ThinOS_Wyse down to
> just ThinOS_Wyse) that's frying my brain now.

  Ah, I ass-umed the separator was whitespace.  My bad.  Try this:

$match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS=(.+)'
if($match) {
$clientOS = $match.Matches[0].Groups[1].Value
Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS -Value 
$clientOS
}

  Same caveats as before apply.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 12:00 PM, Ben Scott  wrote:
>   I'm having trouble figuring out how to get the regexp capture out of
> the $match object returned by Select-String though.

  Ah, okay, this seems to work:

$match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS\s+(.+)'
if($match) {
$clientOS = $match.Matches[0].Groups[1].Value
Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS
-Value $clientOS
}

  You'll want to test that.  :)  In particular, I expect it will fail
miserably if the "Custom" subkey doesn't exist yet.

  For reasons I don't understand, $match.Matches[0].Groups[0] appears
to be a reference to itself.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell noob help

[Ben Scott]

On Tue, Apr 16, 2013 at 11:05 AM, James Rankin  wrote:
> for /f "tokens=2 delims==" %%a in ('CTXCliOS.exe ^| find "ClientOS"') do set
> ClientOS=%%a& call :SET
>
> goto :eof
>
> :SET
>
> reg add HKCU\Software\Custom /v ClientOS /t REG_SZ /d %ClientOS% /f
> goto :eof
>

> What I'm wondering is what format do I use to convert this to PowerShell
> (which will avoid having to invoke a separate command script file)?

  Only work will convert a script to another language.  :)

> What's the command to call an outside executable

  Nominally, just write out the command on a line, same as a batch
file or *nix shell script.  However, if the external executable needs
to be quoted (e.g., file name or path contains spaces), you need to
prefix the command line with an ampersand (&).  Otherwise PowerShell
treats it as a string.  Kind of a wart on what's generally a much
cleaner language.  You can always specify & if you want.

  I believe you want something like:

$match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS\s+(.+)'
if($match) {
$clientOS = 
Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS -Value 
$clientOS
}

  I'm having trouble figuring out how to get the regexp capture out of
the $match object returned by Select-String though.  Get-Member leads
me to believe I should be able to do something with

$match.Matches[0].Groups

but it seems to descend into some kind of recursive nightmare at that
point that makes me believe I'm missing something more fundamental.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: BSOD patch, Microsoft urges removal.

[Ben Scott]

On Mon, Apr 15, 2013 at 2:46 PM, John Cook  wrote:
> Plus they pulled it and re-issued a fixed patch.

  If you already installed the broken patch, will the patched patch
install to patch it?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Sat, Apr 13, 2013 at 8:22 PM, Michael B. Smith  wrote:
> Sorry. I may be an a$$hole, but I have always preferred to give people
> clues than to give them direct answers.

  No apologies necessary.  I'm a fan of the "teach a man to fish"
approach myself.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Sat, Apr 13, 2013 at 7:17 PM, Michael B. Smith  wrote:
> What you are missing is the DefaultParameterSetName.

  Ahhh... that did it!  Thanks for the clue!

  Finished code, for those so interested:

http://pastebin.com/dQbDDqKN

  It even treats -mailTo as optional when -smtpHost is present (a
valid, albeit useless, scenario).

> RTFM. :)
>
> Payette, Second Edition, section 8.2.

  My copy of Payette is at work on my desk, and was open during this
exercise.  This is one of those "It's easy to find, if you know the
answer" situations.  :-)

  Thanks again!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Sat, Apr 13, 2013 at 2:56 PM, Jeff Bunting  wrote:
>>> I think you need sets that aren't disjoint, something like
>>
>> ... makes the "base" parameter set ambiguous, as it overlaps exactly
>> with the "mailTo" parameter set. So, if I don't specify -mailTo,
>> PowerShell pukes trying to figure out which parameter set I want ...
>
> You could try adding a "Position=X" to the parameters to deal with the
> ambiguity; might have to move $eject elsewhere in the parameter order
> though.

 So... select the parameter set based on the order in which the
parameters are given?

 Ewww.  :-)  I like that less than the "-noMail" idea.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Sat, Apr 13, 2013 at 2:02 PM, Jeff Bunting  wrote:
> I think you need sets that aren't disjoint, something like

  I didn't think of that.  Good idea.  But, I just tried it, and that
doesn't work either.  :(  I'm guessing it makes the "base" parameter
set ambiguous, as it overlaps exactly with the "mailTo" parameter set.
 So, if I don't specify -mailTo, PowerShell pukes trying to figure out
which parameter set I want:

C:\Users\BSCOTT\Desktop\param_test.ps1 : Parameter set cannot be
resolved using the specified named parameters.
At line:1 char:17
+ .\param_test.ps1   -include c:\ -backupTo z:\ -logdir d:\logs
+ CategoryInfo  : InvalidArgument: (:) [param_test.ps1],
ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,param_test.ps1

  It does do the Right Thing when -mailTo is specified, though:
-smtpHost becomes mandatory.  So closer in one direction, but broke
something else, as is so often the case.

  I suppose I could add a parameter -noMail and put it in just the
"base" parameter set, but I find that even uglier than testing
smtpHost explicitly.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Fri, Apr 12, 2013 at 11:33 PM, Joseph L. Casale
 wrote:
>>but I can't figure out how to tell it one parameter *depends* on another.
>
> Create your parameter set, then set the few that depend on each other to be
> mandatory?

  I guess the below somehow wasn't clear enough, as you're the second
person to suggest this.  :-)

On Fri, Apr 12, 2013 at 5:20 PM, Ben Scott  wrote:
> If I specify either parameter (or both) as
> Mandatory=$true, it becomes mandatory *always*, not just when -mailTo
> is present.

  So, if I do this

[Parameter(Mandatory=$false,ParameterSetName='mailTo')] [string] 
$mailTo,

[Parameter(Mandatory=$true,ParameterSetName='mailTo')] [string] 
$smtpHost,

then -smtpHost becomes mandatory *all* the time, even if I don't
specify -mailTo.  And I don't need an SMTP host if I'm not sending
mail, so that's wrong.  Conversely, if I do this

[Parameter(Mandatory=$true,ParameterSetName='mailTo')] [string] $mailTo,

[Parameter(Mandatory=$false,ParameterSetName='mailTo')] [string] 
$smtpHost,

then -mailTo becomes mandatory (which I don't want) *and* -smtpHost
*isn't* mandatory, ever.

  If I set them both mandatory, they're both always mandatory.

  And if I put them in the same parameter set, but don't make either
mandatory, neither is considered mandatory, ever.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Fri, Apr 12, 2013 at 6:59 PM, Ben Scott  wrote:
> If can tell PowerShell that one parameter is related to another, but
> I can't figure out how to tell it one parameter *depends* on another.

  Correction: First line above should begin with "I can tell PowerShell ".

  I blame the cold I have.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: PowerShell - Dependent parameters

[Ben Scott]

On Fri, Apr 12, 2013 at 5:28 PM, Michael B. Smith  wrote:
> You do this with parametersets.

  Caught you skimming.  :)  See original message below.  :)  I've
tried using parameter sets, and even posted code declaring the
parameter set, but I can't get it to do what I want.  If can tell
PowerShell that one parameter is related to another, but I can't
figure out how to tell it one parameter *depends* on another.

> If that isn't enough of a hint, let me know; and I'll send you some examples.

  Please.  I welcome hints, example code, pointers to FMs to R, sharp
strikes with a clue-bat, and/or friendly insults.   :-)

> -----Original Message-
> From: Ben Scott [mailto:mailvor...@gmail.com]
> Sent: Friday, April 12, 2013 5:20 PM
> To: NT System Admin Issues
> Subject: PowerShell - Dependent parameters
>
> Hey all,
>
>   Is it possible to tell PowerShell that a parameter should be considered 
> mandatory *if and only if* another parameter is present?
>
>   Scenario: I've got a script that can optionally send email (Zawinski's 
> Law).  If the -mailTo parameter is specified, it sends mail.  If that 
> parameter is specified, the -smtpHost parameter also needs to be specified.  
> So -smtpHost should be considered mandatory, but *only* if -mailTo is 
> specified.  Otherwise, -smtpHost does not need to be present (and, indeed, is 
> pointless).  I figure this should employ Parameter Sets somehow, but I can't 
> get it to DWIM.  Simply specifying the two parameters as having the same 
> parameter set doesn't make the one mandatory.  If I specify either parameter 
> (or both) as Mandatory=$true, it becomes mandatory *always*, not just when 
> -mailTo is present.
>
>   I could just test smtpHost explicitly, and abort the script if it's not 
> set, but the PowerShell mindset seems to be that parameters should be 
> described, and then the runtime does all that for you.  Maybe it just can't 
> do this.
>
>   Currently using PowerShell 2.0, on Win 7 and 2008 R2.
>
>   Here's my Param block, if it helps:
>
> [CmdletBinding()]
> Param(
>
> # things to back up
> [Parameter(Mandatory=$true)] [string] $include,
>
> # disk or network path to backup to
> [Parameter(Mandatory=$true)] [string] $backupTo,
>
> # directory to put log files in
> [Parameter(Mandatory=$true)] [string] $logDir,
>
> # email address to mail report to
> [Parameter(Mandatory=$false,ParameterSetName='mailTo')] [string] $mailTo,
>
>   # SMTP host used to send email
> [Parameter(Mandatory=$false,ParameterSetName='mailTo')] [string] 
> $smtpHost,
>
> # option, eject media when done
> [Parameter()] [switch] $eject = $false,
>
> )
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[Ben Scott]

On Fri, Apr 12, 2013 at 4:05 PM, Guyer, Don  wrote:
> That is old! Bet people were “Vampire-tapping” back then…or maybe it was 
> 4-wire phone cable.

  We had a show-and-tell day at our local LUG (Linux User Group) once.
 I brought in a vampire tap I still keep around for such purposes,
thinking I'd have the oldest thing there.  So of course Jon "maddog"
Hall decides that's the meeting he'll come to, and shows up with core
memory out of a PDP-1...

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[Ben Scott]

On Wed, Apr 10, 2013 at 12:49 PM, Matthew W. Ross
 wrote:
>>   Wait for the next Service Pack... er, sorry, wrong vendor.
>
> It's odd: Microsoft is producing fewer and fewer service packs over the years.

  No, they're not.  If anything, they're producing more.  They're just
calling them "Cumulative Updates" and "Update Rollups" and "Feature
Packs" and other names now.

  The party line is that one kind of package is for just fixes and the
other is more for new functionality, but they have said that in the
past about Service Packs, too (and also said the opposite, and changed
their minds, multiple times), and the supposedly smaller updates still
include major changes (e.g., you need a CU for Exchange '10 to work
with Exchange '13, which is kind of a big deal), so as far as I can
tell, nothing's changed.

  It's a standard technique for big companies: "If it doesn't work,
give it a new name.  If it still doesn't work, the new name wasn't
long enough."

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Datadomain / Exagrid - Backup Times over Cat5

[Ben Scott]

On Wed, Apr 10, 2013 at 9:52 AM, Jon D  wrote:
>>   That depends how fast the network you're running is, and how much
>> data you've got to worry about, and maybe other things.
>
> True. I'm trying to backup ~4TB in under 12 hours. 8 hours would be nice...
> I think a single 1Gig Cat5 cable is going to get me around 23 hours at
> around 850Mbps

  This is where the "other things" come into play.  If the
change-delta, de-dupe, compression, and other magic happens on the
agent side of the backup, you may see significant gains.

  For example, if you're backing up a bunch of small files, and churn
is low, and the backup solution uses the "maintain a full mirror of
original" model, and it only copies the changed files, your nightly
backup might only need to ship a tiny amount of data over the wire.
Or if they're large files but it has good change-delta handling.

  Even without such magic, you may also be able to do a longer full
backup on weekends, then an incremental/differential on weeknights.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[Ben Scott]

On Wed, Apr 10, 2013 at 6:37 AM, James Rankin  wrote:
> Anyone else using Google Drive and think it is a bit rubbish in general?

  Wait for the next Service Pack... er, sorry, wrong vendor.

  It must still be in "Beta".  Wait another few years.

  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Datadomain / Exagrid - Backup Times over Cat5

[Ben Scott]

On Tue, Apr 9, 2013 at 10:55 AM, Jon D  wrote:
> I'm trying to wrap my head around the speed of backup appliances like Data
> Domain and Exagrid.
> The thing that doesn't make sense to me is the backups are going across
> Cat5.
> It seems like they would be really slow for a full backup.

  That depends how fast the network you're running is, and how much
data you've got to worry about, and maybe other things.

  Gigabit Ethernet can stream 125,000,000 8-bit quantities per second.
 Framing and protocol overhead rob significantly from that.  Let's
assume 75% efficiency, just to have a number.  That's 93 megabytes per
second, or 337 gigabytes in one hour.  If you're only backing up a
terabyte, that might be just fine.  If you're backing up a petabyte,
not so much.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: .ZIP file e-mail attachments

[Ben Scott]

On Tue, Apr 9, 2013 at 10:51 AM, David Lum  wrote:
> Do any of you guys still allow this? I ask because at %formerjob% they were
> blocked, but %dayjob% allows them, and last week and today we’ve received
> infected .ZIP files.

  Our plan: An email containing any dangerous file is quarantined.
That check scans within archives (and archives within archives, and so
on).  If an archive cannot be scanned (corrupt, too big, too many
files, too many nested levels, or encrypted) it is quarantined.
Dangerous files include various known file name patterns, as well as
anything that matches executable content signatures.  We don't look
for specific malware signatures.  Any executable content is considered
malware for email.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: POSH PtH - this is...

[Ben Scott]

On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff  wrote:
> Agree with MBS that other tools could stand in for PowerShell, but WCE
> was actually new to me.

  Well, then, you didn't say that, you seemed focused on PoSh.

  WCE in particular is new to me, too, but I've certainly read of
attacks on the running system to recover credentials before.  That's
why trusting the computer you're logging into is really important.  :)

  It's good to know there's an easy-to-use tool available, though.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: AD Simple LDAP authentication question

[Ben Scott]

On Mon, Apr 8, 2013 at 4:03 PM, Christopher Bodnar
 wrote:
> I know that AD supports both Simple and SASL methods for LDAP binds:
>
> http://msdn.microsoft.com/en-us/library/cc223499.aspx
>
> What I was surprised is that there doesn't seem to be a way to disable the
> Simple method. It supports SSL/TLS but does not require it. Is that correct?

  I don't really know, but I do know that our Windows 2008 R2 domain
controllers log the event below once a day.  I know what's causing it
and haven't cared enough to do something about it.  The link takes you
to a KB article which tells you how to require *signing*.  It talks a
lot about simple binds but doesn't explicitly say that requiring
signing also causes it to reject simple binds, but seems to imply it
pretty strongly.

Source: ActiveDirectory_DomainService
Event ID: 2886
-
The security of this directory server can be significantly enhanced by
configuring the server to reject SASL (Negotiate,  Kerberos, NTLM, or
Digest) LDAP binds that do not request signing (integrity
verification) and LDAP simple binds that  are performed on a cleartext
(non-SSL/TLS-encrypted) connection.  Even if no clients are using such
binds, configuring the server to reject them will improve the security
of this server.

Some clients may currently be relying on unsigned SASL binds or LDAP
simple binds over a non-SSL/TLS connection, and will stop working if
this configuration change is made.  To assist in identifying these
clients, if such binds occur this  directory server will log a summary
event once every 24 hours indicating how many such binds  occurred.
You are encouraged to configure those clients to not use such binds.
Once no such events are observed  for an extended period, it is
recommended that you configure the server to reject such binds.

For more details and information on how to make this configuration
change to the server, please see
http://go.microsoft.com/fwlink/?LinkID=87923.

You can enable additional logging to log an event each time a client
makes such a bind, including information on which client made the
bind.  To do so, please raise the setting for the "LDAP Interface
Events" event logging category to level 2 or higher.
--

  FWIW, YMMV, HTH, HAND, AT&T.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OfficeFileCache

[Ben Scott]

On Fri, Apr 5, 2013 at 7:05 AM, James Rankin  wrote:
> I've got some user profiles (well, they're virtualized into an SQL database,
> but that's a moot point) that are showing some large files with a .FSD
> extension in
> \Users\Username\AppData\Local\Microsoft\Office\14.0\OfficeFileCache. The
> database is far too large for this many users, so I am wondering ... if I
> can remove them from being saved into the profile without causing any
> issues?

  The "Local" folder is supposed to be for local-to-the-machine
(non-roaming) files anyway; why are you saving stuff under there in
the first place?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Hosts that scan your network

[Ben Scott]

On Mon, Apr 1, 2013 at 9:44 AM, Shane Mullins  wrote:
> What do you guys do when hosts scan your network?  Some cases are obvious,
> we had a large US University scanning our network for open http servers.
> Contacted them and they took care of the issue.

  Generally speaking, I might block them, but currently I prolly
wouldn't even do that.  (It matters that we don't have a large public
netblock and so can't easily discern a bulk scan from someone
mistyping an IP address or something.)  The Internet is a public
place, and while scanning is often nefarious, it's not against any
rules in many cases.

  I'm certainly not going to bother contacting a network owner when it
might not even violate any Terms of Service.  It has to be abuse
before the abuse desk cares.

  By analogy: A guy walking along the street looking at houses may be
suspicious, but in most Western countries, isn't breaking any laws.
If I call the cops they might send a cruiser, but if I make a habit of
it they'll just mark me down as a paranoid nuisance.

  OTOH, if the same source e.g. starts repeatedly trying to
brute-force our SSH server, *that* I might do something about.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Malicious software updates

[Ben Scott]

On Thu, Mar 28, 2013 at 2:40 PM, Heaton, Joseph@Wildlife
 wrote:
> Do you guys apply these updates to your servers, or only the desktops?

  I try to only apply the benign software updates... though some of
the .NET deployments have come close.  ;-)

  If you mean the "Malicious Software Removal Tool" that comes in via
WU every month, we don't deploy that normally.  It tends to slow the
system to a crawl when it runs, and the stuff it's targeting is
generally already caught by our many other anti-malware measures
(which also slow the system to a crawl).

  Of course, now that I've said this, I expect a massive internal worm
outbreak any second now...

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Semi OT: Cisco versus Checkpoint & Juniper

[Ben Scott]

On Tue, Mar 26, 2013 at 9:22 AM, Andrew S. Baker  wrote:
> Sophos has done really well with their acquisition of Astaro, and their
> looking to take on the mid-market with their pricing and feature bundles.

  They've borked themselves when it comes to selling software, though.
 We were planning on switching to Sophos for traditional anti-virus,
but then they restructured their product offerings.  Now you can only
buy something if you want to buy a bunch of other somethings, and they
can't tell you what those somethings do, or why they're any good, and
half the questions get answered with, "Well, no, our traditional
software can't do that, but this virtual appliance we sell does".  But
their virtual appliances aren't supported under anything but VMware.

  After weeks of trying desperately to buy something from them, we
gave up and are going with Trend.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Friday semiOT: funny to me anyway

[Ben Scott]

On Mon, Mar 25, 2013 at 3:37 PM, Rene de Haas  wrote:
> Remember getting one with math error in our first Compaq Proliant.
> Never bothered exchanging it.

  Most servers -- especially back then -- don't do a lot of floating point.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Friday semiOT: funny to me anyway

[Ben Scott]

On Mon, Mar 25, 2013 at 3:22 PM, Michael Leone  wrote:
> On Sun, Mar 24, 2013 at 9:38 PM, Ben Scott  wrote:
>> On Sat, Mar 23, 2013 at 1:03 AM, Kurt Buff  wrote:
>>> This day, 1995, Intel dropped the big one...
>>> https://www.youtube.com/watch?v=qpMvS1Q1sos
>>
>>   Let's see... Pentium jokes... right...
>
> And the Weird Al song, "It's all about the Pentiums" ...

  You might want to try that link there.  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: How easy is it to crack passwords?

[Ben Scott]

On Mon, Mar 25, 2013 at 9:56 AM, Kurt Buff  wrote:
> Ridiculously easy, unless the password is quite long...
>
> http://arstechnica.com/security/2013/03/how-i-became-a-password-cracker/

  Weak passwords easy to crack, according to a study published in the
American Journal of Stuff We Already Knew.  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Friday semiOT: funny to me anyway

[Ben Scott]

On Sat, Mar 23, 2013 at 1:03 AM, Kurt Buff  wrote:
> This day, 1995, Intel dropped the big one...
> https://www.youtube.com/watch?v=qpMvS1Q1sos

  Let's see... Pentium jokes... right...

  "PENTIUM = Parts Exist Now Though Invariably Undergo Meltdown"

  After the FDIV bug:

  "Q: What do you call that 'Intel Inside' sticker?
   A: A warning label."

  "Intel, where Quality is job number 0.9993724168!"

  "Did you hear about the new 'morning after' contraceptive from
Intel?  It's called RU-586.  It causes the embryo to not divide
correctly."

  And finally, the Pentium theme song (to the tune of "Daisy Bell"):

Daisy, Daisy, give me your answer, do.
Getting hazy, can't divide three into two.
My answers, I cannot see 'em;
They are stuck in my Pentium.
I could be fleet,
My answers sweet,
With a workable FPU!

(All seen around the 'nets (there was more than one, back then) at the
time, always unattributed.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Virtualization in small office

[Ben Scott]

On Mon, Mar 18, 2013 at 9:21 AM, Andrew S. Baker  wrote:
>> Every VM has identical virtual hardware.
>
> Minor caveat:  Every VM within the same physical architecture (AMD vs
> Intel) has the identical virtual hardware.

  Ohh... good point. I kind of knew that but the ramifications hadn't sunk in.

  Thanks for the tip!

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Virtualization in small office

[Ben Scott]

On Fri, Mar 15, 2013 at 12:18 PM, Hank .  wrote:
> I deal mostly with SMB. Virtualization is a great fit if you have a number
> of physical servers.  But what about a single server situation?

  That's pretty much the exact same scenario I was facing a year ago.
You may find the thread I started about it useful:

http://www.mail-archive.com/ntsysadmin@lyris.sunbelt-software.com/msg106517.html

>  have a couple replacements coming up where there is a single server
> that is a DC, file and print, runs SQL or some other database for their
> LOB and thats it.

  One of the motivations we had for virtualizing was to get away from
the everything-on-one-OS-instance design.  Microsoft *really* does
*not* want to do this.  They support it, but only grudgingly, and with
a lot of caveats and gotchas.  Updates to one thing means everything
goes down when you reboot.  Some stuff flat-out doesn't work together
on the same instance.  At the same time, we're a relatively small
shop, and modern hardware is cheap.  We could afford to buy a bigger
box and then run a ton of VMs on it.  That means we can now afford to
dedicate an OS instance to each major service/function.  We even went
so far as to buy Data Center edition, solely to get the "unlimited
VMs" license.

  It also makes disaster recovery a lot easier.  Microsoft is *really*
sensitive to the hardware you restore it to.  Restoring a Windows
server to significantly different hardware has always been an
uncertain proposition.  This eliminates that problem entirely: Every
VM has identical virtual hardware.

  And even with a single physical server, no SAN, etc., migration and
upgrades are easier.  Moving to new hardware (without changing the
software) is trivial.  Just copy the VM files on the host.  If we
outgrow the single box, do the same thing, just for only some of the
VMs.  If we decide it's time to move to a SAN, we can add that and do
the copy to that and we're off and running.

  So, lots of good reasons to do it.  There is some added complexity.
And it does enable a small biz to do a lot of things they couldn't do
before, which can end up meaning more work for IT.  :)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Gateway Controls for Wireless

[Ben Scott]

On Tue, Mar 12, 2013 at 10:36 AM, Greg Sweers  wrote:
> Anything out there that will just sit
> in front of all those devices, hand out DHCP and present a AUP page
> requiring them to accept before allowing out to the internet.

  This is called a "captive portal", FYI.

> This is a small application so a couple hundred bucks is about all they will
> spend.  Everything I am finding is is the multiple thousands of dollars.

  There are *nix packages that will do this for free.  "NoCat" is one
of them, and it's available for DD-WRT, so you can even run it on a
$50 SOHO router.  (Whether that's a good idea or not depends on the
scenario.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: apipa scripting?

[Ben Scott]

On Sat, Mar 9, 2013 at 10:26 PM, Andrew S. Baker  wrote:
> >>172.16.0.0/whatever
>
> Well, it's 172.16.0.0 to 172.31.255.255, so it's a block out of a /16
> network.

  172.16.0.0/12 is what Kurt was looking for.  I remember it as
"Halfway in size between 192.168.0.0/16 and 10.0.0.0/8".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: apipa scripting?

[Ben Scott]

  I'll add my voice to what everyone else is saying: You want to keep
using DHCP.  Use DHCP to assign static addresses.  It makes so many
things so much easier.  If you need to renumber your network (and some
day, you will), it means you just change the DHCP config.  If you
change something like a DNS server, that's easy, too.  If clients
move, updates are easy, if not automatic.  Management is centralized.
No scripting needed -- no headaches maintaining the scripted config.

On Fri, Mar 8, 2013 at 4:07 PM, S Powell  wrote:
> We are running DHCP now, we are just looking to get rid of it as we
> change some things around.
> We're looking to tie addresses together, so that we have static
> ethernet addresses on the 192.168.0.x range where x = the machine ID
> and have the static wifi addresses be in the 192.168.1.x range
>
> So if I see something on x.x.x.45 I know at a glance that it can only
> be one computer.
> It eliminates ambiguity.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Ironic Kaspersky bug

[Ben Scott]

On Fri, Mar 8, 2013 at 11:42 AM, Andrew S. Baker  wrote:
> Lots of irony.  They didn't respond in a timely fashion, or so the story goes.

  Their computers kept freezing.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Normalizing a disk image

[Ben Scott]

On Thu, Mar 7, 2013 at 10:34 AM, Webster  wrote:
> I have still not found anything about booting multiple times before sealing
> the image.

  This reminds me of the old Unix superstition, "sync three times
before shutting down".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Details of the February 22nd 2013 Windows Azure Storage Disruption

[Ben Scott]

On Tue, Mar 5, 2013 at 3:11 PM, Steven Peck  wrote:
> Did you just manage to agree and also imply "Sure, they released it but are
> probably still not telling us what 'really happened"?
>
>  why wouldn't you take this at face value?

  Because people lie?  And big companies lie?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Details of the February 22nd 2013 Windows Azure Storage Disruption

[Ben Scott]

On Tue, Mar 5, 2013 at 12:58 PM, Michael B. Smith  wrote:
> But at the most basic level – it was a human error (as I read it). “Someone”
> didn’t mark the update package as a critical update.

  At the most basic level, all errors are human errors.  :-)  Either
someone didn't follow the design, or someone didn't foresee a failure
case in the design.

> Arguably (and I can see this), because the package had 5 weeks before it was
> required…

  Prolly a better approach to scheduling is not a raw priority field,
but something deadline and dependency based.  

  It also occurs to me that treating the certificates as part of the
software build may be a poor choice.  I realize that a software
install needs something to start with, but that could be a bootstrap
element, and from there it could update via other mechanisms.  (Think
DNS root hints.)  But I don't know enough about their architecture to
say.  It might be their "Fabric Controller" management architecture is
more flexible than that blog post leads me to believe, or there might
be other factors involved that I'm not aware.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Details of the February 22nd 2013 Windows Azure Storage Disruption

[Ben Scott]

On Tue, Mar 5, 2013 at 12:43 PM, Tim Evans  wrote:
> http://blogs.msdn.com/b/windowsazure/archive/2013/03/01/details-of-the-february-22nd-2013-windows-azure-storage-disruption.aspx

  I give MSFT credit for doing a good analysis and *publishing it*.  A
lot of companies just say "Sorry, we've fixed it, and we promise it'll
never happen again (and this time, we really mean it)" over and over.
Good on them for that.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Semi-OT: Vsphere shutdown

[Ben Scott]

On Tue, Mar 5, 2013 at 10:25 AM, Richard Stovall  wrote:
> It has now been a bit over 24 hours since I brought the datacenter back
> online and, so far, everything seems to be running smoothly.

http://media.tumblr.com/tumblr_mf56gs6FpZ1raprkq.gif

(SFW)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Semi-OT: Vsphere shutdown

[Ben Scott]

On Sat, Mar 2, 2013 at 5:50 AM, Ken Schaefer  wrote:
> Know who you need to call, in case things (storage, servers, apps, whatever)
> don’t come back up. You don’t want to be trying to find phone numbers when
> everything’s going to the dogs.

  Come to think of it, you way want some independent infrastructure
ready in case the main stuff doesn't come back up, so you can at least
get an Internet connection up and running to do things like browse
knowledge bases.  Might be as simple as a small router configured for
DHCP and a couple laptops that can operate without checking in with
the mothership.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Webster's question is very timely...

[Ben Scott]

On Thu, Feb 28, 2013 at 3:13 PM, Webster  wrote:
>> Your warranty should start at time of purchase with receipt for proof.
>
> Nope, when I did the RMA request and typed in my serial #, the
> site told me the warranty had expired.

  That's the case if you don't have proof of purchase.  Still have the
receipt?  Then it's from date of purchase.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Webster's question is very timely...

[Ben Scott]

On Thu, Feb 28, 2013 at 2:36 PM, Kurt Buff  wrote:
> So, I'm also looking for an external drive, either USB3 or eSATA - if
> you had the choice, which would you choose for putting in the laptop
> case for extra storage?

  I'd go with eSATA if available.  I expect any USB3 drive on the
market today is using a USB-to-SATA bridge internally.  By eliminating
that, you eliminate a point-of-failure, and possibly increase
performance as well (even the best logic is going to be slower than a
straight wire).

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: P2V OEM Windows 2003

[Ben Scott]

On Wed, Feb 27, 2013 at 7:11 PM, Eric Wittersheim
 wrote:
> I have a question that I hope someone can help me with. Have anyone you run
> P2V a OEM copy of Windows 2003 and then when you run it on the HV server try
> to activate it with a different license key that is not OEM?  Basically we
> have some old servers on their last legs and I'd like to put them on Windows
> 2012 Data Center and use my licenses from that.

  If you've got Data Center edition, you've got a license for
unlimited VMs, and that should include downgrade rights.  When it
beaks about Activation, tell it to do phone and call the number and
explain it to the drone at the other end, and they should issue an
activation code (after lecturing you about license compliance).

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[Ben Scott]

On Wed, Feb 27, 2013 at 2:37 PM, Kurt Buff  wrote:
>>   Actually, I bet most malware today wouldn't know what to do with Windows 
>> 95.
>
> That's not a bet I'd want to make with my paycheck...

  I have no problem it.  I'll call my bookie and make the bet with
your paycheck.  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[Ben Scott]

On Wed, Feb 27, 2013 at 10:28 AM, Kurt Buff  wrote:
>> Upgrading 95 and nt4 isn't an option due to the expense
>
> One bit of malware will put paid to that argument...

  Actually, I bet most malware today wouldn't know what to do with Windows 95.

  (For real security, they should switch to Banyan Vines and CP/M.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Badging systems

[Ben Scott]

On Wed, Feb 27, 2013 at 9:11 AM, Tom Miller  wrote:
> I'm in the market for a new badge system.

  Don't buy anything from Honeywell/Northern Computing (NetAXS,
WIN-PAK, etc.).  It's crap and their support stinks.  (No prizes for
guessing how I know this.)

> - swipe units must be environmentally hardy:  very hot or very cold for
> exterior units.  Some units would be inside freezing or near freezing
> cooling units.

  As Glen Johnson says, contactless/proximity cards are the way to go.

  A lot of systems are built around "dumb" cards operating at 125 kHz,
and the Wiegand data format.  The Wiegand format provides 24 bits, of
which 8 bits are a fixed facility code.  So it's basically a 16-bit
card number.  There's no authentication, and anyone can order the
cards.  It's largely a security-by-obscurity technology[1].  Depending
on your needs, this may actually be perfectly adequate, as most
conventional locks are scary easy to pick, too.  But if you want
something that will resist determined, equipped attack, look for
contactless smart cards[2].

-- Ben

[1] If the attacker can't borrow or read a legit card, it's somewhat
safer, as it takes a while to go through even 65536 card numbers, and
ordering that many cards would be cost prohibitive.  But if attackers
never did bad things we wouldn't need locks.

[2] Much more expensive, though.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Color me skeptical

[Ben Scott]

On Wed, Feb 27, 2013 at 9:14 AM, Christopher Bodnar
 wrote:
> I'm really interested to see if this is the paradigm shift that Google
> thinks it's going to be. I think if they can really work out the issues, it
> will be. But I'm not convinced they can at this point.

  Pervasive/wearable computing is almost guaranteed to take over at
some point.  The real question is, as you say, can Google do it with
what they have *today*?  I suppose someone's got to take the first
step, though.

  If they were selling them for $50, I'd certainly give it a shot.
I'm not going to fork over a kilobuck for a first-generation product,
though.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: File limitation error:updated

[Ben Scott]

On Mon, Feb 25, 2013 at 3:28 PM, Chinnery, Paul  wrote:
> ... From what the tech said, the problem may exhibit itself when more 300,000 
> files
> have been placed.  ... I don't understand why it took so long since there are 
> over 1M files there. ...

  Whenever a software company, specifications document, or similar
says something "may" happen, what they mean is, "It will work fine
until 5 minutes before your deadline, then a black hole will
spontaneously open up in your machine room.".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Backup - Axcient, Dell AppAssure or Unitrends applaince

[Ben Scott]

On Mon, Feb 25, 2013 at 12:21 PM,   wrote:
> Any one on the list using any of these three? Looking for feedback on the
> products listed, off list or on. Thanks.

  AOL, I mean, "me too".  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS Azure cloud evaporates

[Ben Scott]

On Mon, Feb 25, 2013 at 7:20 AM, Ken Schaefer  wrote:
>> (2) Large orgs are by definition complex ...
>
> There is necessary complexity, and unnecessary complexity. ...
> Point (2) is the former. If the world wants cheap air travel ... or $250 
> computers, or
> aircraft carriers, then that's only going to be provided by large, complex 
> organisations.

  People want perfection, yesterday, for free.

  I don't think trying to cater to such irrational desires is a
justification for large orgs, although it does explain them.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS Azure cloud evaporates

[Ben Scott]

On Sun, Feb 24, 2013 at 8:31 PM, Ken Schaefer  wrote:
> In large, complex environments, with lots of moving parts, things
> go wrong. ... Unfortunately, I don't know the answer to making it
> all work.

  Well, as has been noted, one mechanism that's been proven to work
well is to avoid complexity and seek simplicity.

  Unfortunately:

  (1) Most of the IT world is addicted to complexity.  We love to
build ever-bigger toys.

  (1)(a) Case in point: Most of these so-called "cloud" solutions add
large amounts of highly-coupled, low-cohesion moving parts.

  (2) Large orgs are by definition complex, and they don't seem keen
on the idea of committing suicide for the greater good.

  (Also, teenagers these days drive too fast, and need to stay off my lawn.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS Azure cloud evaporates

[Ben Scott]

On Sun, Feb 24, 2013 at 4:47 AM,  wrote:
> Things happen.  I imagine meetings are happening and discussions on how to
> root this out again are occurring.

  Sure.  But when the same sort of things keep happening, it stops
being an accident and becomes negligence.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Books about software

[Ben Scott]

On Wed, Feb 20, 2013 at 3:02 PM, Steven Peck  wrote:
> You don't.  Nothing says you have to talk to a vender or a developer or an
> engineer about a piece of software to write a book about it.

  Well, technically speaking, a lot of the license agreements do.  For
example, the license agreement for Microsoft SQL Server says you can't
publish reviews or commentary without Microsoft's permission.

  I am unsure of the legality of such terms.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Backup to cloud?

[Ben Scott]

On Thu, Feb 14, 2013 at 12:12 PM, Guyer, Don  wrote:
> This is where the term “the cloud” becomes murky, in my opinion. If I’m
> sending data over a private circuit to a 3rd party data center, is that
> really “the cloud”?

  If you ask the marketing department, "Yes".

  If you ask the engineering department, "No".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Backup to cloud?

[Ben Scott]

On Wed, Feb 13, 2013 at 6:55 PM, Ken Schaefer  wrote:
> Let’s not get carried away with calling this proposal ‘cloud backup’.

  Why not?  Everyone else is.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin