Re: NTSYSADMIN - NEW VENUE - NEW ADMIN
Yes, and possibly. Rod is supposed to either already have received, or will receive, the list of members from here, and once that is received is supposed to subscribe them, but if you haven't been receiving email from the new list, you haven't been moved, and it would be worth your while to go to myitforum.com to subscribe. Kurt On Thu, May 16, 2013 at 7:19 AM, Kelli Sterley kjsterley.li...@gmail.com wrote: Will the email change that we use? Will we need to resubscribe? On Sun, May 5, 2013 at 9:49 AM, stu sjouwerman s...@sunbelt-software.com wrote: Hi All, The list is moving to myITforum. Rod Trent set this list up, and the correct email for Rod is rodtr...@myitforum.com Thanks everyone for all the years of sharing knowledge, and contributing to the list. NTSYSADMIN will live on at myITforum !! Warm regards, Stu ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS W2KR2 Question
On Wed, May 8, 2013 at 3:13 PM, Daniele danielebart...@gmail.com wrote: Got an IIS question that I am hoping someone can help with. I am using the google domain name fictiously to illustrate the example. So I have my web server, and it has a web page at google.com. I have an A record that points google.com to an IP. Then I have anoher web page on that same server that is at trial.google.com/test. I have an A record that points trial.google.com to the same IP as google.com. If I try to manually go to trial.google.com/test, all works just fine. My question is, how do I redirect traffic so that the trial.google.com automatically goes to trial.google.com/test? Meanwhile, I don't want to impact what is already working, google.com this is easier if google.com and trial.google.com are actually separate sites on the IIS server... In that case, just make the test page your default for trial.google.com But, in this case, from dim memory, you'll need to enable host headers, and you'll still want to make the test page as your default page for trial.google.com See this article: http://technet.microsoft.com/en-us/library/cc753195%28v=ws.10%29.aspx Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS W2KR2 Question
Err, my reply should read: This is easier if google.com and trial.google.com are actually different sites on separate IP addresses on the IIS server... Kurt On Wed, May 8, 2013 at 4:17 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, May 8, 2013 at 3:13 PM, Daniele danielebart...@gmail.com wrote: Got an IIS question that I am hoping someone can help with. I am using the google domain name fictiously to illustrate the example. So I have my web server, and it has a web page at google.com. I have an A record that points google.com to an IP. Then I have anoher web page on that same server that is at trial.google.com/test. I have an A record that points trial.google.com to the same IP as google.com. If I try to manually go to trial.google.com/test, all works just fine. My question is, how do I redirect traffic so that the trial.google.com automatically goes to trial.google.com/test? Meanwhile, I don't want to impact what is already working, google.com this is easier if google.com and trial.google.com are actually separate sites on the IIS server... In that case, just make the test page your default for trial.google.com But, in this case, from dim memory, you'll need to enable host headers, and you'll still want to make the test page as your default page for trial.google.com See this article: http://technet.microsoft.com/en-us/library/cc753195%28v=ws.10%29.aspx Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS W2KR2 Question
a) Copy that page to the directory that contains the site trial.google.com and then b) a no-wait redirect page, either as the default page for google.com or as google.com/test.[asp|htm|], that points to trial.google.com/test, depending on how folks reach google.com Something like this for html: meta http-equiv=refresh content=0;url=http://www.google.com/; / or something like this for asp: Response.AddHeader(REFRESH,10;URL=test.aspx); google for zero second redirect Kurt On Wed, May 8, 2013 at 4:46 PM, Daniele Bartoli danielebart...@gmail.com wrote: There is one site in IIS. So all google.com traffic goes to that one site (i.e. Default Web Site). Within that site there is a page (google.com/test) that they are trying to associate to the other domain name (trial.google.com) How do I do that? On Wed, May 8, 2013 at 4:19 PM, Kurt Buff kurt.b...@gmail.com wrote: Err, my reply should read: This is easier if google.com and trial.google.com are actually different sites on separate IP addresses on the IIS server... Kurt On Wed, May 8, 2013 at 4:17 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, May 8, 2013 at 3:13 PM, Daniele danielebart...@gmail.com wrote: Got an IIS question that I am hoping someone can help with. I am using the google domain name fictiously to illustrate the example. So I have my web server, and it has a web page at google.com. I have an A record that points google.com to an IP. Then I have anoher web page on that same server that is at trial.google.com/test. I have an A record that points trial.google.com to the same IP as google.com. If I try to manually go to trial.google.com/test, all works just fine. My question is, how do I redirect traffic so that the trial.google.com automatically goes to trial.google.com/test? Meanwhile, I don't want to impact what is already working, google.com this is easier if google.com and trial.google.com are actually separate sites on the IIS server... In that case, just make the test page your default for trial.google.com But, in this case, from dim memory, you'll need to enable host headers, and you'll still want to make the test page as your default page for trial.google.com See this article: http://technet.microsoft.com/en-us/library/cc753195%28v=ws.10%29.aspx Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: End of month plan B for list shutdown.
On Mon, Apr 29, 2013 at 7:28 AM, Rod Trent rodtr...@myitforum.com wrote: Done. Link is here: http://myitforum.com/myitforumwp/services/email-lists/ Rod Trent Done. Thank you. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Sat, Apr 27, 2013 at 5:35 PM, Jonathan Link jonathan.l...@gmail.com wrote: Did you just top post? On Sat, Apr 27, 2013 at 7:56 PM, Kurt Buff kurt.b...@gmail.com wrote: To my mind, it's all the difference... Email comes to me. I see it all in my inbox, and can read and respond at leisure, and it all works as a normal email conversation. I have to go to web forums. Each one has a different interface and ways of working. Definitely prefer email. Kurt On Sat, Apr 27, 2013 at 4:25 PM, Ryan Finnesey r...@finnesey.com wrote: Google Plus is web based. I like good old email over web based. Sent from my iPad mini On Apr 25, 2013, at 7:19 PM, Michael B. Smith mich...@smithcons.com wrote: I will not use a google property for something that has a business purpose for me. I’m only one person, but I doubt I’m the only one that feels that way. From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Thursday, April 25, 2013 5:54 PM Any reason we shouldn't jump into the new world? Like https://plus.google.com/communities/105379670851238376600 Or build our own? On Thu, Apr 25, 2013 at 4:49 PM, Kurt Buff kurt.b...@gmail.com wrote: See response below... On Thu, Apr 25, 2013 at 1:38 PM, Rod Trent rodtr...@myitforum.com wrote: Every time I see your messages come through I almost delete it automatically, thinking someone accidentally hit Send too soon. Then, I realize your response is *under* the original text. Tricky. Is that a Gmail thing? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, April 25, 2013 4:13 PM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION On Thu, Apr 25, 2013 at 11:44 AM, s...@knowbe4.com wrote: Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu Continuity? That is, will the archives migrate too? You say invited does this mean I have to do a new signup? If so, where's the subscription info? Can you ban the indeed when used as a single word response? :) Will you finally migrate to mailman so that we can have a sane list handler? Kurt No, it's called bottom posting, and I do it by deleting the to empty lines that gmail starts with, then CTRL-END to the bottom of the message and delete the cruft that the list software appends to each message. It's (IMNSHO) the better way of pursuing a conversation, for two reasons: o- It maintains a natural flow of reading - read the post all the way through, then read the reply all the way through, instead of read the reply, then bounce down and read the original post o- If you're doing in-line replies, it's also more natural, as it's easier to maintain conversation flow while responding to individual thoughts in the original post(s). Kurt G. Waleed Kavalec Couldn't have been - I never would do that. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Bad symbolic link in registry
On Sun, Apr 28, 2013 at 11:19 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: I have a symlink in the registry of a 08r2 server that I can not remove which is preventing the installation of an app. If i recreate the target I can access it, but still can not delete it. Anyone a tool to remove such a stubborn problem? Thanks! jlc Sounds like *something* is creating/holding it. Sounds like an excellent candidate for procmon.exe. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
To my mind, it's all the difference... Email comes to me. I see it all in my inbox, and can read and respond at leisure, and it all works as a normal email conversation. I have to go to web forums. Each one has a different interface and ways of working. Definitely prefer email. Kurt On Sat, Apr 27, 2013 at 4:25 PM, Ryan Finnesey r...@finnesey.com wrote: Google Plus is web based. I like good old email over web based. Sent from my iPad mini On Apr 25, 2013, at 7:19 PM, Michael B. Smith mich...@smithcons.com wrote: I will not use a google property for something that has a business purpose for me. I’m only one person, but I doubt I’m the only one that feels that way. From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Thursday, April 25, 2013 5:54 PM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION Any reason we shouldn't jump into the new world? Like https://plus.google.com/communities/105379670851238376600 Or build our own? On Thu, Apr 25, 2013 at 4:49 PM, Kurt Buff kurt.b...@gmail.com wrote: See response below... On Thu, Apr 25, 2013 at 1:38 PM, Rod Trent rodtr...@myitforum.com wrote: Every time I see your messages come through I almost delete it automatically, thinking someone accidentally hit Send too soon. Then, I realize your response is *under* the original text. Tricky. Is that a Gmail thing? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, April 25, 2013 4:13 PM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION On Thu, Apr 25, 2013 at 11:44 AM, s...@knowbe4.com wrote: Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu Continuity? That is, will the archives migrate too? You say invited does this mean I have to do a new signup? If so, where's the subscription info? Can you ban the indeed when used as a single word response? :) Will you finally migrate to mailman so that we can have a sane list handler? Kurt No, it's called bottom posting, and I do it by deleting the to empty lines that gmail starts with, then CTRL-END to the bottom of the message and delete the cruft that the list software appends to each message. It's (IMNSHO) the better way of pursuing a conversation, for two reasons: o- It maintains a natural flow of reading - read the post all the way through, then read the reply all the way through, instead of read the reply, then bounce down and read the original post o- If you're doing in-line replies, it's also more natural, as it's easier to maintain conversation flow while responding to individual thoughts in the original post(s). Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- G. Waleed Kavalec -- The tools of conquest do not necessarily come with bombs and explosions and fallout. There are weapons that are simply thoughts, attitudes, prejudices, to be found only in the minds of men. For the record, prejudices can kill and suspicion can destroy, and a thoughtless, frightened search for a scapegoat has a fallout all of its own - for the children, and the children yet unborn. And the pity of it is that these things cannot be confined to the Twilight Zone. - Rod Serling; Closing monologue from The Monsters are Due on Maple Street The Twilight Zone, Season 1, Episode 22 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Fri, Apr 26, 2013 at 5:42 AM, Steven M. Caesare scaes...@caesare.com wrote: Can you ban the indeed when used as a single word response? :) Bad idea. -sc Indeed. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Fri, Apr 26, 2013 at 7:11 AM, Doug Hampshire dhampsh...@gmail.com wrote: Bottom posting: Something abandoned a long time ago by everyone except Kurt. It's annoying as heck on a PC and makes reading threads on a mobile device significantly more difficult. But then again it's a free country and if Kurt wants to continue to write a paper check, make the entry into the checkbook register, and update the running balance while five people stand behind him in line at the grocery store so be it. But I also have the right to glare at him and make snide comments about those fancy new debit cards all the cool kids are using these days. No checks for me. Cash only - can't forge a $20 bill in my name. Too risky. You might want to check with Ben before characterizing my posting habits as unique to me. Also, portable devices for email - don't like 'em. Too darn hard to work with and see the messages on. Get off my lawn. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
Apropos age on this thread http://www.chron.com/news/article/Conroe-company-still-using-computers-museums-want-4459714.php Kurt On Fri, Apr 26, 2013 at 10:47 AM, Free, Bob r...@pge.com wrote: deaned :-] -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Friday, April 26, 2013 9:05 AM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION All you top posters, see answer inline. On 26 Apr 2013 at 7:23, Kurt Buff wrote: On Fri, Apr 26, 2013 at 7:11 AM, Doug Hampshire dhampsh...@gmail.com wrote: Bottom posting: Something abandoned a long time ago by everyone except Kurt. It's annoying as heck on a PC and makes reading threads on a mobile device significantly more difficult. But then again it's a free country and if Kurt wants to continue to write a paper check, make the entry into the checkbook register, and update the running balance while five people stand behind him in line at the grocery store so be it. But I also have the right to glare at him and make snide comments about those fancy new debit cards all the cool kids are using these days. No checks for me. Cash only - can't forge a $20 bill in my name. Too risky. You might want to check with Ben before characterizing my posting habits as unique to me. Also, portable devices for email - don't like 'em. Too darn hard to work with and see the messages on. Get off my lawn. +1 -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin PGE is committed to protecting our customers' privacy. To learn more, please visit http://www.pge.com/about/company/privacy/customer/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Disk space management software
That puts me in mind of diruse.exe, which I still use, from the NT4 RK (and perhaps earlier - memory fades...) Kurt On Fri, Apr 26, 2013 at 1:44 PM, Free, Bob r...@pge.com wrote: Cheap, fast and oft overlooked is du - http://technet.microsoft.com/en-us/sysinternals/bb896651 From: Tammy George [mailto:tammy.geo...@acadiau.ca] Sent: Friday, April 26, 2013 7:05 AM To: NT System Admin Issues Subject: [dkim-failure] Disk space management software Looking for opinions on disk space management software. We’re getting low on space and would like to analyze our user data to find out what is using up the space. Thanks in advance! - Tammy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin PGE is committed to protecting our customers' privacy. To learn more, please visit http://www.pge.com/about/company/privacy/customer/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Thu, Apr 25, 2013 at 11:44 AM, s...@knowbe4.com wrote: Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu Continuity? That is, will the archives migrate too? You say invited does this mean I have to do a new signup? If so, where's the subscription info? Can you ban the indeed when used as a single word response? :) Will you finally migrate to mailman so that we can have a sane list handler? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Over and Out
On Thu, Apr 25, 2013 at 12:38 PM, Clayton Doige clayton.do...@gmail.com wrote: Heya folks, some of you will recognise my name, probably most won’t. I’ve been on this list at one email address or another since 1998, and in those years I have learned so much from fellow IT Pro’s, many of you have made your way to my Facebook friends list! I recognize your name, but haven't seen you in a while. In my current Pre-Sales technical role over the last 3 years I have not really participated on the list as I felt that to be somewhat a conflict of interest, where I would inevitably be tempted to say “Oh I can help with that” – not fair really, and not in the spirit of what this list is all about. pish and tosh - technical disucssion is technical discussion, and vendor bias can be disclaimed and accepted or rejected by the conversants. Don't let that stop you. The community is valuable. With that in mind, and the changing of the hosting Stu has just announced, I have decided not to move over, so just wanted to say do reach out to me on Facebook/Linked In if you want (the name Clayton Doige is very easy to find on both lol). I don't do FB, but will have to look you up on LI. Thanks for you longer termers for helping me do my job better, and schooling me on so many things, and for providing good source of laughter at times as well. Thanks Stu for creating such a valuable source if information, support and encouragement. Good luck, whatever your decisions, and good to hear from you again. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
See response below... On Thu, Apr 25, 2013 at 1:38 PM, Rod Trent rodtr...@myitforum.com wrote: Every time I see your messages come through I almost delete it automatically, thinking someone accidentally hit Send too soon. Then, I realize your response is *under* the original text. Tricky. Is that a Gmail thing? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, April 25, 2013 4:13 PM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION On Thu, Apr 25, 2013 at 11:44 AM, s...@knowbe4.com wrote: Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu Continuity? That is, will the archives migrate too? You say invited does this mean I have to do a new signup? If so, where's the subscription info? Can you ban the indeed when used as a single word response? :) Will you finally migrate to mailman so that we can have a sane list handler? Kurt No, it's called bottom posting, and I do it by deleting the to empty lines that gmail starts with, then CTRL-END to the bottom of the message and delete the cruft that the list software appends to each message. It's (IMNSHO) the better way of pursuing a conversation, for two reasons: o- It maintains a natural flow of reading - read the post all the way through, then read the reply all the way through, instead of read the reply, then bounce down and read the original post o- If you're doing in-line replies, it's also more natural, as it's easier to maintain conversation flow while responding to individual thoughts in the original post(s). Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Thu, Apr 25, 2013 at 2:19 PM, Jonathan Link jonathan.l...@gmail.com wrote: No, it's a Ben9K thing. He doesn't believe in top posting. On Thu, Apr 25, 2013 at 4:38 PM, Rod Trent rodtr...@myitforum.com wrote: Every time I see your messages come through I almost delete it automatically, thinking someone accidentally hit Send too soon. Then, I realize your response is *under* the original text. Tricky. Is that a Gmail thing? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, April 25, 2013 4:13 PM To: NT System Admin Issues Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION On Thu, Apr 25, 2013 at 11:44 AM, s...@knowbe4.com wrote: Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu Continuity? That is, will the archives migrate too? You say invited does this mean I have to do a new signup? If so, where's the subscription info? Can you ban the indeed when used as a single word response? :) Will you finally migrate to mailman so that we can have a sane list handler? Kurt Oh no, my preference on this long predates the advent of our esteems colleague on this list... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Thu, Apr 25, 2013 at 2:53 PM, G.Waleed Kavalec kava...@gmail.com wrote: Any reason we shouldn't jump into the new world? Like https://plus.google.com/communities/105379670851238376600 Or build our own? Oh, please - not another damnable social media site... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: ALERT : NTSYSADMIN LIST MIGRATION
On Thu, Apr 25, 2013 at 2:54 PM, Rod Trent rodtr...@myitforum.com wrote: Oh my...that's a lot of work for both the recipient and the sender and definitely not the norm. I guess we're all just doing it wrong. :) I thought it was an email client issue, like you were using Lotus Notes or something. It used to be much easier and much more common, and most clients and listservs didn't make it hard to bottom post - gmail, and many others, now make you go through stupid gyrations to make email easy and more natural to read. But, once your fingers learn the rhythm, it's no big deal, and it's a lot easier for others to read and follow along. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Cluster Server Boot Config
I'd go with SD. VMware doesn't need swap for itself, so won't page to the SD - that means that pretty much the only time the SD get written is when you upgrade/patch VMware itself, so reliability isn't much of an issue. It'll make your hosts a bit cheaper, too, since there's no need for a RAID card, nor spinning, rust-covered glass - all of those also eat more electricity than the SD. Kurt On Wed, Apr 24, 2013 at 7:29 AM, Roger Wright rhw...@gmail.com wrote: We're looking at replacing our host machines for our VMware cluster. On our older boxes we've booted from the two RAID 1 drives and used the spare drive storage to hold ISO images for Server 2008 R2, etc. Now we're considering just booting from an internal SD card and eliminating the hard drives altogether. The ISOs would move to the SAN but only a single copy of each. And there'd be fewer spinning drives in the rack with the benefit of less noise and heat in the data center. Have SD cards proven to be any more/less reliable than spinning hard drives? Any performance concerns with VMware on either? Given a choice of SD only or a RAID 1 HD boot config, which would you select? TIA, Roger Wright ___ You can't believe most of the quotes you read on the internet. - Abraham Lincoln ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
Sorry for the delay - many balls in the air... On Thu, Apr 18, 2013 at 5:11 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Apr 18, 2013 at 12:53 AM, Kurt Buff kurt.b...@gmail.com wrote: Not that they're equivalent in power, but that each kind of account can do and has access is different and equally valuable. For the typical home user, which is what that comic is focused on[1], not so much. Root/Administrator is valuable because it can subvert the protections on, or directly access, the data that end-user accounts have, and end-user accounts because that's the actual money/IP resides. And for a home PC *THERE IS ONLY ONE USER*. [1] Note what's in the bubbles around the edges. Yes, I noted the bubbles. But a), even for home users, while there might be only one user, there should be *at least* n+1 users, where n is the number of individuals who actually use the machine, plus an administrator account ... You're still steadfastly refusing to go near the point. But, the multi-user at home question is a valid one, and involves a previously unstated assumption on both your part and mine. I've been assuming dedicated personal hardware, because I know Randall has no children, is unmarried, and referred to his laptop, which is a dedicated personal machine. So, my assumption is n=1. With that in mind: Your statement about how an admin account can access the data of other user accounts goes directly to the heart of the problem Munroe is describing: The only other user account is Randall's. The only data is the data in Randall's user account. This doesn't make the admin account worthless, because breaking into the admin account would enable breaking into Randall's user account. But it does mean breaking into the one is roughly equivalent to breaking into the other, in either direction. A lot of people/security design treats the admin account a uniquely high-value asset, even in this scenario, which is a fallacy. And this scenario may well be the most common scenario, although I lack the data to make that determination. No, I don't agree here. Breaking into one account is definitely not the rough equivalent of breaking into the other, or at least it shouldn't be. Each must be protected (in many, but not all of, the same ways), and each should be used only in ways that are germane to its function. The user account shouldn't be used for anything but user-type activities, not admin-type activities, and vice versa. ... given all of those bubbles, the end user is in a threat-rich environment, so must exercise the vigilance techniques I and others have described/prescribed, if they care about their data, privacy and finances. True but unremarkable. Specifically: Not anything have to do with the comic. You keep launching into this list of unrelated techniques like it has anything to do with the discussion. I could talk about DoD personnel security requirements, but it wouldn't be particularly pertinent. I think it has everything to do with the comic, or at least my understanding of the comic. What I'm reading from it is that he's using poor web browsing techniques, and not protecting his personal data via the mechanisms I've outlined, including different IDs and passwords (and even different browsers) for different web sites, etc. Perhaps you have a different understanding of the meaning of that comic - if so, please provide me with illumination. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 7:52 PM, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Subject: Re: On the subject of security... No running executables from untrusted sources, turn off scripting in my browsers, view all email as plain text, no remembering/caching of passwords in browsers, using a unique password per web site and per other accounts, regular clearing of cookies, no linking of accounts between web sites, running current AV, no browsing with elevated accounts, laptops have full disk encryption, etc., etc., etc. Without an evaluation of risks, this would be a complete waste of time for most people IMHO. Sure - if you don't browse the Internet, share USB sticks, etc., you probably don't need to do those things. But I do browse the internet, and I do share USB sticks. Yet I don't do most of what you list above. Everything is about /management/ of risk, not 99.99% avoidance of risk. You manage risk by taking countermeasures, I believe, not by ignoring them. To me, your approach sounds like ignoring, not managing. But, as you point out, it's a matter of what makes you comfortable. Just as people don’t live in impenetrable fortresses, and keep their money in Fort Knox, it's not actually necessary (or even desirable IMHO) to do some of things you do to have an acceptable level of risk. The marginal benefit from each additional step you are taking vs. the cost to usability and time taken isn't worth it (again, IMHO) Well, yes, of course. My firearms are in a safe, and so are my most valuable, irreplaceable papers - which are just about none. I run as an admin on my personal machine. I don't bother reading all mail in plain text, and I don’t full disk encrypt all my machines, and I don't clear my cookies. I've got better things to do with my time, and if I focus on protecting my identity and data instead, I'm probably just as likely as you to be safe. So, care to share how you protect your identity and data without any technologies or processes? Let's be clear - I'm not saying I have no technology, and my strategy is to rely on magic. I start by worrying about what my family needs/wants to be able to do, and then what apps and data we need to do it, and then work out what the threats/risks are. You can draw a parallel to business - info - technology architecture from TOGAF or similar framework if you want. Malware and hackers getting into my home network is probably about half-way down the list at the moment. Additionally, instead of inconveniencing end users with restrictions on either user experience, I want technology to work in the background to protect us (if possible). So, we use 802.1x for our wireless since we're all on an AD domain, and SOHO APs all support it now (there's a guest wireless network for visitors), and I use centralised malware scanning on the Exchange server. I'm researching some options for outsourcing the malware/junk scanning for incoming (it's a pity that Postini doesn't seem to be available anymore) But things I worry about more are hardware failure, lightning strikes (had two of those in two different homes), being burgled, having a fire or something else similar that destroys things. The information I worry about protecting isn't just what's electronic/digital, but also paper records, passports, birth certificates and so on. So, it's starting from a different starting point. It's not starting from you should encrypt your disk, delete your cookies, run as a non-admin. It's starting from what types of critical/important/throw-away data do I have in order to live/work/interact with friends, and then what are the risks to that data, and what can I do about it. And weigh all that against usability So, I'm not particularly worried about someone getting access to the password for the media centre PC's default user account. I'm more worried about that account somehow getting logged out, and whoever is using our media centre not being able to log back in again. I mitigate the risk of people knowing the password doing something bad by restricting what that account is allowed to do. Likewise I want to be able to share things with my family overseas, bank online and do various other things - at the same time without impacting my user experience significantly, so I take other measures to help reduce risk: I get notifications for purchases on my CCs over a certain amount. Most of my banks require (or at least offer) 2FA for authentication now. Etc. While I agree that the account(s) on your media server aren't a big deal, that's only to the extent that they don't have the same passwords as accounts on other machines, or have access to valuable data elsewhere. 2FA is good for your financial accounts, and also good backups and physical protection - all of which I strive for as well. I've had my
Re: Synchronize booksmarks?
I don't like anything that comes as an unwanted bundle with other software. And, Paul was right (and might still be, I'm not sure after the latest version) - if you accidentally install Chrome, because it came as an unwanted addon, and you then uninstalled it, it would bork users' ability to click on links Oulook, because its uninstall procedure was less than respectful in putting things back the way it found them. It would also make itself the default browser without prompting - that's basically evil, or stupid, or both. Kurt On Thu, Apr 18, 2013 at 7:06 AM, rodtr...@myitforum.com wrote: Not sure the last time you used it, but Chrome is an excellent browser, much better than the slow, bloated Firefox. Sent from Microsoft Surface Pro From: Maglinger, Paul Sent: Thursday, April 18, 2013 7:33 AM To: NT System Admin Issues Mongo says, “Chrome BAD!” If you have the misfortune to accidently install it, then uninstall it, it jacks up the ability for Outlook to open links in email. From: John Cook [mailto:john.c...@pfsf.org] Sent: Thursday, April 18, 2013 8:09 AM To: NT System Admin Issues Subject: RE: Synchronize booksmarks? Chrome ;-) John W. Cook Network Operations Manager Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Tom Miller [mailto:tominyorkt...@gmail.com] Sent: Thursday, April 18, 2013 9:09 AM To: NT System Admin Issues Subject: Synchronize booksmarks? Our users use Firefox and Internet Explorer. Are there any utilities that I could use so that the booksmarks between browsers are synchronized? Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Dual Wan Soho High Speed Router Suggestions
On Wed, Apr 17, 2013 at 5:43 AM, Beach Computers Web Hosting gro...@beachcomp.com wrote: G'monrin folks! I got a good one this morning. I recently upgraded my main provider to 75 MB but I was only getting 22 on my TZ190. After researching this, and banging my head against the wall for afew weeks, I have discovered this to be a common issue with these firewalls and it's clear that I need to switch. Needless to say Googling hasn’t turned up much for me so now I ask my fellow nerds for your input. Here's what I need: A router that can easily handle 75-100MB on 2 WAN interfaces. One that can do failover routing. It has access rules and good control over which device uses which provider. And of course, cheap. I am open to using a PC as a router if anyone has experience with those as well. Brand name has zero effect on my decision.. Looking forward to your ideas! Thank you pfsense might well be what you want - it'll boot off a CD or USB stick. It's based on FreeBSD, using (what else) pf for the firewall. http://doc.pfsense.org/index.php/Multi-WAN_2.0 Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 1:59 AM, James Rankin kz2...@googlemail.com wrote: ...today's XKCD sums it up nicely http://xkcd.com/1200/ So, yeah, that's true if you don't use full disk encryption, or a password on your computer/domain account and a locked screensaver with a reasonable timeout, and if you have your browser save your password for all of your web sites, or have them in a text file on your desktop, or similar ridiculous practices. Oh, yeah - you should also turn off your 1394 port in BIOS. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 11:36 AM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 2:29 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, Apr 17, 2013 at 1:59 AM, James Rankin kz2...@googlemail.com wrote: ...today's XKCD sums it up nicely http://xkcd.com/1200/ So, yeah, that's true if you don't use full disk encryption, or a password on your computer/domain account ... You're missing the point. A lot of devs and admins fall into the trap of protecting the system and forgetting that there's a reason why we have the system in the first place. I ultimately don't care about my root account. Protecting it is just a means to an end -- protecting my data, most of which lives in my user account. No, I'm not missing the point. Protecting the end-user account and its data is what those techniques are for - and they also need to be applied to the root/administrator account. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 12:06 PM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 2:42 PM, Kurt Buff kurt.b...@gmail.com wrote: http://xkcd.com/1200/ So, yeah, that's true if you don't use full disk encryption, or a You're missing the point. No, I'm not missing the point. Well, then, you're apparently choosing not to discuss it, then. For an email conversation, they're equivalent. -- Ben As you wish, Buttercup. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 12:27 PM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 2:43 PM, Michael B. Smith mich...@smithcons.com wrote: IOW: Security is for the MANAGEMENT of risk and MITIGATION of same. For real world systems, and usage of them, there is no such thing as perfect security. That's true, too, but the point Munroe is trying to make is that a lot of people lose track of the forest for the trees. They get so caught up in protecting the computer that they forget why they're protecting it. If that's the case, then he didn't make his point at all clear. On my home PC, most of the the software I use is free and unremarkable. I could rebuild the software configuration from scratch in a matter of hours. Why do I care about protecting *that*? I don't. I want to protect my photos, files, bank account, Facebook account, etc., etc. All of which are tied into my user account and who-knows-how-many third-party web sites. They don't much care about my admin account. True, and unremarkable. But a lot of computer security people focus on protecting the system privileged account. For example, I've gotten into strong arguments with *nix weenies about how protecting the root account is the most important thing on a system, and that's the fundamental flaw in Microsoft Windows, or some such thing. They don't get that the data in my user account is a lot more valuable than the software install. They don't get that a worm can propagate from my user account just as easily. And as I'm the only user of my home PC, I'm not even protecting other users from me. Yah, I protect the root account, but only as a means to helping protect the stuff I care about. True again - and again unremarkable. My point is that you have to use the same methods to protect unprivileged accounts as you do root/administrator. Not that they're equivalent in power, but that each kind of account can do and has access is different and equally valuable. Root/Administrator is valuable because it can subvert the protections on, or directly access, the data that end-user accounts have, and end-user accounts because that's the actual money/IP resides. That's the import of my remarks about screensavers, FDE, not caching passwords for web sites in browsers, etc. - it's all about protecting the data; that which resides on the machine, and that which resides on teh intarwebs. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 1:19 PM, Jonathan Link jonathan.l...@gmail.com wrote: On Wed, Apr 17, 2013 at 4:07 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, Apr 17, 2013 at 12:27 PM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 2:43 PM, Michael B. Smith mich...@smithcons.com wrote: IOW: Security is for the MANAGEMENT of risk and MITIGATION of same. For real world systems, and usage of them, there is no such thing as perfect security. That's true, too, but the point Munroe is trying to make is that a lot of people lose track of the forest for the trees. They get so caught up in protecting the computer that they forget why they're protecting it. If that's the case, then he didn't make his point at all clear. It was pretty clear to me, and coincidentally (or not!) his image looks like a tree. Nevermind the fact that most professionals are saying don't run as admin. OK, so they're not. Does that mean they are protected? Protected from what? Not getting a more pervasive infection, sure. But malware writers are dropping the .exe's in userland and doing stuff with the data they access. How do you protect that data, when the person who's been infected, is the person who needs access to the data? Thought it was pretty clear, to be honest. Apparently I'm dense, then. I protect all of my accounts, privileged or not, in the same ways, and have been doing so for so long that it's completely natural to me. It just feels unnatural not to do so. No running executables from untrusted sources, turn off scripting in my browsers, view all email as plain text, no remembering/caching of passwords in browsers, using a unique password per web site and per other accounts, regular clearing of cookies, no linking of accounts between web sites, running current AV, no browsing with elevated accounts, laptops have full disk encryption, etc., etc., etc. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
I would enforce most of it if policy allowed, but in the absence of any written policy (which is my current situation), I can't. Were it in my power to actually set policy, things would be much different. At the very least, I'd love to be able to implement the top 4 controls - patch the OS, patch the applications, remove administrator access from end users and only allow whitelisted applications (of which we do a good job on the first, a mediocre job on the second, and get a flat failure on the last two - I'm in the process of improving the second by getting Adobe and Java patching up to speed). If I could have just those, life would be 10 times easier than it is now. All I can do is educate, and since I'm mostly limited to that, the effort is basically futile, because using the Internet for most folks is like leaving a three year old within sight of an active quarry with no fences - they don't have the skills or judgement to play safely in the field next to it and not be attracted to (or to navigate) the cliffs, ponds and heavy machinery in the quarry, because they lack the experience and and training that most of us on this list have acquired. For instance, on trusted source - I've learned that downloading software from CNET or other repositories is a great way to get pwned, yet staff keep downloading and installing random software onto machines because, well, the gods only know why, really - nothing they've ever said to me makes any sense as a reason for installing the multitudinous crap I've seen. Ditto for user interaction with any number of other sources of data, whether nominally executable or not, web sites most especially included. So, basically, any source is untrusted until I've personally vetted it, and feel comfortable with it. Likewise on leaving scripting on by default in browsers. Most commercial web sites use third party resources to track and advertise and provide rich experience. None of that is trusted until I've personally experienced it and and played with it for a while. In most cases, if the site uses its own CDN, I'll whitelist that CDN for that web site. Other than that, not so much. The best I can do when someone has a pwned machine is say sucks to be you - if you paid attention when I was talking it wouldn't have happened, then wipe their machines and let them start over, after asking them a few questions to see if I can figure out how it happened and tell them not to do that anymore - which they promptly ignore. The battle is lost - or at least it is until management says we can try to win it. The most I can safely say is that my accounts, and the computers on which I'm the sole operator, are far less likely to be compromised than end-user accounts and computers. Frustrating, but true... Kurt On Wed, Apr 17, 2013 at 3:48 PM, Jonathan Link jonathan.l...@gmail.com wrote: You do that. Do you enforce that down to your users? All of that? What is an untrusted source? On Wed, Apr 17, 2013 at 4:42 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, Apr 17, 2013 at 1:19 PM, Jonathan Link jonathan.l...@gmail.com wrote: On Wed, Apr 17, 2013 at 4:07 PM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, Apr 17, 2013 at 12:27 PM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 2:43 PM, Michael B. Smith mich...@smithcons.com wrote: IOW: Security is for the MANAGEMENT of risk and MITIGATION of same. For real world systems, and usage of them, there is no such thing as perfect security. That's true, too, but the point Munroe is trying to make is that a lot of people lose track of the forest for the trees. They get so caught up in protecting the computer that they forget why they're protecting it. If that's the case, then he didn't make his point at all clear. It was pretty clear to me, and coincidentally (or not!) his image looks like a tree. Nevermind the fact that most professionals are saying don't run as admin. OK, so they're not. Does that mean they are protected? Protected from what? Not getting a more pervasive infection, sure. But malware writers are dropping the .exe's in userland and doing stuff with the data they access. How do you protect that data, when the person who's been infected, is the person who needs access to the data? Thought it was pretty clear, to be honest. Apparently I'm dense, then. I protect all of my accounts, privileged or not, in the same ways, and have been doing so for so long that it's completely natural to me. It just feels unnatural not to do so. No running executables from untrusted sources, turn off scripting in my browsers, view all email as plain text, no remembering/caching of passwords in browsers, using a unique password per web site and per other accounts, regular clearing of cookies, no linking of accounts between web sites, running current AV, no browsing with elevated accounts, laptops have full disk encryption, etc., etc
Re: On the subject of security...
On Wed, Apr 17, 2013 at 4:29 PM, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, 18 April 2013 6:08 AM To: NT System Admin Issues Subject: Re: On the subject of security... If that's the case, then he didn't make his point at all clear. ... True again - and again unremarkable. My point is that you have to use the same methods to protect unprivileged accounts as you do root/administrator. ... That's the import of my remarks about screensavers, FDE, not caching passwords for web sites in browsers, etc. - it's all about protecting the data; that which resides on the machine, and that which resides on teh intarwebs. If anyone's being unclear here, I think it's you. My reading of your comments is that a lot of your suggestions are geared towards preventing access to the system. A lot - but not all of. All your suggestions about encrypting disks, having screen savers etc. are overkill if all my data is burnt to CDs. I'm better off investing in a safe to house them. If all of your data is burned to CD, you still have to stick that CD into your reader, and if your machine is compromised, it will still be read and exfiltrated. Additionally, if my only PC is the one sitting in my living room, then when someone has got access to that machine (by breaking into my house), then a lack of password protected screensaver, or the fact that the password to the machine is on the bottom of the keyboard, is probably the least of my problems. True. But they are pretty much required on a laptop that you actually take out of the house, not so? And, if you're going to practice that kind of security on your laptop, it's far easier to keep in the habit of doing it on all of your machines - and nearly mandatory if you have kids who have physical access, I might add Security is about managing risk: identify what the threats are, and the mitigate, transfer, accept etc. Security is not a checklist of technologies and processes. You manage your risks with those technologies and processes, though, don't you? I protect all of my accounts, privileged or not, in the same ways, and have been doing so for so long that it's completely natural to me. It just feels unnatural not to do so. No running executables from untrusted sources, turn off scripting in my browsers, view all email as plain text, no remembering/caching of passwords in browsers, using a unique password per web site and per other accounts, regular clearing of cookies, no linking of accounts between web sites, running current AV, no browsing with elevated accounts, laptops have full disk encryption, etc., etc., etc. Without an evaluation of risks, this would be a complete waste of time for most people IMHO. Sure - if you don't browse the Internet, share USB sticks, etc., you probably don't need to do those things. I run as an admin on my personal machine. I don't bother reading all mail in plain text, and I don’t full disk encrypt all my machines, and I don't clear my cookies. I've got better things to do with my time, and if I focus on protecting my identity and data instead, I'm probably just as likely as you to be safe. So, care to share how you protect your identity and data without any technologies or processes? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: On the subject of security...
On Wed, Apr 17, 2013 at 7:08 PM, Ben Scott mailvor...@gmail.com wrote: On Wed, Apr 17, 2013 at 4:07 PM, Kurt Buff kurt.b...@gmail.com wrote: My point is that you have to use the same methods to protect unprivileged accounts as you do root/administrator. True and unremarkable. There, I did it, too. See how that fails to contribute to the discussion? In this case, because it's untrue, because your point below is wrongheaded... Not that they're equivalent in power, but that each kind of account can do and has access is different and equally valuable. For the typical home user, which is what that comic is focused on[1], not so much. Root/Administrator is valuable because it can subvert the protections on, or directly access, the data that end-user accounts have, and end-user accounts because that's the actual money/IP resides. And for a home PC *THERE IS ONLY ONE USER*. -- Ben [1] Note what's in the bubbles around the edges. Yes, I noted the bubbles. But a), even for home users, while there might be only one user, there should be *at least* n+1 users, where n is the number of individuals who actually use the machine, plus an administrator account, and b) given all of those bubbles, the end user is in a threat-rich environment, so must exercise the vigilance techniques I and others have described/prescribed, if they care about their data, privacy and finances. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: VMware vCenter upgrade; problems with vCenter Database PreCheck
Thanks for a very useful writeup - I'm going to be going through a similar process in the near future. I just have to locate the Dell-ized version of 5.1, and get the time to do it. Kurt On Tue, Apr 16, 2013 at 5:58 AM, Michael Leone oozerd...@gmail.com wrote: So I never did get an answer on this, either from here, VMware Communities, or Tech Support. :-) But since the Host Agent Pre-Check passed, and the new vCenter 5.1 Pre-Install Check Script passed, I just went ahead and did it. So yesterday I upgraded my 5.0 to 5.1.0b. And it all Just Worked, surprisingly enough. :-) Every section said completed successfully. It does pay to do your homework - in my case, the SQL instance where I created my RSA Single Sign On database was on a separate server. Being a named instance (i.e., not default), the port number was 50977, not the standard 1433). I found that port by asking my head DBA. :-) I specified that when installing SSO, and it seemed to work. Also, when installing Syslog Collector and Dump Collector, I had to specify the username as user@domain, not the user that the configuration screen pre-filled in for me. (to be extra safe, I made a local hosts file on my vCenter, just incase there were problems with my DNS. There wasn't - all my hosts properly resolved forward and backward in DNS; I'm a bit of a stickler for that - but it doesn't hurt just to be safe. Remember to do a ipconfig /flushdns, to reload the hosts file) Other than that, I didn't have any problems. Took about 80 minutes (I went slowly, just in case). I also upgraded 2 vSphere clients on workstations (mine and my boss), and again that just worked, along with the Update Manager upgrade. So at this point, I just need to change my SQL Agent job that creates a nightly backup of my VirtualCenter DB to also make a backup of my RSA database. And then upgrade my hosts ... I will let it sit and percolate for another day, and start to upgrade the hosts to 5.1, by using the Update Manager. On Thu, Apr 11, 2013 at 10:23 AM, Michael Leone oozerd...@gmail.com wrote: I realize this is more than a bit OT for this list. But I'm still waiting to hear back from VMware Tech Support (they said they need to contact their engineers), and I've had no response from the VMware community yet. So I thought I would take a chance and ask here. I am about to upgrade from ESXi 5.0 U2 to 5.1. I am running the vCenter Server Database Pre-Upgrade Checker as a pre-step, and it is failing. Regardless of whether I run 32 or 64 bit checker, and regardless of whether I choose the ODBC or Credentials type of check.. vCenter OS=Win 2008 R2; DB = SQL 2008 R2 in a named instance, on a remote server. I am using ODBC as connection type, and am using the name I see in ODBC, and the correct SQL sa user and password. But it fails. Even if I use the Credentials option, it still fails. Both complain about failing to create a file. vCenter Server version = 5.0.0 Build 804277 The log shows: (snipped) - same error whether running an ODBC or Credentials check --- Signature file path: C:\Users\admin\Documents\64bit-check.xml-signature20130410141806.xml Message output file path: C:\Users\admin\Documents\64bit-check.xml-message20130410141806.txt Output archive file created. Error: no such file C:\Users\admin\Documents\64bit-check.xml-signature20130410141806.xml --- And the Debug log: C:\Users\admin\Documents\64bit-check.xml-signature20130410141806.xml (The system cannot find the file specified) The KB ( http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=2004286 ) says that the checker compares a signature file of what I am running, against a standard signature file. From the looks of it, it's not creating my signature file, even tho the log says it did. Anybody ever run this? Does it even work? Looks to me like an error in the Java code that creates the signature, or the code that reads it back in, it's the only thing I can think of. Mind you, the 5.1 Host Agent Pre-Upgrade check runs flawlessly. But I am presuming that the Database PreCheck does a more comprehensive check (else why does it exist?). ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Some interesting thoughts about network security
On Mon, Apr 15, 2013 at 5:23 AM, James Rankin kz2...@googlemail.com wrote: http://www.brianmadden.com/blogs/brianmadden/archive/2013/04/15/rethinking-network-security-all-your-on-premises-wifi-users-are-actually-quot-remote-quot-users.aspx -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk Yeah - he's wrong. --Begin Quote-- I can never allow non-trusted devices on the corporate network You need to redefine your definition of corporate network. Your corporate network is the tight boundary that's around your servers or whatever else you're actually trying to protect. There's no point to protecting your entire user-land network. Just make it the internet and move on. --End Quote-- When I can keep all of the IP and other confidential data to the company off of end user devices (and by this I mean not stored to local non-volatile storage, encrypted or not), I can consider that. In the meantime, the boundary extends well beyond my servers. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Some interesting thoughts about network security
This might explain his thinking on this particular subject - as a VDI/RDS/Citrix kinda guy, he lives in a space where data doesn't leave the servers, mostly. Kurt On Mon, Apr 15, 2013 at 12:28 PM, Michael B. Smith mich...@smithcons.com wrote: I've had several issues with his thinking in the last couple of years. Don't get me wrong - in his subject area (which I typically think of as VDI/RDS/Citrix) he's a really smart cookie. But he's been veering into the wild blue yonder on other things... -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, April 15, 2013 3:19 PM To: NT System Admin Issues Subject: Re: Some interesting thoughts about network security On Mon, Apr 15, 2013 at 5:23 AM, James Rankin kz2...@googlemail.com wrote: http://www.brianmadden.com/blogs/brianmadden/archive/2013/04/15/rethin king-network-security-all-your-on-premises-wifi-users-are-actually-quo t-remote-quot-users.aspx -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk Yeah - he's wrong. --Begin Quote-- I can never allow non-trusted devices on the corporate network You need to redefine your definition of corporate network. Your corporate network is the tight boundary that's around your servers or whatever else you're actually trying to protect. There's no point to protecting your entire user-land network. Just make it the internet and move on. --End Quote-- When I can keep all of the IP and other confidential data to the company off of end user devices (and by this I mean not stored to local non-volatile storage, encrypted or not), I can consider that. In the meantime, the boundary extends well beyond my servers. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Some interesting thoughts about network security
Agreed. On Mon, Apr 15, 2013 at 2:44 PM, Andrew S. Baker asbz...@gmail.com wrote: The biggest problem I see with the new perimeter discussions is that people keep advocating leaving the old perimeter. That's the part that always gets me. Acknowledging that data protection is best done near the data container is fine. Abandoning all other posts, some of which contain other assets that need to be protected is not wise. ASB http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market… On Mon, Apr 15, 2013 at 3:28 PM, Michael B. Smith mich...@smithcons.com wrote: I've had several issues with his thinking in the last couple of years. Don't get me wrong - in his subject area (which I typically think of as VDI/RDS/Citrix) he's a really smart cookie. But he's been veering into the wild blue yonder on other things... -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, April 15, 2013 3:19 PM To: NT System Admin Issues Subject: Re: Some interesting thoughts about network security On Mon, Apr 15, 2013 at 5:23 AM, James Rankin kz2...@googlemail.com wrote: http://www.brianmadden.com/blogs/brianmadden/archive/2013/04/15/rethin king-network-security-all-your-on-premises-wifi-users-are-actually-quo t-remote-quot-users.aspx -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk Yeah - he's wrong. --Begin Quote-- I can never allow non-trusted devices on the corporate network You need to redefine your definition of corporate network. Your corporate network is the tight boundary that's around your servers or whatever else you're actually trying to protect. There's no point to protecting your entire user-land network. Just make it the internet and move on. --End Quote-- When I can keep all of the IP and other confidential data to the company off of end user devices (and by this I mean not stored to local non-volatile storage, encrypted or not), I can consider that. In the meantime, the boundary extends well beyond my servers. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: POSH PtH - this is...
Must be good. MSFT has acquired them. Kurt On Tue, Apr 9, 2013 at 6:09 AM, Andrew S. Baker asbz...@gmail.com wrote: Check out PhoneFactor... *ASB **http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker* **Providing Virtual CIO Services (IT Operations Information Security) for the SMB market…*** On Tue, Apr 9, 2013 at 12:20 AM, Kurt Buff kurt.b...@gmail.com wrote: If I had one, I would. We're a small org, and a smartcard setup isn't gonna fly. Kurt On Mon, Apr 8, 2013 at 8:34 PM, Ken Schaefer k...@adopenstatic.com wrote: Why don't you use smart card login instead? Security is about managing risk, and not about avoiding every possible risk. Work in a big enough org, and the risks are so numerous there's simply no way to avoid them all - some of them just have to be accepted as is. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, 9 April 2013 1:29 PM To: NT System Admin Issues Subject: Re: POSH PtH - this is... On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff kurt.b...@gmail.com wrote: Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Well, then, you didn't say that, you seemed focused on PoSh. WCE in particular is new to me, too, but I've certainly read of attacks on the running system to recover credentials before. That's why trusting the computer you're logging into is really important. :) It's good to know there's an easy-to-use tool available, though. :) Didn't make it clear, true - wrong subject line, I suppose. Trusting computers is not something that comes easily to me, any more, unless I'm the only one who has touched it. Too many folks don't understand the implications of their actions. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: .ZIP file e-mail attachments
On Tue, Apr 9, 2013 at 7:51 AM, David Lum david@nwea.org wrote: Do any of you guys still allow this? I ask because at %formerjob% they were blocked, but %dayjob% allows them, and last week and today we’ve received infected .ZIP files. Last week was another autorun outbreak, today we caught it before anyone actually ran it. We keep getting latest and greatest variants “First seen by VirusTotal 2013-04-09 09:51:15 UTC (4 hours, 58 minutes ago)”. Grr… David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 Over my strenuous protests, yes. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Excel 2010 problem - can't quite figure it out
Did VBE thing. Nice - I like that, have never played with it. c:\users\%username%\AppData\Roaming\Microsoft\Excel\XLSTART It's empty, and I can't find a book.xltx on the system. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Excel 2010 problem - can't quite figure it out
Tried that today. Not successful - I've looked at the addins, too, and all that are there are from MSFT - nothing strange or out of the ordinary. Kurt On Mon, Apr 8, 2013 at 6:14 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Have you tried starting Excel with no add-ins as well (safemode)? Should be a /s on the command line. http://office.microsoft.com/en-us/excel-help/command-line-switches-for-excel-HA010158030.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, April 06, 2013 4:28 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: POSH PtH - this is...
On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff kurt.b...@gmail.com wrote: Amusing? Alarming? Both? http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html Neither? It seem to boil down to, if you steal credentials, you gain access to what those credentials protect. This should not be a surprise. :-) Not exactly neither - the use of WCE is the key, methinks. WCE allows theft of credentials from others accounts that are stored in RAM, with the possible upgrade of credentials that this would imply, if higher-security accounts such as DAs Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Granted, you must be local admin to use WCE, but if you're local admin on a server or workstation, and a DA account logs in and leaves credentials in memory, well, your task is accomplished. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RESOLVED: Excel 2010 problem - can't quite figure it out
The young pup whose first day was today opened it in compatibility mode, did a Save As and it worked, then closed Excel and tried it in native mode, and it worked again. Gotta love having a new set of eyes on a problem. Don't know what root cause was, but it's a win, and I'll take it. Kurt On Mon, Apr 8, 2013 at 6:14 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Have you tried starting Excel with no add-ins as well (safemode)? Should be a /s on the command line. http://office.microsoft.com/en-us/excel-help/command-line-switches-for-excel-HA010158030.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, April 06, 2013 4:28 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: POSH PtH - this is...
On Mon, Apr 8, 2013 at 5:01 PM, Kurt Buff kurt.b...@gmail.com wrote: On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff kurt.b...@gmail.com wrote: Amusing? Alarming? Both? http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html Neither? It seem to boil down to, if you steal credentials, you gain access to what those credentials protect. This should not be a surprise. :-) Not exactly neither - the use of WCE is the key, methinks. WCE allows theft of credentials from others accounts that are stored in RAM, with the possible upgrade of credentials that this would imply, if higher-security accounts such as DAs Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Granted, you must be local admin to use WCE, but if you're local admin on a server or workstation, and a DA account logs in and leaves credentials in memory, well, your task is accomplished. Kurt That should read , if higher-security accounts such as DAs log in where they shouldn't. Don't know how that disappeared... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: RESOLVED: Excel 2010 problem - can't quite figure it out
Absolutely - but I had to very unseriously threaten to kick his butt for showing me up in front of customers. :-o Kurt On Mon, Apr 8, 2013 at 6:32 PM, Robert Cato cato.rob...@gmail.com wrote: That was a good hire and a big win for him on the first day. On Mon, Apr 8, 2013 at 8:06 PM, Kurt Buff kurt.b...@gmail.com wrote: The young pup whose first day was today opened it in compatibility mode, did a Save As and it worked, then closed Excel and tried it in native mode, and it worked again. Gotta love having a new set of eyes on a problem. Don't know what root cause was, but it's a win, and I'll take it. Kurt On Mon, Apr 8, 2013 at 6:14 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Have you tried starting Excel with no add-ins as well (safemode)? Should be a /s on the command line. http://office.microsoft.com/en-us/excel-help/command-line-switches-for-excel-HA010158030.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, April 06, 2013 4:28 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: POSH PtH - this is...
Yes, and even if not a local admin you can run a physical keylogger on a workstation and try to entice someone with more privileges than your account has to log in an capture their credentials. That's not exactly the point of my post. The point is, as pointed out in another part of the thread, the article a new (to me, at least) vector for getting credentials - WCE - in a much different way than a whole other set of well-known tools for getting credentials. It another good example to bolster the case for mandating that people who do privileged tasks do so with appropriate accounts, care and attitude. For instance, at my place of work the supposedly security-aware IT manager has no problem logging into workstations and servers with his DA account. This, in spite of the fact that I have several times explained to him why I have 4 different accounts for my tasks, each with different levels of access. (personal, workstation admin, server admin and DA - I haven't yet set up an Exchange admin account, but will when we migrate to Exchange 2010.) I forwarded the article to him in hopes of awakening him a bit to the threat. Above and beyond all of that - if it hasn't been done already, I would bet that it won't be long before someone weaponizes WCE... Kurt On Mon, Apr 8, 2013 at 6:46 PM, Ken Schaefer k...@adopenstatic.com wrote: If you're admin on the machine, can't you just run a keylogger? Then you've got the DA's credentials in the clear (assuming they use a password) Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, 9 April 2013 10:01 AM To: NT System Admin Issues Subject: Re: POSH PtH - this is... On Mon, Apr 8, 2013 at 4:17 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 7:06 PM, Kurt Buff kurt.b...@gmail.com wrote: Amusing? Alarming? Both? http://labofapenetrationtester.blogspot.in/2013/04/poshing-the-hashes.html Neither? It seem to boil down to, if you steal credentials, you gain access to what those credentials protect. This should not be a surprise. :-) Not exactly neither - the use of WCE is the key, methinks. WCE allows theft of credentials from others accounts that are stored in RAM, with the possible upgrade of credentials that this would imply, if higher-security accounts such as DAs Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Granted, you must be local admin to use WCE, but if you're local admin on a server or workstation, and a DA account logs in and leaves credentials in memory, well, your task is accomplished. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: RESOLVED: Excel 2010 problem - can't quite figure it out
I was told to interview him only for cultural/team fit, in a separate and shorter interview, and I had to push to get that. Manager wanted to be the one who interviewed for technical ability - all alone. New guy interviewed very well, and I liked him a lot. Just one more reason why I'm not happy with my manager, and will be leaving as soon as I find the right job... Kurt On Mon, Apr 8, 2013 at 7:17 PM, Jon Harris jk.har...@live.com wrote: If you had anything to do with the hiring of the young pup then take partial credit for being smart enough to know talent when you see it. If not then watch your back he may be really good. Jon Date: Mon, 8 Apr 2013 18:57:39 -0700 Subject: Re: RESOLVED: Excel 2010 problem - can't quite figure it out From: kurt.b...@gmail.com To: ntsysadmin@lyris.sunbelt-software.com Absolutely - but I had to very unseriously threaten to kick his butt for showing me up in front of customers. :-o Kurt On Mon, Apr 8, 2013 at 6:32 PM, Robert Cato cato.rob...@gmail.com wrote: That was a good hire and a big win for him on the first day. On Mon, Apr 8, 2013 at 8:06 PM, Kurt Buff kurt.b...@gmail.com wrote: The young pup whose first day was today opened it in compatibility mode, did a Save As and it worked, then closed Excel and tried it in native mode, and it worked again. Gotta love having a new set of eyes on a problem. Don't know what root cause was, but it's a win, and I'll take it. Kurt On Mon, Apr 8, 2013 at 6:14 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Have you tried starting Excel with no add-ins as well (safemode)? Should be a /s on the command line. http://office.microsoft.com/en-us/excel-help/command-line-switches-for-excel-HA010158030.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, April 06, 2013 4:28 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog
Re: RESOLVED: Excel 2010 problem - can't quite figure it out
It would not surprise me if it were true. I'm studying for the CISSP exam. I figure that will give me a better chance of finding a job - one that pays well, anyway. Kurt On Mon, Apr 8, 2013 at 7:40 PM, Jon Harris jk.har...@live.com wrote: It was on LinkedIn Today not something that Andrew post. Jon From: jk.har...@live.com To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: RESOLVED: Excel 2010 problem - can't quite figure it out Date: Mon, 8 Apr 2013 22:38:56 -0400 Your manager maybe aware of your intention thus restricting your input into hiring or he/she may just have an ego that is too large to fit in a multistory warehouse. Either way good luck getting out. A recent article I saw (I think it was Andrew that posted it) on LinkedIn seems to indicate the job market may not be expanding much and may be getting tighter again despite what the numbers the government is spouting. Jon Date: Mon, 8 Apr 2013 19:30:54 -0700 Subject: Re: RESOLVED: Excel 2010 problem - can't quite figure it out From: kurt.b...@gmail.com To: ntsysadmin@lyris.sunbelt-software.com I was told to interview him only for cultural/team fit, in a separate and shorter interview, and I had to push to get that. Manager wanted to be the one who interviewed for technical ability - all alone. New guy interviewed very well, and I liked him a lot. Just one more reason why I'm not happy with my manager, and will be leaving as soon as I find the right job... Kurt On Mon, Apr 8, 2013 at 7:17 PM, Jon Harris jk.har...@live.com wrote: If you had anything to do with the hiring of the young pup then take partial credit for being smart enough to know talent when you see it. If not then watch your back he may be really good. Jon Date: Mon, 8 Apr 2013 18:57:39 -0700 Subject: Re: RESOLVED: Excel 2010 problem - can't quite figure it out From: kurt.b...@gmail.com To: ntsysadmin@lyris.sunbelt-software.com Absolutely - but I had to very unseriously threaten to kick his butt for showing me up in front of customers. :-o Kurt On Mon, Apr 8, 2013 at 6:32 PM, Robert Cato cato.rob...@gmail.com wrote: That was a good hire and a big win for him on the first day. On Mon, Apr 8, 2013 at 8:06 PM, Kurt Buff kurt.b...@gmail.com wrote: The young pup whose first day was today opened it in compatibility mode, did a Save As and it worked, then closed Excel and tried it in native mode, and it worked again. Gotta love having a new set of eyes on a problem. Don't know what root cause was, but it's a win, and I'll take it. Kurt On Mon, Apr 8, 2013 at 6:14 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Have you tried starting Excel with no add-ins as well (safemode)? Should be a /s on the command line. http://office.microsoft.com/en-us/excel-help/command-line-switches-for-excel-HA010158030.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, April 06, 2013 4:28 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage
Re: POSH PtH - this is...
On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff kurt.b...@gmail.com wrote: Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Well, then, you didn't say that, you seemed focused on PoSh. WCE in particular is new to me, too, but I've certainly read of attacks on the running system to recover credentials before. That's why trusting the computer you're logging into is really important. :) It's good to know there's an easy-to-use tool available, though. :) Didn't make it clear, true - wrong subject line, I suppose. Trusting computers is not something that comes easily to me, any more, unless I'm the only one who has touched it. Too many folks don't understand the implications of their actions. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: POSH PtH - this is...
If I had one, I would. We're a small org, and a smartcard setup isn't gonna fly. Kurt On Mon, Apr 8, 2013 at 8:34 PM, Ken Schaefer k...@adopenstatic.com wrote: Why don't you use smart card login instead? Security is about managing risk, and not about avoiding every possible risk. Work in a big enough org, and the risks are so numerous there's simply no way to avoid them all - some of them just have to be accepted as is. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, 9 April 2013 1:29 PM To: NT System Admin Issues Subject: Re: POSH PtH - this is... On Mon, Apr 8, 2013 at 8:04 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Apr 8, 2013 at 8:01 PM, Kurt Buff kurt.b...@gmail.com wrote: Agree with MBS that other tools could stand in for PowerShell, but WCE was actually new to me. Well, then, you didn't say that, you seemed focused on PoSh. WCE in particular is new to me, too, but I've certainly read of attacks on the running system to recover credentials before. That's why trusting the computer you're logging into is really important. :) It's good to know there's an easy-to-use tool available, though. :) Didn't make it clear, true - wrong subject line, I suppose. Trusting computers is not something that comes easily to me, any more, unless I'm the only one who has touched it. Too many folks don't understand the implications of their actions. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Excel 2010 problem - can't quite figure it out
Prefer not to do that - would like to find root cause. But, it's likely to come to that. On Thu, Apr 4, 2013 at 7:18 PM, Daniel Rodriguez drod...@gmail.com wrote: okay. you said that when a user login you can't do the save right? but if another user login they can do the save. I see you have a corrupt profile. delete the profile and have the user log back in. Daniel Rodriguez On Apr 4, 2013 8:59 PM, Kurt Buff kurt.b...@gmail.com wrote: Gentles, I'm pretty sure I've narrowed this down, but can't quite find the remedy... Excel 2010 only - not the rest of the suite. Win7 Enterprise. User can open and manipulate spreadsheets, save them, whatever. User can create a blank new Excel document on the desktop, and use that with no problems. However, the user cannot open Excel with a blank document, enter data/formulas/whatever, and then either do a save or a save as. No dialog box pops up - just Nothing. The only way to get out of the spreadsheet is to close the fresh document and no save changes. Annoying, but not critical, of course. It's limited to the profile on this machine - I can log in as another user and have no problems with it. I've uninstalled and reinstalled Office, with a reboot in between, and let the machine patch itself from WSUS - same behavior before and after patching. I've deleted all of the temp files I can find, and the files/directories under her AppData Office and Excel directories, to no avail. So, I'm thinking it's something in the registry, but I can't sniff it out. Google was being obstinate today, too. Anyone run into this scenario? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Excel 2010 problem - can't quite figure it out
I looked at all of the settings, and went through that article, and an updated one for 2007/2010. No luck... The default open/save location is blank. I think I'll try setting it to My Documents and a couple of other places to see if it makes a difference. Kurt On Fri, Apr 5, 2013 at 5:09 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: Most office apps need to put a temp file in the location where the file is saved/opened--I can't tell from your description if these are the same locations. If not, do you know where that is, and is there any issue with temp files being blocked or storage limits in that spot? You might also try resetting the default templates, in case something is wrong there: http://office.microsoft.com/en-us/excel-help/reset-workbook-and-worksheet-settings-HP005202207.aspx -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, April 04, 2013 5:59 PM To: NT System Admin Issues Subject: Excel 2010 problem - can't quite figure it out Gentles, I'm pretty sure I've narrowed this down, but can't quite find the remedy... Excel 2010 only - not the rest of the suite. Win7 Enterprise. User can open and manipulate spreadsheets, save them, whatever. User can create a blank new Excel document on the desktop, and use that with no problems. However, the user cannot open Excel with a blank document, enter data/formulas/whatever, and then either do a save or a save as. No dialog box pops up - just Nothing. The only way to get out of the spreadsheet is to close the fresh document and no save changes. Annoying, but not critical, of course. It's limited to the profile on this machine - I can log in as another user and have no problems with it. I've uninstalled and reinstalled Office, with a reboot in between, and let the machine patch itself from WSUS - same behavior before and after patching. I've deleted all of the temp files I can find, and the files/directories under her AppData Office and Excel directories, to no avail. So, I'm thinking it's something in the registry, but I can't sniff it out. Google was being obstinate today, too. Anyone run into this scenario? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Excel 2010 problem - can't quite figure it out
I will try that, and let you know on Monday. Kurt On Sat, Apr 6, 2013 at 1:56 PM, Orland, Kathleen korl...@rogers.com wrote: Book.xltx is the name of the template. The location should be in the XLSTART folder in Office. If not, then try this in VBE : Press [Alt]+[F11] to launch the VBE. If the Immediate window isn’t visible, press [Ctrl]+g. In the Immediate window, type ? application.StartupPath and press Enter. VBA will display the path to XLStart. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Saturday, April 06, 2013 2:07 PM To: NT System Admin Issues Subject: Re: Excel 2010 problem - can't quite figure it out I forget what it is called in 2010 but if you delete the default Excel Template and let Excel create a new one next time the user opens it. We have not had this problem since 2007 but in 2003 it was common. We would just delete the default and it would create a new one and the problem went away. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - No virus found in this message. Checked by AVG - www.avg.com Version: 2013.0.3272 / Virus Database: 3162/6228 - Release Date: 04/06/13 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Just A Bunch of Noise, or The Beginning of The End?
On Fri, Apr 5, 2013 at 8:18 AM, Roger Wright rhw...@gmail.com wrote: http://usmarketbuzz.com/msft-microsoft-corporation-nasdaqmsft-will-grow-obsolete-by-2017-gartner-3206# Roger Wright That's one of the funniest things I've heard in a long time. I think it was published 4 days late, though. OTOH, if the article is serious, then consider that Gartner is about the least reliable predictor of anything I've seen or heard. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Excel 2010 problem - can't quite figure it out
Gentles, I'm pretty sure I've narrowed this down, but can't quite find the remedy... Excel 2010 only - not the rest of the suite. Win7 Enterprise. User can open and manipulate spreadsheets, save them, whatever. User can create a blank new Excel document on the desktop, and use that with no problems. However, the user cannot open Excel with a blank document, enter data/formulas/whatever, and then either do a save or a save as. No dialog box pops up - just Nothing. The only way to get out of the spreadsheet is to close the fresh document and no save changes. Annoying, but not critical, of course. It's limited to the profile on this machine - I can log in as another user and have no problems with it. I've uninstalled and reinstalled Office, with a reboot in between, and let the machine patch itself from WSUS - same behavior before and after patching. I've deleted all of the temp files I can find, and the files/directories under her AppData Office and Excel directories, to no avail. So, I'm thinking it's something in the registry, but I can't sniff it out. Google was being obstinate today, too. Anyone run into this scenario? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Friday semiOT: funny to me anyway
Yep - been a long time since the Pentium came out - 1995-03-22 On Sun, Mar 24, 2013 at 1:38 PM, Richard Stovall rich...@gmail.com wrote: Wow. On Mar 23, 2013 1:07 AM, Kurt Buff kurt.b...@gmail.com wrote: This day, 1995, Intel dropped the big one... https://www.youtube.com/watch?v=qpMvS1Q1sos ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: DPM and LTO6?
That's what we're working from. So, I've not only asked here, we're asking the vendor about compatibility too - if they certify it, we have recourse, but anecdotes of experience here count for even more than vendor blather in my estimation... Kurt On Fri, Mar 22, 2013 at 7:35 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: The only official list I've seen covers libraries, and doesn't show any that are LTO6 at this time. It doesn't cover just individual drives though: http://technet.microsoft.com/en-us/library/hh916523.aspx From: Kurt Buff [kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 2:54 PM To: NT System Admin Issues Subject: Re: DPM and LTO6? I would expect that, but the HCL for DPM doesn't list any LTO6 machines - only LTO5 and earlier, so I ask... Kurt On Thu, Mar 21, 2013 at 2:49 PM, Brian Desmond br...@briandesmond.com wrote: I haven’t a clue, but, isn't the specific tape media/type abstracted to the backup program via the driver? Thanks, Brian Desmond br...@briandesmond.com w – 312.625.1438 | c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 4:28 PM To: NT System Admin Issues Subject: DPM and LTO6? Anyone know if it's supported? The last notes I see on the MSFT site don't show any references to it, just LTO5, and I've got an opportunity to buy a new tape unit before the end of the month/FY, so have to make a decision today... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: DPM and LTO6?
I reached out to MSFT contacts as well, and just received word back from them. There are no LTO6 units that are certified with DPM. So, we're going with LTO5. We're getting a Quantum unit that has 25 slots, and because it's the end of the quarter, they're throwing in another 15 slot license for free. 40 slots is huge overkill for us, but it has two drives, which I require - I want to be able to do a restore while the backups are writing to tape, and if nothing else, it'll be faster than a single tape anyway... Kurt On Fri, Mar 22, 2013 at 7:35 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: The only official list I've seen covers libraries, and doesn't show any that are LTO6 at this time. It doesn't cover just individual drives though: http://technet.microsoft.com/en-us/library/hh916523.aspx From: Kurt Buff [kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 2:54 PM To: NT System Admin Issues Subject: Re: DPM and LTO6? I would expect that, but the HCL for DPM doesn't list any LTO6 machines - only LTO5 and earlier, so I ask... Kurt On Thu, Mar 21, 2013 at 2:49 PM, Brian Desmond br...@briandesmond.com wrote: I haven’t a clue, but, isn't the specific tape media/type abstracted to the backup program via the driver? Thanks, Brian Desmond br...@briandesmond.com w – 312.625.1438 | c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 4:28 PM To: NT System Admin Issues Subject: DPM and LTO6? Anyone know if it's supported? The last notes I see on the MSFT site don't show any references to it, just LTO5, and I've got an opportunity to buy a new tape unit before the end of the month/FY, so have to make a decision today... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Since we are on the subject of malware and hacking
Thank you sir. Much appreciated. Kurt On Thu, Mar 21, 2013 at 2:22 PM, Ziots, Edward ezi...@lifespan.org wrote: I just did a security presentation for NAISG Security Group last night which was well received and informative, it discusses incident response, malware analysis and traffic analysis of current malware trends so if you would like to have a copy of my presentation email me directly, and I will send you a copy. ** ** Sincerely, EZ ** ** Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org Work:401-444-9081 ** ** ** ** This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. *[image: Description: Description: Lifespan]* ** ** ** ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage001.jpg
Re: OT: Career and Social Media
I have noticed the lack of concern for privacy, and IMHO those who don't currently cherish their privacy are at risk for grave upset when it gets violated in new and peculiar ways, which I expect will happen more frequently as time goes by... Kurt On Fri, Mar 22, 2013 at 6:43 AM, David Lum david@nwea.org wrote: In case you haven’t noticed, privacy is becoming history. The current young generation by and large expects to be able to find out where there friends and family are, where they eat and shop, and where they work, and they also have no problems sharing their own information with people. As these people become older and enter the corporate world, they will expect to know quite a bit about you whether or not your resume is any good, and they will likely influence company rules… The added twist is just by having family on social media, your information becomes public “I went to my dad’s 40th birthday party yesterday, not too far from the house he was born in”. Presto, your age, date and place of birth given up in one sentence by someone else. In many ways I see keeping privacy in the same vein as not having a car or a phone. You can do it, but it takes a concerted effort and a specific lifestyle to pull it off. (Oddly, I didn’t have this view until I went to a lunch/seminar that was all about security yesterday!). I’m sure when those first came out there were people who said “who needs such a thing!”. I went without a smartphone longer than many folks, but to be relevant/competitive in my field it became necessary to get one (although I still turn off location services except for the specific times I need them) and I am better off for it as it saves me a lot of time vs. if I were to be without it. Heck cellphones are now being used to inform different service providers traffic densities, average speeds, etc. so their mapping software can tell you how to avoid traffic. Big brother is here, the difference is it’s not like The Truman Show because the participants are also getting the benefits of said information. With social media you might not have to look for a new job, it might find you. I can see in a few years the conversation being “Remember when we had so send resume’s out? How lame!”. That Dilbert is spot-on whether we like it or not. From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 7:51 PM To: NT System Admin Issues Subject: Re: OT: Career and Social Media +1000 I do not have a facebook account, nor any other social media account other than LinkedIn. Work and personal life are as separate as I can make them. Social media is a time stealer and a privacy invader. Kurt On Thu, Mar 21, 2013 at 5:47 PM, Jon Harris jk.har...@live.com wrote: I am glad I am getting close to the end of my career. I really dislike using things like Facebook for anything more than keeping in touch with family/friends. LinkedIN is about the only social media I use for business. I like to keep the two very separate from each other. Jon From: rodtr...@myitforum.com To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: OT: Career and Social Media Date: Thu, 21 Mar 2013 22:49:52 + I can attest to that. My last two jobs have come because social media. Sent from Microsoft Surface Pro From: Andrew S. Baker Sent: March 21, 2013 6:38 PM To: NT System Admin Issues Subject: OT: Career and Social Media http://www.dilbert.com/fast/2013-03-21/ This is the new reality, folks. You don't have to embrace it, but to fight it is going to be career limiting . Within 5 years, it will be a major factor in employment... Who knows about you is becoming as important as what you know. -ASB: http://XeeMe.com/AndrewBaker ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin --_ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise
Re: virtualization question
On Fri, Mar 22, 2013 at 10:58 AM, Stephen Holtz ste...@addisonreserve.cc wrote: Ok, another newbie to the world of virtualization here. I have a POS (point of sale) program that I want to be able to be accessed by iPads using a RDP client. However, I would like to put multiple instances of the program on a server so that each iPad can access the POS program and keep it open during service. Any help even a starting point would be helpful. TIA, Questions... o- Is this a new POS program, or is it currently in use elsewhere? o- If it's currently in use, what are the back end and front end platforms - Windows, *nix? If it's currently in use, and has a Windows front end client, you shoud probably talk withe the vendor regarding whether it plays nice on a TS server, or whether it will play nice with RDP. If they don't know, then I'd explore whether it works via RDP first, and then test to see if you can make it run in a Windows VM, and then test an install on a TS server. If it works via RDP, but not in a shared TS environment, then I'd probably see about getting multiple VMs running as targets for RDP. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: virtualization question
Maybe, or maybe just stand up some workstations VMs in a free ESXi environment... But perhaps that's VDI, too... Kurt On Fri, Mar 22, 2013 at 1:38 PM, Webster webs...@carlwebster.com wrote: If it works via RDP, but not in a shared TS environment, then I'd probably see about getting multiple VMs running as targets for RDP. You mean, GASP!, VDI??? smirk Thanks Webster -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, March 22, 2013 3:22 PM To: NT System Admin Issues Subject: Re: virtualization question On Fri, Mar 22, 2013 at 10:58 AM, Stephen Holtz ste...@addisonreserve.cc wrote: Ok, another newbie to the world of virtualization here. I have a POS (point of sale) program that I want to be able to be accessed by iPads using a RDP client. However, I would like to put multiple instances of the program on a server so that each iPad can access the POS program and keep it open during service. Any help even a starting point would be helpful. TIA, Questions... o- Is this a new POS program, or is it currently in use elsewhere? o- If it's currently in use, what are the back end and front end platforms - Windows, *nix? If it's currently in use, and has a Windows front end client, you shoud probably talk withe the vendor regarding whether it plays nice on a TS server, or whether it will play nice with RDP. If they don't know, then I'd explore whether it works via RDP first, and then test to see if you can make it run in a Windows VM, and then test an install on a TS server. If it works via RDP, but not in a shared TS environment, then I'd probably see about getting multiple VMs running as targets for RDP. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: DPM and LTO6?
I would expect that, but the HCL for DPM doesn't list any LTO6 machines - only LTO5 and earlier, so I ask... Kurt On Thu, Mar 21, 2013 at 2:49 PM, Brian Desmond br...@briandesmond.com wrote: I haven’t a clue, but, isn't the specific tape media/type abstracted to the backup program via the driver? Thanks, Brian Desmond br...@briandesmond.com w – 312.625.1438 | c – 312.731.3132 -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 21, 2013 4:28 PM To: NT System Admin Issues Subject: DPM and LTO6? Anyone know if it's supported? The last notes I see on the MSFT site don't show any references to it, just LTO5, and I've got an opportunity to buy a new tape unit before the end of the month/FY, so have to make a decision today... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Career and Social Media
+1000 I do not have a facebook account, nor any other social media account other than LinkedIn. Work and personal life are as separate as I can make them. Social media is a time stealer and a privacy invader. Kurt On Thu, Mar 21, 2013 at 5:47 PM, Jon Harris jk.har...@live.com wrote: I am glad I am getting close to the end of my career. I really dislike using things like Facebook for anything more than keeping in touch with family/friends. LinkedIN is about the only social media I use for business. I like to keep the two very separate from each other. Jon -- From: rodtr...@myitforum.com To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: OT: Career and Social Media Date: Thu, 21 Mar 2013 22:49:52 + I can attest to that. My last two jobs have come because social media. Sent from Microsoft Surface Pro *From:* Andrew S. Baker *Sent:* March 21, 2013 6:38 PM *To:* NT System Admin Issues *Subject:* OT: Career and Social Media http://www.dilbert.com/fast/2013-03-21/ This is the new reality, folks. You don't have to *embrace* it, but to fight it is going to be career limiting . Within 5 years, it will be a major factor in employment... Who knows about you is becoming as important as what you know. -ASB: http://XeeMe.com/AndrewBaker ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin --_ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Career and Social Media
Perhaps I am, but I don't think so - for instance, LinkedIn is trying to become the Facebook of the business set, and harvest data for sale in one form or another. I'll put it this way: if it's a free service on the Internet, you're paying in the form of data harvesting, and that's almost certainly true even after you start paying for a service that was free. On the other hand, a blog, if you have something to say in that form, certainly can be useful for finding an audience, but it requires time to do well, and also isn't something to which I want to dedicate my time. On the gripping hand, social media isn't well-defined, and probably means many things to many people. This list is an example - is it social media? While it's free to us, it's, AFAICT, one of the few places I visit (and I use that term loosely, because I don't sign on to the forum, I only post via email) that doesn't harvest data, or if they do, I haven't seen evidence of it. Sunbelt/GFI does get a fair amount of goodwill out of however, and I'm really grateful for the service. And, this list is certainly how I do some of my networking. But in the main, I find what most people consider social media (facebook, linkedin, friendster, myspace, twitter, etc.) to be nothing more than short attention span theater, along with TV, and would rather be spending real time with either friends or a book. Kurt On Thu, Mar 21, 2013 at 8:58 PM, Ken Schaefer k...@adopenstatic.com wrote: Networking has always been important to finding work. You used to do it at work, user groups etc. Now you can also do it via LinkedIn or a blog etc. I think you’re confusing Facebook (a specific social media implementation) with digital networking/reputation (as a general concept) Cheers Ken From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 22 March 2013 1:51 PM To: NT System Admin Issues Subject: Re: OT: Career and Social Media +1000 I do not have a facebook account, nor any other social media account other than LinkedIn. Work and personal life are as separate as I can make them. Social media is a time stealer and a privacy invader. Kurt On Thu, Mar 21, 2013 at 5:47 PM, Jon Harris jk.har...@live.com wrote: I am glad I am getting close to the end of my career. I really dislike using things like Facebook for anything more than keeping in touch with family/friends. LinkedIN is about the only social media I use for business. I like to keep the two very separate from each other. Jon From: rodtr...@myitforum.com To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: OT: Career and Social Media Date: Thu, 21 Mar 2013 22:49:52 + I can attest to that. My last two jobs have come because social media. Sent from Microsoft Surface Pro From: Andrew S. Baker Sent: March 21, 2013 6:38 PM To: NT System Admin Issues Subject: OT: Career and Social Media http://www.dilbert.com/fast/2013-03-21/ This is the new reality, folks. You don't have to embrace it, but to fight it is going to be career limiting . Within 5 years, it will be a major factor in employment... Who knows about you is becoming as important as what you know. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Internet Census 2012: Port scanning using insecure embedded devices
On Wed, Mar 20, 2013 at 5:28 AM, Andrew S. Baker asbz...@gmail.com wrote: Today's interesting read: http://internetcensus2012.bitbucket.org/paper.html I don't know whether to laugh or cry - that's really clever and really disappointing at the same time. And, it's going to be replicated, with far less benign intent, in about 30 seconds... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Internet Census 2012: Port scanning using insecure embedded devices
Yeah, I'm sure. Sad, ain't it... Kurt On Wed, Mar 20, 2013 at 7:26 AM, Jonathan Link jonathan.l...@gmail.com wrote: Too late... On Wed, Mar 20, 2013 at 10:20 AM, Kurt Buff kurt.b...@gmail.com wrote: On Wed, Mar 20, 2013 at 5:28 AM, Andrew S. Baker asbz...@gmail.com wrote: Today's interesting read: http://internetcensus2012.bitbucket.org/paper.html I don't know whether to laugh or cry - that's really clever and really disappointing at the same time. And, it's going to be replicated, with far less benign intent, in about 30 seconds... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Exchange mail archiving solution
On Tue, Mar 19, 2013 at 4:06 PM, Tigran K tigr...@gmail.com wrote: I'm looking for an open source or freeware or really inexpensive email archiving solutions. Any suggestions? Running Exchange 2010 and Outlook on all clients. Thanks Better to ask on the sister list to this one, for Exchange. However, this one has been around for a long time: https://www.mailarchiva.com/ There are a myriad of others, including from Barracuda, ranging in price from inexpensive to gold-plated and comes in a diamond-encrusted case. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Lync issue - something I don't quite understand...
Followup on my problem - it's solved, and here's what the problems(s) were and the solution(s) Turns out that not only did both NICs have a DG, but the one that was supposed to be present in the server subnet was in a switch port that was tagged in a completely unrelated VLAN. No connectivity on that port *at all*. Also, the NIC that was working had an address that wasn't correct - it didn't match my list of addresses. So, I did several things: o- Renamed the NICs to Internal and External, so that they're easy to track o- Readdressed the NICs to correct addresses o- Bound the Internal and External web sites to the proper IP addresses o- Moved the External NIC to the DMZ (Yes, I recognize the irony of that, given (especially my statements in) the recent conversation on DMZs and security, but I am constrained in my resources, and *have* to get this going . In my defense are the following: 1) there are *no* external users currently 2) There is no egress for this box through the DMZ, so basically no egress at all, since the DG is blocked for this machine and the static routes are only for internal subnets and 3) I plan on putting up an edge server under appropriate controls before we allow any external users. So there!) o- Set up static routes on the machine for all of the internal subnets for the internal NIC, and left the new DG on the external NIC. I found these to incantations to work just fine: netsh interface ipv4 add route subnet to be routed name of interface destination address netsh interface ipv4 delete route subnet being routed name of interface destination address I then noticed a whole bunch of errors in the application event log (41001 for LS LDM), and web conferencing didn't work any longer. The event read: Cannot initiate connection to Web Conferencing Edge Server. URL=tcp://poo01.example.com:8057, Error=0x80072AFC Cause: Invalid Web Conferencing Edge Server FQDN Resolution: Validate Web Conferencing Edge Server configuration Well, there is no edge server. An hour or so of googling was not hugely productive, so I tried to bang around in the the Lync Control Panel - but it wouldn't launch with the standard URL. I found that to be quite odd. However, I was able to get a couple of things up on the server by using the IIS manager and selecting browse by IP address. So, I changed the URL for the LCP to use the IP address, and it came up. I then noticed that there was an entry for Topology. I ran through that until I noticed where the old IP addresses were embedded. So, I published the toppolgy, and got a number of errors. Turns out the person who set this up did so with a DA account, and didn't use the server administrator account group I had set up as members of any of the groups for managing Lync. So, I visited all of the groups, added the appropriate server manager group to them, and was able to publish the topology. Done. Now it's back to unscrewing the backup process that he has so thoroughly pooched, and see if we can get an error-free backup to tape and offsite... Kurt On Wed, Feb 27, 2013 at 4:56 PM, Kurt Buff kurt.b...@gmail.com wrote: All, We've got a Lync 2010 infrastructure set up, but it's doing one little thing that I'm not liking. The server has two NICs - each in a different subnet. One is in the same subnet as the rest of our servers. The other is in a subnet that sits between our L3 switch and our firewall - it's not a DMZ. I didn't set this up, but I was told that the intention was to set up the second connection in the DMZ at the appropriate time for external access - that hasn't happened yet, and I wasn't involved in the install, and know little to nothing about Lync. The behavior I'm seeing is that I cannot ping the interface that's on the server subnet at all, including from machines on that subnet (I can't RDP to that IP address either). The name of the Lync server resolves to an IP address, and which one you get depends on the state of DNS - you might get back the one for the server subnet, or you might get back the other address. I can ping the other address just fine. So, where I'm going with this is: Both NICs have default gateways assigned, and in my experience, that's a largish mistake - only one interface should have a DG. I suspect this is causing some other problems that we are seeing as well However, the fellow who set this up swears that if I remove the DG from either NIC, Lync will break. So, do any of you here know enough about Lync to say if having only one DG will break it? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Lync issue - something I don't quite understand...
Oh, yeah - I also deselected Register with DNS on the NIC in the DMZ. Kurt On Fri, Mar 15, 2013 at 11:31 AM, Kurt Buff kurt.b...@gmail.com wrote: Followup on my problem - it's solved, and here's what the problems(s) were and the solution(s) Turns out that not only did both NICs have a DG, but the one that was supposed to be present in the server subnet was in a switch port that was tagged in a completely unrelated VLAN. No connectivity on that port *at all*. Also, the NIC that was working had an address that wasn't correct - it didn't match my list of addresses. So, I did several things: o- Renamed the NICs to Internal and External, so that they're easy to track o- Readdressed the NICs to correct addresses o- Bound the Internal and External web sites to the proper IP addresses o- Moved the External NIC to the DMZ (Yes, I recognize the irony of that, given (especially my statements in) the recent conversation on DMZs and security, but I am constrained in my resources, and *have* to get this going . In my defense are the following: 1) there are *no* external users currently 2) There is no egress for this box through the DMZ, so basically no egress at all, since the DG is blocked for this machine and the static routes are only for internal subnets and 3) I plan on putting up an edge server under appropriate controls before we allow any external users. So there!) o- Set up static routes on the machine for all of the internal subnets for the internal NIC, and left the new DG on the external NIC. I found these to incantations to work just fine: netsh interface ipv4 add route subnet to be routed name of interface destination address netsh interface ipv4 delete route subnet being routed name of interface destination address I then noticed a whole bunch of errors in the application event log (41001 for LS LDM), and web conferencing didn't work any longer. The event read: Cannot initiate connection to Web Conferencing Edge Server. URL=tcp://poo01.example.com:8057, Error=0x80072AFC Cause: Invalid Web Conferencing Edge Server FQDN Resolution: Validate Web Conferencing Edge Server configuration Well, there is no edge server. An hour or so of googling was not hugely productive, so I tried to bang around in the the Lync Control Panel - but it wouldn't launch with the standard URL. I found that to be quite odd. However, I was able to get a couple of things up on the server by using the IIS manager and selecting browse by IP address. So, I changed the URL for the LCP to use the IP address, and it came up. I then noticed that there was an entry for Topology. I ran through that until I noticed where the old IP addresses were embedded. So, I published the toppolgy, and got a number of errors. Turns out the person who set this up did so with a DA account, and didn't use the server administrator account group I had set up as members of any of the groups for managing Lync. So, I visited all of the groups, added the appropriate server manager group to them, and was able to publish the topology. Done. Now it's back to unscrewing the backup process that he has so thoroughly pooched, and see if we can get an error-free backup to tape and offsite... Kurt On Wed, Feb 27, 2013 at 4:56 PM, Kurt Buff kurt.b...@gmail.com wrote: All, We've got a Lync 2010 infrastructure set up, but it's doing one little thing that I'm not liking. The server has two NICs - each in a different subnet. One is in the same subnet as the rest of our servers. The other is in a subnet that sits between our L3 switch and our firewall - it's not a DMZ. I didn't set this up, but I was told that the intention was to set up the second connection in the DMZ at the appropriate time for external access - that hasn't happened yet, and I wasn't involved in the install, and know little to nothing about Lync. The behavior I'm seeing is that I cannot ping the interface that's on the server subnet at all, including from machines on that subnet (I can't RDP to that IP address either). The name of the Lync server resolves to an IP address, and which one you get depends on the state of DNS - you might get back the one for the server subnet, or you might get back the other address. I can ping the other address just fine. So, where I'm going with this is: Both NICs have default gateways assigned, and in my experience, that's a largish mistake - only one interface should have a DG. I suspect this is causing some other problems that we are seeing as well However, the fellow who set this up swears that if I remove the DG from either NIC, Lync will break. So, do any of you here know enough about Lync to say if having only one DG will break it? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http
Re: Virus outbreak action items endpoint management Q
On Fri, Mar 15, 2013 at 1:43 PM, David Lum david@nwea.org wrote: Do any of you have a documented process to follow if you have a widespread virus/malware outbreak? Covers things like what actions what teams take identify, mitigate, remediate, etc. Not now, but once I hire a new guy (I have interviews with 4 candidates next week), I'm going to be working on it. Related: How do you take endpoints that show “haven’t reported in 4 days” and differentiate between someone on vacation and their system being off, vs. a system that’s online but the agent is no longer working? (this applies to anything agent-based, actually). Can I ping it? If not, it's off, and I'm not worried about it. If I can ping it, and can't otherwise control it, there's a problem with the machine, and I'll go correct it. [for whatever value needed for correct it] Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Lync issue - something I don't quite understand...
Unfortunately starting over wasn't an option - too many people already using it and have contact lists built, so that got nixed. What's even better is that the manager of the department found a script to enable accounts for Lync, and ran it at the root of the domain - so now all of our service accounts, disabled accounts, and everything have Lync access. Some day I'm going to have to clean all of that up. Kurt On Fri, Mar 15, 2013 at 5:05 PM, Jon Harris jk.har...@live.com wrote: Ah wouldn't have been easier to just trash and start over, but congrats on finding and fixing most of the issues. When you get the backups working correctly you will at least know the correct way to set up Lync. Jon Date: Fri, 15 Mar 2013 11:33:42 -0700 Subject: Re: Lync issue - something I don't quite understand... From: kurt.b...@gmail.com To: ntsysadmin@lyris.sunbelt-software.com Oh, yeah - I also deselected Register with DNS on the NIC in the DMZ. Kurt On Fri, Mar 15, 2013 at 11:31 AM, Kurt Buff kurt.b...@gmail.com wrote: Followup on my problem - it's solved, and here's what the problems(s) were and the solution(s) Turns out that not only did both NICs have a DG, but the one that was supposed to be present in the server subnet was in a switch port that was tagged in a completely unrelated VLAN. No connectivity on that port *at all*. Also, the NIC that was working had an address that wasn't correct - it didn't match my list of addresses. So, I did several things: o- Renamed the NICs to Internal and External, so that they're easy to track o- Readdressed the NICs to correct addresses o- Bound the Internal and External web sites to the proper IP addresses o- Moved the External NIC to the DMZ (Yes, I recognize the irony of that, given (especially my statements in) the recent conversation on DMZs and security, but I am constrained in my resources, and *have* to get this going . In my defense are the following: 1) there are *no* external users currently 2) There is no egress for this box through the DMZ, so basically no egress at all, since the DG is blocked for this machine and the static routes are only for internal subnets and 3) I plan on putting up an edge server under appropriate controls before we allow any external users. So there!) o- Set up static routes on the machine for all of the internal subnets for the internal NIC, and left the new DG on the external NIC. I found these to incantations to work just fine: netsh interface ipv4 add route subnet to be routed name of interface destination address netsh interface ipv4 delete route subnet being routed name of interface destination address I then noticed a whole bunch of errors in the application event log (41001 for LS LDM), and web conferencing didn't work any longer. The event read: Cannot initiate connection to Web Conferencing Edge Server. URL=tcp://poo01.example.com:8057, Error=0x80072AFC Cause: Invalid Web Conferencing Edge Server FQDN Resolution: Validate Web Conferencing Edge Server configuration Well, there is no edge server. An hour or so of googling was not hugely productive, so I tried to bang around in the the Lync Control Panel - but it wouldn't launch with the standard URL. I found that to be quite odd. However, I was able to get a couple of things up on the server by using the IIS manager and selecting browse by IP address. So, I changed the URL for the LCP to use the IP address, and it came up. I then noticed that there was an entry for Topology. I ran through that until I noticed where the old IP addresses were embedded. So, I published the toppolgy, and got a number of errors. Turns out the person who set this up did so with a DA account, and didn't use the server administrator account group I had set up as members of any of the groups for managing Lync. So, I visited all of the groups, added the appropriate server manager group to them, and was able to publish the topology. Done. Now it's back to unscrewing the backup process that he has so thoroughly pooched, and see if we can get an error-free backup to tape and offsite... Kurt On Wed, Feb 27, 2013 at 4:56 PM, Kurt Buff kurt.b...@gmail.com wrote: All, We've got a Lync 2010 infrastructure set up, but it's doing one little thing that I'm not liking. The server has two NICs - each in a different subnet. One is in the same subnet as the rest of our servers. The other is in a subnet that sits between our L3 switch and our firewall - it's not a DMZ. I didn't set this up, but I was told that the intention was to set up the second connection in the DMZ at the appropriate time for external access - that hasn't happened yet, and I wasn't involved in the install, and know little to nothing about Lync. The behavior I'm seeing is that I cannot ping the interface that's on the server subnet at all, including
Re: Difference between port forwarding and DMZ
On Thu, Mar 14, 2013 at 8:22 AM, David Lum david@nwea.org wrote: What’s the risk difference between a server in a DMZ (firewalls on each end) and port forwarding from the Internet to a machine inside a network perimeter? Scenario : I have PC’s that use port to talk to a management server, I’m wondering of that server needs to be in the DMZ (with that port opened), or if forwarding that port through is functionally the same thing? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 Go back to the fundamentals. Why do you have a DMZ - that is, what is the fundamental reason that you have a DMZ? It is to have a place where you can put machines that are untrusted, but to which your production network (and perhaps other untrusted networks) need access. So, if it's untrusted, and you need access, what is the fundamental thing you *DON'T* do? You don't allow untrusted machines unrestricted access to your production network. In particular, you don't allow machines in the DMZ to initiate traffic to the production network. Machines in a DMZ should only respond to requests for traffic from the production network, or if they need to initiate traffic to the production network, that traffic should be strictly limited and throughly examined by a proxy that understands the traffic in question. So: o- Where are the machines located that need access to your management server? o- Does the server initiate any traffic, or is it just the clients? If all of the clients are in the production network, and you have all of them under your control, then putting the management server in the DMZ is not required. If the clients are both in and out of the production network, put the management server in a DMZ and make sure you have a firewall that understands the traffic (an application layer gateway, or proxy). Simple port forwarding doesn't examine the traffic. I'll make another sweeping statement here: Don't put any machine in the DMZ that requires membership in your production domain. At that point you don't have a DMZ, you merely have another subnet of your production network, and basically no protection. It's possible that TMG could act as a proxy for something like this, but I'd be very nervous about it. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Happy PI Day!
I'm waiting for Tau day: http://tauday.com/tau-manifesto Pi are squared? No, cornbread are square, pie are round... Kurt On Thu, Mar 14, 2013 at 10:03 AM, Heaton, Joseph@Wildlife joseph.hea...@wildlife.ca.gov wrote: In case someone out there didn’t know… Joe Heaton Enterprise Server Support CA Department of Fish and Wildlife 1807 13th Street, Suite 201 Sacramento, CA 95811 Desk: (916) 557-3422 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Difference between port forwarding and DMZ
Section 2.2 says This is a more secure approach because an attacker has to break both firewalls in order to get to the internal network. This is incorrect. All he has to do is subvert the machine in the DMZ, and he has access to all of the resources in the production network to which the machine in the DMZ has access. You've already done the work of subverting the second firewall. I suppose you could set up IPSec connections, or perhaps as suggested an SSL tunnel, but ISTM that it my caveat about the subverted machine in the DMZ still holds. Kurt On Thu, Mar 14, 2013 at 11:34 AM, David Lum david@nwea.org wrote: I'll make another sweeping statement here: Don't put any machine in the DMZ that requires membership in your production domain. At that point you don't have a DMZ, you merely have another subnet of your production network, and basically no protection. How does this work, then? RDS Gateway servers need to be domain-joined http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-in-a-perimeter-network-firewall-rules.aspx Dave -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 14, 2013 9:34 AM To: NT System Admin Issues Subject: Re: Difference between port forwarding and DMZ On Thu, Mar 14, 2013 at 8:22 AM, David Lum david@nwea.org wrote: What’s the risk difference between a server in a DMZ (firewalls on each end) and port forwarding from the Internet to a machine inside a network perimeter? Scenario : I have PC’s that use port to talk to a management server, I’m wondering of that server needs to be in the DMZ (with that port opened), or if forwarding that port through is functionally the same thing? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 Go back to the fundamentals. Why do you have a DMZ - that is, what is the fundamental reason that you have a DMZ? It is to have a place where you can put machines that are untrusted, but to which your production network (and perhaps other untrusted networks) need access. So, if it's untrusted, and you need access, what is the fundamental thing you *DON'T* do? You don't allow untrusted machines unrestricted access to your production network. In particular, you don't allow machines in the DMZ to initiate traffic to the production network. Machines in a DMZ should only respond to requests for traffic from the production network, or if they need to initiate traffic to the production network, that traffic should be strictly limited and throughly examined by a proxy that understands the traffic in question. So: o- Where are the machines located that need access to your management server? o- Does the server initiate any traffic, or is it just the clients? If all of the clients are in the production network, and you have all of them under your control, then putting the management server in the DMZ is not required. If the clients are both in and out of the production network, put the management server in a DMZ and make sure you have a firewall that understands the traffic (an application layer gateway, or proxy). Simple port forwarding doesn't examine the traffic. I'll make another sweeping statement here: Don't put any machine in the DMZ that requires membership in your production domain. At that point you don't have a DMZ, you merely have another subnet of your production network, and basically no protection. It's possible that TMG could act as a proxy for something like this, but I'd be very nervous about it. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Happy PI Day!
I'd rather be transcendental... Kurt On Thu, Mar 14, 2013 at 12:05 PM, James Edwards jedwa...@mail.sdsu.edu wrote: Remember celebrate Pi Day by being irrational. Jim On 3/14/13 10:54 AM, Kurt Buff wrote: I'm waiting for Tau day: http://tauday.com/tau-manifesto Pi are squared? No, cornbread are square, pie are round... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Difference between port forwarding and DMZ
That's certainly a major improvement. And, if all that's happening is that managed machines are initiating the conversations to the machine in the DMZ, that should be sufficient, as long as the machine in the DMZ can't initiate conversations with the production subnets, I'd probably be fairly comfortable with that. Specifically, WSUS works on that model (though it doesn't require auth, or AD), and until I stood up DirectAccess, I thought hard about standing up that for our long-term mobile users. I'd then be more concerned about host security for the machine in the DMZ, and wanting to make sure that it's not handing out nastiness to the managed machines that are talking to it. Kurt On Thu, Mar 14, 2013 at 3:19 PM, Ken Schaefer k...@adopenstatic.com wrote: In general (not specifically to address this RDS issue): You could create a second Forest in the DMZ, which trusts the internal Forest, but not the other way around. Whilst the host In the DMZ would have FW ports open to internal hosts, it has no access, per se, to any internal hosts, and simply subverting the DMZ host doesn't give you any access to anything internally. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 15 March 2013 6:04 AM To: NT System Admin Issues Subject: Re: Difference between port forwarding and DMZ Section 2.2 says This is a more secure approach because an attacker has to break both firewalls in order to get to the internal network. This is incorrect. All he has to do is subvert the machine in the DMZ, and he has access to all of the resources in the production network to which the machine in the DMZ has access. You've already done the work of subverting the second firewall. I suppose you could set up IPSec connections, or perhaps as suggested an SSL tunnel, but ISTM that it my caveat about the subverted machine in the DMZ still holds. Kurt On Thu, Mar 14, 2013 at 11:34 AM, David Lum david@nwea.org wrote: I'll make another sweeping statement here: Don't put any machine in the DMZ that requires membership in your production domain. At that point you don't have a DMZ, you merely have another subnet of your production network, and basically no protection. How does this work, then? RDS Gateway servers need to be domain-joined http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-i n-a-perimeter-network-firewall-rules.aspx Dave -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, March 14, 2013 9:34 AM To: NT System Admin Issues Subject: Re: Difference between port forwarding and DMZ On Thu, Mar 14, 2013 at 8:22 AM, David Lum david@nwea.org wrote: What’s the risk difference between a server in a DMZ (firewalls on each end) and port forwarding from the Internet to a machine inside a network perimeter? Scenario : I have PC’s that use port to talk to a management server, I’m wondering of that server needs to be in the DMZ (with that port opened), or if forwarding that port through is functionally the same thing? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 Go back to the fundamentals. Why do you have a DMZ - that is, what is the fundamental reason that you have a DMZ? It is to have a place where you can put machines that are untrusted, but to which your production network (and perhaps other untrusted networks) need access. So, if it's untrusted, and you need access, what is the fundamental thing you *DON'T* do? You don't allow untrusted machines unrestricted access to your production network. In particular, you don't allow machines in the DMZ to initiate traffic to the production network. Machines in a DMZ should only respond to requests for traffic from the production network, or if they need to initiate traffic to the production network, that traffic should be strictly limited and throughly examined by a proxy that understands the traffic in question. So: o- Where are the machines located that need access to your management server? o- Does the server initiate any traffic, or is it just the clients? If all of the clients are in the production network, and you have all of them under your control, then putting the management server in the DMZ is not required. If the clients are both in and out of the production network, put the management server in a DMZ and make sure you have a firewall that understands the traffic (an application layer gateway, or proxy). Simple port forwarding doesn't examine the traffic. I'll make another sweeping statement here: Don't put any machine in the DMZ that requires membership in your production domain. At that point you don't have a DMZ, you merely have another subnet of your production network, and basically no protection. It's possible that TMG could act as a proxy for something like this, but I'd be very nervous about
Re: Keeping 550+ systems maintained
On Tue, Mar 12, 2013 at 7:39 AM, David Lum david@nwea.org wrote: Scenario: · 550 Windows workstations, with 100+ of them remote. · Active Directory (W2K8R2 and W2K3 DCs). · Windows 7 and Windows XP. · Users are local admins. · Some remote users VPN in daily, others only VPN in once/month, a few others almost never · 30+ onsite users frequently jump between wired and wireless (in my experience this occasionally trips up DNS and thus management agents for a bit) · Systems are cycled out at the rate of about 30 machines every quarter (relevant because finding a noncompliant machine often means knows if a system has been decommissioned or not). Systems are not always immediately removed from AD for various reasons. Task: Keep them up to date on anti-virus and patches, incl. 3rd party (Java/Adobe/Chrome/etc.). This includes coordinating (with select users) installing/testing the patches on their systems before full rollout to the rest of the org. Is this enough info to give a SWAG for how many hours/week you would you tell management this would take? A rough number works. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 The remotes are the ones that are going to kill you. Travel time will eat up a lot of your days, because if they don't VPN in regularly, they'll fall out of date far too fast for you to keep up - witness the recent spate of Java and Adobe patches just this month - that's not going to get better any time soon.. A WSUS installation on a public IP address can mitigate a lot of that, but not all of it. Any chance of getting Win7/8 Enterprise into the hands of the remote users? DirectAccess is a powerful tool. Really, it all depends on the tools available and the policies in place and how they are enforced, and I would have to know more about those before I could make any kind of commitment Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Interesting article on configuring IPSec natively for Win 7
[HowTo] - Windows IPSec VPN without 3rd party IPSec client http://forum.pfsense.org/index.php?topic=55754.0 It can probably be made to work with IPSec connectionsother than pfsense/racoon as well. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: apipa scripting?
Yeah - but I haven't ever used that range in production, so I always have to look it up. I always seem to get into my head that it's a /20, or something like that, and I know that's wrong, so I just go look at the RFC to refresh my memory. Kurt On Sat, Mar 9, 2013 at 7:26 PM, Andrew S. Baker asbz...@gmail.com wrote: 172.16.0.0/whatever Well, it's 172.16.0.0 to 172.31.255.255, so it's a block out of a /16 network. *ASB **http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker* **Providing Virtual CIO Services (IT Operations Information Security) for the SMB market…*** On Fri, Mar 8, 2013 at 4:59 PM, Kurt Buff kurt.b...@gmail.com wrote: Three things: 1) DHCP is your best bet for managing addresses - don't get rid of it, use it. Reservations and exclusions are there for good reasons, as well as standard (DNS, and DG assignment) and vendor-defined (VoIP, etc.) options, etc.. APIPA is meant for unmanaged (AKA broken) networks. 2) Please don't use the address ranges you've mentioned below, unless you will not, in your lifetime plus 20 years, have anyone accessing your network via VPN. 192.168.0.0/24 and 192.168.1.0/24 are the default subnets for consumer routers/firewalls, and almost nobody changes them. Having the same subnets at the source and destination nets is a recipe for major hair-pulling. Choose a your /24s from the upper ranges of the 192.168.0.0/16, or from either of the other two RFC1918 subnets (10.0.0.0/8, and 172.16.0.0/whatever - I can never remember the netmask for that one), and save yourself a lot of frustration. 3) Depending on your environment, you might well wish to consider having three /24s - having a guest wireless subnet is a good thing for most situation. Kurt On Fri, Mar 8, 2013 at 1:07 PM, S Powell powe...@gmail.com wrote: We are running DHCP now, we are just looking to get rid of it as we change some things around. We're looking to tie addresses together, so that we have static ethernet addresses on the 192.168.0.x range where x = the machine ID and have the static wifi addresses be in the 192.168.1.x range So if I see something on x.x.x.45 I know at a glance that it can only be one computer. It eliminates ambiguity. On Fri, Mar 8, 2013 at 12:22 PM, Matthew W. Ross mr...@ephrataschools.org wrote: We’d like to use apipa to assign a static IP address to the wifi adapters; so that we can turn off DHCP in the office, and yet allowh DHCP when not in the office. Why do you not want a DHCP server? --Matt Ross Ephrata School District - Original Message - From: S Powell [mailto:powe...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Fri, 08 Mar 2013 11:57:45 -0800 Subject: apipa scripting? My google-Fu has failed, does anyone know how to script apipa configuration? Automatic private IP addressing (normally it is that 169… address you get when something is wrong with your networking) We are doing this using the alternative configuration tab under ipv4 properties that is enabled when you select DHCP. I’d like to be able to script this process and not do every computer in the office by hand. We’d like to use apipa to assign a static IP address to the wifi adapters; so that we can turn off DHCP in the office, and yet allow DHCP when not in the office. Thanks. Sean ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read
Re: apipa scripting?
Three things: 1) DHCP is your best bet for managing addresses - don't get rid of it, use it. Reservations and exclusions are there for good reasons, as well as standard (DNS, and DG assignment) and vendor-defined (VoIP, etc.) options, etc.. APIPA is meant for unmanaged (AKA broken) networks. 2) Please don't use the address ranges you've mentioned below, unless you will not, in your lifetime plus 20 years, have anyone accessing your network via VPN. 192.168.0.0/24 and 192.168.1.0/24 are the default subnets for consumer routers/firewalls, and almost nobody changes them. Having the same subnets at the source and destination nets is a recipe for major hair-pulling. Choose a your /24s from the upper ranges of the 192.168.0.0/16, or from either of the other two RFC1918 subnets (10.0.0.0/8, and 172.16.0.0/whatever - I can never remember the netmask for that one), and save yourself a lot of frustration. 3) Depending on your environment, you might well wish to consider having three /24s - having a guest wireless subnet is a good thing for most situation. Kurt On Fri, Mar 8, 2013 at 1:07 PM, S Powell powe...@gmail.com wrote: We are running DHCP now, we are just looking to get rid of it as we change some things around. We're looking to tie addresses together, so that we have static ethernet addresses on the 192.168.0.x range where x = the machine ID and have the static wifi addresses be in the 192.168.1.x range So if I see something on x.x.x.45 I know at a glance that it can only be one computer. It eliminates ambiguity. On Fri, Mar 8, 2013 at 12:22 PM, Matthew W. Ross mr...@ephrataschools.org wrote: We’d like to use apipa to assign a static IP address to the wifi adapters; so that we can turn off DHCP in the office, and yet allowh DHCP when not in the office. Why do you not want a DHCP server? --Matt Ross Ephrata School District - Original Message - From: S Powell [mailto:powe...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Fri, 08 Mar 2013 11:57:45 -0800 Subject: apipa scripting? My google-Fu has failed, does anyone know how to script apipa configuration? Automatic private IP addressing (normally it is that 169… address you get when something is wrong with your networking) We are doing this using the alternative configuration tab under ipv4 properties that is enabled when you select DHCP. I’d like to be able to script this process and not do every computer in the office by hand. We’d like to use apipa to assign a static IP address to the wifi adapters; so that we can turn off DHCP in the office, and yet allow DHCP when not in the office. Thanks. Sean ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Is 'complicit' and 'compliant' the same as 'condoning'?
Perhaps someone should ask them a more pointed question... http://www.businessweek.com/articles/2013-03-08/skypes-been-hijacked-in-china-and-microsoft-is-o-dot-k-dot-with-it ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Semi-OT: Vsphere shutdown
Outstanding. It's always a bit nerve-wracking to perform major maintenance on such a complex configuration, regardless of scale. Kurt On Tue, Mar 5, 2013 at 7:25 AM, Richard Stovall rich...@gmail.com wrote: It has now been a bit over 24 hours since I brought the datacenter back online and, so far, everything seems to be running smoothly. Thanks to everyone for the help and suggestions. Richard On Sat, Mar 2, 2013 at 12:28 PM, Ben Scott mailvor...@gmail.com wrote: On Sat, Mar 2, 2013 at 5:50 AM, Ken Schaefer k...@adopenstatic.com wrote: Know who you need to call, in case things (storage, servers, apps, whatever) don’t come back up. You don’t want to be trying to find phone numbers when everything’s going to the dogs. Come to think of it, you way want some independent infrastructure ready in case the main stuff doesn't come back up, so you can at least get an Internet connection up and running to do things like browse knowledge bases. Might be as simple as a small router configured for DHCP and a couple laptops that can operate without checking in with the mothership. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Details of the February 22nd 2013 Windows Azure Storage Disruption
Agreed - human error. I'd suggest that it would be better to package that update not quite as far out - say a week, maybe two - and it's much more likely that the package would be correctly marked. Kurt On Tue, Mar 5, 2013 at 9:58 AM, Michael B. Smith mich...@smithcons.com wrote: But at the most basic level – it was a human error (as I read it). “Someone” didn’t mark the update package as a critical update. Arguably (and I can see this), because the package had 5 weeks before it was required… From: Tim Evans [mailto:tev...@sparling.com] Sent: Tuesday, March 5, 2013 12:44 PM To: NT System Admin Issues Subject: Details of the February 22nd 2013 Windows Azure Storage Disruption http://blogs.msdn.com/b/windowsazure/archive/2013/03/01/details-of-the-february-22nd-2013-windows-azure-storage-disruption.aspx It sounds like they had procedures in place to prevent this from happening, but they didn't work. …Tim ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Details of the February 22nd 2013 Windows Azure Storage Disruption
On Tue, Mar 5, 2013 at 10:28 AM, Ben Scott mailvor...@gmail.com wrote: On Tue, Mar 5, 2013 at 12:43 PM, Tim Evans tev...@sparling.com wrote: http://blogs.msdn.com/b/windowsazure/archive/2013/03/01/details-of-the-february-22nd-2013-windows-azure-storage-disruption.aspx I give MSFT credit for doing a good analysis and *publishing it*. A lot of companies just say Sorry, we've fixed it, and we promise it'll never happen again (and this time, we really mean it) over and over. Good on them for that. -- Ben Indeed. (tm) Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Standards and confusion - IPv6, Apple and Exchange
Detective work, and the perils of unclear RFCs http://labs.apnic.net/blabs/?p=309 Well worth a read, IMHO, especially since IPv6 looms ever closer for all of us. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Semi-OT: Vsphere shutdown
On Fri, Mar 1, 2013 at 8:52 AM, Richard Stovall rich...@gmail.com wrote: In a few days time I will have to completely shutdown my datacenter for some electrical maintenance. (Yes, I'm nervous. It's been online non-stop for 6.5 years.) I have 3 Vsphere ESX 4.1 hosts that I need to shutdown along with everything else. My vcenter server is virtualized. Two questions: 1) Do I need to put the hosts into maintenance mode before powering them off? All of the VMs will already be powered off. 1) I can poweroff two of the hosts using the vcenter client, but after I shutdown the vcenter VM how should I poweroff the final host? Just connect the client directly to the host and shut it down that way? I can't think why this wouldn't work. Thanks in advance, o- If you have a physical DC with DNS, power off that last, and power it up first. o- Make sure that VMs aren't set to boot at power on. Otherwise, that looks really good - not that I'm an expert, but I've already had to do this once for exactly the same reason. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Semi-OT: Vsphere shutdown
And the way to do that is to set your VMs not to autoboot at power up of the hosts... Kurt On Fri, Mar 1, 2013 at 8:59 AM, John Cook john.c...@pfsf.org wrote: That’s perfectly fine. I’d make sure your VCenter is set to be the first VM to come up at reboot. John W. Cook Network Operations Manager Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Richard Stovall [mailto:rich...@gmail.com] Sent: Friday, March 01, 2013 11:53 AM To: NT System Admin Issues Subject: Semi-OT: Vsphere shutdown In a few days time I will have to completely shutdown my datacenter for some electrical maintenance. (Yes, I'm nervous. It's been online non-stop for 6.5 years.) I have 3 Vsphere ESX 4.1 hosts that I need to shutdown along with everything else. My vcenter server is virtualized. Two questions: 1) Do I need to put the hosts into maintenance mode before powering them off? All of the VMs will already be powered off. 1) I can poweroff two of the hosts using the vcenter client, but after I shutdown the vcenter VM how should I poweroff the final host? Just connect the client directly to the host and shut it down that way? I can't think why this wouldn't work. Thanks in advance, RS ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Semi-OT: Vsphere shutdown
On Fri, Mar 1, 2013 at 8:52 AM, Richard Stovall rich...@gmail.com wrote: In a few days time I will have to completely shutdown my datacenter for some electrical maintenance. (Yes, I'm nervous. It's been online non-stop for 6.5 years.) I have 3 Vsphere ESX 4.1 hosts that I need to shutdown along with everything else. My vcenter server is virtualized. Two questions: 1) Do I need to put the hosts into maintenance mode before powering them off? All of the VMs will already be powered off. 1) I can poweroff two of the hosts using the vcenter client, but after I shutdown the vcenter VM how should I poweroff the final host? Just connect the client directly to the host and shut it down that way? I can't think why this wouldn't work. Thanks in advance, RS One more thing... If you have a multi-site environment, and your connectivity to the other sites will be affected, then when bringing things back up, make sure you have connectivity to the other sites before bringing up your DC - so firewall/router/VPN connections before the DC, in this case. Then, make sure your DC is communicating with DCs in other sites before bringing up the rest of the infrastructure. It's not that I think that anything *bad* will happen if you do it out of order - but it gave me much more peace of mind when I did that. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Semi-OT: Vsphere shutdown
Probably a good idea to have the DC with the FSMO roles be the last one down and the first one up. Kurt On Fri, Mar 1, 2013 at 10:30 AM, Richard Stovall rich...@gmail.com wrote: I've got two physical DCs and one virtual at this site. The physical ones are one traditional rack server and one blade. The blade doesn't use any SAN storage, but I don't plan to bring it back up until the SAN is completely online. On Fri, Mar 1, 2013 at 1:15 PM, John Cook john.c...@pfsf.org wrote: One more thing - If you don't have a physical DC in that location boot that first - it'll save you loads of suffering. I keep a physical and virtual DC for this very reason. John W. Cook Network Operations Manager Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 -Original Message- From: Stringham, Steven [mailto:sstri...@lrlaw.com] Sent: Friday, March 01, 2013 12:57 PM To: NT System Admin Issues Subject: RE: Semi-OT: Vsphere shutdown Get your order dependence list down. Make a list of all the services/servers and decide what order they should be shut down in and what order they can come back up. I did this recently (moved my datacenter to another location) and it made all the difference to have hashed that out and have a full list to check box as things went down and came back up. Provide this list to your team, and walk through the list multiple times with them as you go. Don't forget to add switches/routers/fibrechannel switches/firewalls/SANs/NASs/managed power strips/etc. to the list. Everything matters. Get a config backup of these on a external device (thumbdrive/laptop) and do a write mem on them before powering them down. Make a note of where the SQL servers are in that list - as well as the vcenter server. Is it hosting it's own database is or is it elsewhere. Also, make a note of which physical host that the vcenter server was on so you can connect to it directly to bring it back up. Make sure you have whatever config cables available to connect directly to the switches/routers etc. in case of trouble on powering back up. Good luck. Steven Stringham -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, March 01, 2013 10:25 AM To: NT System Admin Issues Subject: Re: Semi-OT: Vsphere shutdown On Fri, Mar 1, 2013 at 8:52 AM, Richard Stovall rich...@gmail.com wrote: In a few days time I will have to completely shutdown my datacenter for some electrical maintenance. (Yes, I'm nervous. It's been online non-stop for 6.5 years.) I have 3 Vsphere ESX 4.1 hosts that I need to shutdown along with everything else. My vcenter server is virtualized. Two questions: 1) Do I need to put the hosts into maintenance mode before powering them off? All of the VMs will already be powered off. 1) I can poweroff two of the hosts using the vcenter client, but after I shutdown the vcenter VM how should I poweroff the final host? Just connect the client directly to the host and shut it down that way? I can't think why this wouldn't work. Thanks in advance, RS One more thing... If you have a multi-site environment, and your connectivity to the other sites will be affected, then when bringing things back up, make sure you have connectivity to the other sites before bringing up your DC - so firewall/router/VPN connections before the DC, in this case. Then, make sure your DC is communicating with DCs in other sites before bringing up the rest of the infrastructure. It's not that I think that anything *bad* will happen if you do it out of order - but it gave me much more peace of mind when I did that. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- For more information about Lewis and Roca LLP, please go to www.lewisandroca.com. Phoenix (602)262-5311 Reno (775)823-2900 Tucson (520)622-2090Albuquerque (505)764-5400 Las Vegas (702)949-8200 Silicon Valley (650)391-1380 This message is intended only for the use of the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender of this E-Mail by return E-Mail or by telephone. In accordance
Re: Lync issue - something I don't quite understand...
That's exactly what I did on my UAG machine. On Thu, Feb 28, 2013 at 5:54 AM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: And if that doesn't work for some reason, we're using static routes on 2008 R2 via the route command with no issues--that should still do the trick. I have a cmd script for adding and one for removing (when someone changes something so we can update and re-add). The catch is we just have to remember to run it as administrator. We have one server subnet where they all need to have a pile of routes added, so the scripts make it easier to prevent typos. -Bonnie -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, February 27, 2013 6:56 PM To: NT System Admin Issues Subject: Re: Lync issue - something I don't quite understand... Thanks. I'll try it again. Kurt On Wed, Feb 27, 2013 at 6:10 PM, Sean Martin seanmarti...@gmail.com wrote: I haven't had any issues using the following syntax: netsh interface ipv4 add route network/bitmask NIC name gateway IP - Sean On Wed, Feb 27, 2013 at 4:33 PM, Kurt Buff kurt.b...@gmail.com wrote: Good idea on the DNS setting on the NIC. Thanks for that. I'll do that for the one with the DG when I switch it to the DMZ. I've managed many static routes (including on UAG 2010), so that's not a problem. But, I've noticed that Win2k8 R2 didn't seem to like it when I added them via netsh - I probably used the wrong incantation for my UAG machine, and ended up using the old route command I know and love. Got a tip for me there? Kurt On Wed, Feb 27, 2013 at 5:26 PM, Sean Martin seanmarti...@gmail.com wrote: In addition to what Michael already stated, disable DNS registration on the NIC you don't want registering in DNS. Get used to managing static routes. - Sean On Wed, Feb 27, 2013 at 4:08 PM, Michael B. Smith mich...@smithcons.com wrote: Having multiple DGs is wrong. There can only be one default. Windows behavior is non-deterministic when you have specified multiple default gateways. Almost certainly, the interior one needs to be eliminated and replaced by either a routing table or a set of manual routes. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, February 27, 2013 7:56 PM To: NT System Admin Issues Subject: Lync issue - something I don't quite understand... All, We've got a Lync 2010 infrastructure set up, but it's doing one little thing that I'm not liking. The server has two NICs - each in a different subnet. One is in the same subnet as the rest of our servers. The other is in a subnet that sits between our L3 switch and our firewall - it's not a DMZ. I didn't set this up, but I was told that the intention was to set up the second connection in the DMZ at the appropriate time for external access - that hasn't happened yet, and I wasn't involved in the install, and know little to nothing about Lync. The behavior I'm seeing is that I cannot ping the interface that's on the server subnet at all, including from machines on that subnet (I can't RDP to that IP address either). The name of the Lync server resolves to an IP address, and which one you get depends on the state of DNS - you might get back the one for the server subnet, or you might get back the other address. I can ping the other address just fine. So, where I'm going with this is: Both NICs have default gateways assigned, and in my experience, that's a largish mistake - only one interface should have a DG. I suspect this is causing some other problems that we are seeing as well However, the fellow who set this up swears that if I remove the DG from either NIC, Lync will break. So, do any of you here know enough about Lync to say if having only one DG will break it? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
Webster's question is very timely...
I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Webster's question is very timely...
Well, following your thread I've already been warned off of Seagate, so that shouldn't bite me... Kurt On Thu, Feb 28, 2013 at 11:45 AM, Webster webs...@carlwebster.com wrote: I had a Seagate external eSata drive but it died 3 months after I got it! The warrant had already expired because it sat on the shelf at OfficeMax too long. That sucks. It was a 2TB drive and I used it for storing my VMs off of my Win7 laptop (that I had at the time). Thanks Webster -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 28, 2013 1:37 PM To: NT System Admin Issues Subject: Webster's question is very timely... I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Webster's question is very timely...
That's a good thought - pluggability is somewhat important. On Thu, Feb 28, 2013 at 11:46 AM, David Lum david@nwea.org wrote: USB3.0 as it will plug into more things . I have found USB 3.0 will transfer the same speed as my eSATA (ie. from SATA -- USB 3.0 is as fast as SATA -- eSATA, or roughly 80-110MB/s). USB 3.0 truly rocks. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 28, 2013 11:37 AM To: NT System Admin Issues Subject: Webster's question is very timely... I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Webster's question is very timely...
On Thu, Feb 28, 2013 at 11:47 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Feb 28, 2013 at 2:36 PM, Kurt Buff kurt.b...@gmail.com wrote: So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? I'd go with eSATA if available. I expect any USB3 drive on the market today is using a USB-to-SATA bridge internally. By eliminating that, you eliminate a point-of-failure, and possibly increase performance as well (even the best logic is going to be slower than a straight wire). -- Ben I like fewer points of failure, but if in real world circumstances the throughput difference is negligible, then it's down to pluggability vs. reliability. I think reliability is going to be more brand-specific, too. I wonder if there's any real price difference. Time to do a little research on that front. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS reporting/monitoring free tool
Fire up Wireshark on a mirror port on the switch to which those clients are attached, and see what's happening. BTW - don't just filter for traffic between the web server and the client - make sure to capture all of the packets to and from the clients during the test (though you will want to have no other applications open on the clients to keep the traffic clean). You might be surprised by DNS resolution slowness, bad cables or NICs, or something else... Kurt On Thu, Feb 28, 2013 at 10:13 AM, itli...@imcu.com itli...@imcu.com wrote: That is basically it. The application developer says that brute force testing on my server shows response time for 1000 pages on 10 accounts concurrently have an average 1.55 second response with is below their required 2.00 response. But the users are showing as much as 5 minutes from Get to Post. On their workstation on a 10/100 switch. No WAN traffic all on the same LAN and same SWITCH for 20 of the 23 users. So I am game for anything I can do to show the developer there are issues my users can not live with. But for now I am limited to their tools and their results. Thanks for all the help. From: Ken Schaefer [mailto:k...@adopenstatic.com] Posted At: Wednesday, February 27, 2013 5:01 PM Posted To: itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: RE: IIS reporting/monitoring free tool The best way you are going to get a true picture of this if is you run the tool on the client machine, or at the client’s location. Not on the server. On the server you can look at the Time-Taken field in the IIS logs to get some idea of how long it takes IIS to put the page onto the wire. That’s not the same as the client actually receiving the packet, and doesn’t take into account any proxies, accelerators, caches etc. between the server and the client. Anyway, if you have some more requirements, then perhaps we can help with your searching. Cheers Ken From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Thursday, 28 February 2013 7:56 AM To: NT System Admin Issues Subject: RE: IIS reporting/monitoring free tool Solarwinds, didn’t give me the results I wanted, I need to know how long each page is taken to return to the client workstations for a particular app. Couldn’t get AWSTATS to even give me one result.(Had it working on another server last year but can not get this one to configure properly.) IIS reporter but it is only giving me active connections to IIS not per page or duration times? I saw Beta 7.0 had a IIS reporting tool but dev decided it wasn’t need for admin tools of IIS 7.5??? Seems like that would be a good thing, unless they were borrowing someones code to get their results??? Anyways, thought I would try here?? From: Andrew S. Baker [mailto:asbz...@gmail.com] Posted At: Tuesday, February 26, 2013 10:31 AM Posted To: itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: Re: IIS reporting/monitoring free tool Given the number of google entries that cover this request, what have you already ruled out and why? ASB http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market… On Tue, Feb 26, 2013 at 10:19 AM, itli...@imcu.com itli...@imcu.com wrote: Looking for a free IIS monitoring or reporting tool for IIS 7.5 on server 2008 r2. Any suggestions? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS reporting/monitoring free tool
That's pretty cool. I'm going to try that. Kurt On Thu, Feb 28, 2013 at 12:02 PM, Kevin Lundy klu...@gmail.com wrote: I think you are looking for something like http watch http://www.httpwatch.com/ On Thu, Feb 28, 2013 at 1:13 PM, itli...@imcu.com itli...@imcu.com wrote: That is basically it. The application developer says that brute force testing on my server shows response time for 1000 pages on 10 accounts concurrently have an average 1.55 second response with is below their required 2.00 response. But the users are showing as much as 5 minutes from Get to Post. On their workstation on a 10/100 switch. No WAN traffic all on the same LAN and same SWITCH for 20 of the 23 users. So I am game for anything I can do to show the developer there are issues my users can not live with. But for now I am limited to their tools and their results. Thanks for all the help. From: Ken Schaefer [mailto:k...@adopenstatic.com] Posted At: Wednesday, February 27, 2013 5:01 PM Posted To: itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: RE: IIS reporting/monitoring free tool The best way you are going to get a true picture of this if is you run the tool on the client machine, or at the client’s location. Not on the server. On the server you can look at the Time-Taken field in the IIS logs to get some idea of how long it takes IIS to put the page onto the wire. That’s not the same as the client actually receiving the packet, and doesn’t take into account any proxies, accelerators, caches etc. between the server and the client. Anyway, if you have some more requirements, then perhaps we can help with your searching. Cheers Ken From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Thursday, 28 February 2013 7:56 AM To: NT System Admin Issues Subject: RE: IIS reporting/monitoring free tool Solarwinds, didn’t give me the results I wanted, I need to know how long each page is taken to return to the client workstations for a particular app. Couldn’t get AWSTATS to even give me one result.(Had it working on another server last year but can not get this one to configure properly.) IIS reporter but it is only giving me active connections to IIS not per page or duration times? I saw Beta 7.0 had a IIS reporting tool but dev decided it wasn’t need for admin tools of IIS 7.5??? Seems like that would be a good thing, unless they were borrowing someones code to get their results??? Anyways, thought I would try here?? From: Andrew S. Baker [mailto:asbz...@gmail.com] Posted At: Tuesday, February 26, 2013 10:31 AM Posted To: itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: Re: IIS reporting/monitoring free tool Given the number of google entries that cover this request, what have you already ruled out and why? ASB http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market… On Tue, Feb 26, 2013 at 10:19 AM, itli...@imcu.com itli...@imcu.com wrote: Looking for a free IIS monitoring or reporting tool for IIS 7.5 on server 2008 r2. Any suggestions? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: IIS reporting/monitoring free tool
Damn nice, Good work. Kurt On Thu, Feb 28, 2013 at 1:41 PM, Ziots, Edward ezi...@lifespan.org wrote: Nice one I totally didn’t know that on IE by default. ** ** And this is my first email as a newly minted CISA, ** ** Sincerely, EZ ** ** Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org ** ** This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. *[image: Description: Description: Lifespan]* ** ** ** ** *From:* Steven Peck [mailto:sep...@gmail.com] *Sent:* Thursday, February 28, 2013 4:24 PM *To:* NT System Admin Issues *Subject:* Re: IIS reporting/monitoring free tool ** ** For basic testing from a client machine you can also use F12 in IE. Go to Network, Start Capture Type in the URL Click around, do stuff. Stop Capture. It will at least get you response request information, various calls etc. and it's most likely on the client system already. That said, play around with the other tools, this just happens to already be there. :) On Thu, Feb 28, 2013 at 12:47 PM, Ziots, Edward ezi...@lifespan.org wrote: Fiddler can tell you some of the same information but httpwatch is a good tool to troubleshoot client side issues when looking at web information. Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 28, 2013 3:19 PM To: NT System Admin Issues Subject: Re: IIS reporting/monitoring free tool That's pretty cool. I'm going to try that. Kurt On Thu, Feb 28, 2013 at 12:02 PM, Kevin Lundy klu...@gmail.com wrote: I think you are looking for something like http watch http://www.httpwatch.com/ On Thu, Feb 28, 2013 at 1:13 PM, itli...@imcu.com itli...@imcu.com wrote: That is basically it. The application developer says that brute force testing on my server shows response time for 1000 pages on 10 accounts concurrently have an average 1.55 second response with is below their required 2.00 response. But the users are showing as much as 5 minutes from Get to Post. On their workstation on a 10/100 switch. No WAN traffic all on the same LAN and same SWITCH for 20 of the 23 users. So I am game for anything I can do to show the developer there are issues my users can not live with. But for now I am limited to their tools and their results. Thanks for all the help. From: Ken Schaefer [mailto:k...@adopenstatic.com] Posted At: Wednesday, February 27, 2013 5:01 PM Posted To: itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: RE: IIS reporting/monitoring free tool The best way you are going to get a true picture of this if is you run the tool on the client machine, or at the client’s location. Not on the server. On the server you can look at the Time-Taken field in the IIS logs to get some idea of how long it takes IIS to put the page onto the wire. That’s not the same as the client actually receiving the packet, and doesn’t take into account any proxies, accelerators, caches etc. between the server and the client. Anyway, if you have some more requirements, then perhaps we can help with your searching. Cheers Ken From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Thursday, 28 February 2013 7:56 AM To: NT System Admin Issues Subject: RE: IIS reporting/monitoring free tool Solarwinds, didn’t give me the results I wanted, I need to know how long each page is taken to return to the client workstations for a particular app. Couldn’t
Re: Webster's question is very timely...
At $350 and up, I think that's a little spendy. However, the 256gb versions might well fit in my budget. Kurt On Thu, Feb 28, 2013 at 2:53 PM, Ken Schaefer k...@adopenstatic.com wrote: USB3.0 - it is bus powered. Get a 512GB SSD, and put it into a USB3 enclosure. I have the Crucial M4 512GB - they can be had for a good price, plus 256GB internal SSD. Gives plenty of space for VMs in my experience. I also have a 128GB SD card for storing commonly used ISO files Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 1 March 2013 6:37 AM To: NT System Admin Issues Subject: Webster's question is very timely... I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Webster's question is very timely...
Agreed. At this point, however, with (at a guess) ~40gb per VM, that gives me about 6 VMs. For what I aim at doing, that should be sufficient. Kurt On Thu, Feb 28, 2013 at 4:00 PM, Ken Schaefer k...@adopenstatic.com wrote: If you think you can fit all your VMs onto a 256GB drive, then getting a 512GB would be a waste of money. In another year or two they'll be cheaper again and you can re-buy if you need more space down the track. However, if you need 256GB now, then I think $350 is a bargain for the space performance you get. I suppose it depends on what your time is worth to you. FWIW I paid about $500 for mine ~15 months ago. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 1 March 2013 10:53 AM To: NT System Admin Issues Subject: Re: Webster's question is very timely... At $350 and up, I think that's a little spendy. However, the 256gb versions might well fit in my budget. Kurt On Thu, Feb 28, 2013 at 2:53 PM, Ken Schaefer k...@adopenstatic.com wrote: USB3.0 - it is bus powered. Get a 512GB SSD, and put it into a USB3 enclosure. I have the Crucial M4 512GB - they can be had for a good price, plus 256GB internal SSD. Gives plenty of space for VMs in my experience. I also have a 128GB SD card for storing commonly used ISO files Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 1 March 2013 6:37 AM To: NT System Admin Issues Subject: Webster's question is very timely... I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Webster's question is very timely...
Probably not. I'm going to pound on them fairly hard, by which I mean install lots of stuff and work on it. FreeBSD, CentOS, Win8, a couple of Server 2012s probably, maybe some others. On Thu, Feb 28, 2013 at 4:35 PM, Steven Peck sep...@gmail.com wrote: Do thin provisioning for them? On Thu, Feb 28, 2013 at 4:29 PM, Kurt Buff kurt.b...@gmail.com wrote: Agreed. At this point, however, with (at a guess) ~40gb per VM, that gives me about 6 VMs. For what I aim at doing, that should be sufficient. Kurt On Thu, Feb 28, 2013 at 4:00 PM, Ken Schaefer k...@adopenstatic.com wrote: If you think you can fit all your VMs onto a 256GB drive, then getting a 512GB would be a waste of money. In another year or two they'll be cheaper again and you can re-buy if you need more space down the track. However, if you need 256GB now, then I think $350 is a bargain for the space performance you get. I suppose it depends on what your time is worth to you. FWIW I paid about $500 for mine ~15 months ago. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 1 March 2013 10:53 AM To: NT System Admin Issues Subject: Re: Webster's question is very timely... At $350 and up, I think that's a little spendy. However, the 256gb versions might well fit in my budget. Kurt On Thu, Feb 28, 2013 at 2:53 PM, Ken Schaefer k...@adopenstatic.com wrote: USB3.0 - it is bus powered. Get a 512GB SSD, and put it into a USB3 enclosure. I have the Crucial M4 512GB - they can be had for a good price, plus 256GB internal SSD. Gives plenty of space for VMs in my experience. I also have a 128GB SD card for storing commonly used ISO files Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, 1 March 2013 6:37 AM To: NT System Admin Issues Subject: Webster's question is very timely... I didn't want to drag his thread off topic, so I'm starting a new one Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a really good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI Firepro video card, 1920x1080 display (15.6) and a 256gb SSD. ($1600 - sale still going as far as I know.) Problem is, I'm pretty sure I made a small mistake. That 256gb drive just isn't big enough to hold the VMs I want. I should have gone with the 128gb minicard and a 1tb hard drive. So, I'm also looking for an external drive, either USB3 or eSATA - if you had the choice, which would you choose for putting in the laptop case for extra storage? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Remote control software
On Wed, Feb 27, 2013 at 3:47 AM, Nigel Parker nigel.par...@ultraframe.co.uk wrote: snip Upgrading 95 and nt4 isn't an option due to the expense One bit of malware will put paid to that argument... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin