from:"Ziots, Edward"

RE: Windows 2008 R2 Clustering, and SQL 2008

2011-02-24 Thread Ziots, Edward

All if you have those links that was posted before ( Sorry had to purge
a lot of email lately), I'd be appreciative. 

 

UAC is your friend, just got to run stuff in administrators mode. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Thursday, February 24, 2011 11:15 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 R2 Clustering, and SQL 2008

 

My biggest surprise setting up a 2008R2 SQL 2008 Cluster was what fun
the UAC can render.  Especially if you are accustomed to 2003 Clusters.

That said I did find it much more stable once I got past my growing
pains, and prefer 2008 clusters now.

We used blade servers for ours with 96 GB RAM...but I'll echo Michael's
advice about best you can buy with a support contract.  :)

 - WJR



On Thu, Feb 24, 2011 at 10:01, Ziots, Edward 
wrote:

I take you still need the Quorum Disk and MSDTC etc etc, I know you can
have cluster nodes on different networks now ( limitation on the
clusters below that)

 

Just looking for any gotchas that folks seen when they set up there
clusters, 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Thursday, February 24, 2011 10:50 AM


To: NT System Admin Issues

Subject: RE: Windows 2008 R2 Clustering, and SQL 2008

 

2008 & 2008R2 clustering are dead-simple compared to 2003 and much more
stable, IME.

 

My recommendations for hardware are always the same: buy the best your
money will give you, and ensure that you include a support contract.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, February 24, 2011 10:46 AM
To: NT System Admin Issues
Subject: Windows 2008 R2 Clustering, and SQL 2008

 

All, 

 

Looking for some suggestions on what folks are using hardware-wise for
your Windows 2008 Clusters using either SQL 2008 or SQL 2008 R2. Been
asked for specifications on a new cluster accordingly, and I haven't
done any Windows 2008 Clustering yet, and just want to make sure I don't
miss anything. 

 

Using EMC VMAX san and Qlogic 8GB HBA's and the new SAN is SCP-3
Compliant. 

 

Feel free to ping me off list, if you have done some clustering builds
with Windows 2008/Windows 2008R2, be interested if there is any gotchas
as compared to windows 2003 R2 clustering. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 R2 Clustering, and SQL 2008

2011-02-24 Thread Ziots, Edward

I take you still need the Quorum Disk and MSDTC etc etc, I know you can
have cluster nodes on different networks now ( limitation on the
clusters below that)

 

Just looking for any gotchas that folks seen when they set up there
clusters, 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Thursday, February 24, 2011 10:50 AM
To: NT System Admin Issues
Subject: RE: Windows 2008 R2 Clustering, and SQL 2008

 

2008 & 2008R2 clustering are dead-simple compared to 2003 and much more
stable, IME.

 

My recommendations for hardware are always the same: buy the best your
money will give you, and ensure that you include a support contract.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, February 24, 2011 10:46 AM
To: NT System Admin Issues
Subject: Windows 2008 R2 Clustering, and SQL 2008

 

All, 

 

Looking for some suggestions on what folks are using hardware-wise for
your Windows 2008 Clusters using either SQL 2008 or SQL 2008 R2. Been
asked for specifications on a new cluster accordingly, and I haven't
done any Windows 2008 Clustering yet, and just want to make sure I don't
miss anything. 

 

Using EMC VMAX san and Qlogic 8GB HBA's and the new SAN is SCP-3
Compliant. 

 

Feel free to ping me off list, if you have done some clustering builds
with Windows 2008/Windows 2008R2, be interested if there is any gotchas
as compared to windows 2003 R2 clustering. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Windows 2008 R2 Clustering, and SQL 2008

2011-02-24 Thread Ziots, Edward

All, 

 

Looking for some suggestions on what folks are using hardware-wise for
your Windows 2008 Clusters using either SQL 2008 or SQL 2008 R2. Been
asked for specifications on a new cluster accordingly, and I haven't
done any Windows 2008 Clustering yet, and just want to make sure I don't
miss anything. 

 

Using EMC VMAX san and Qlogic 8GB HBA's and the new SAN is SCP-3
Compliant. 

 

Feel free to ping me off list, if you have done some clustering builds
with Windows 2008/Windows 2008R2, be interested if there is any gotchas
as compared to windows 2003 R2 clustering. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Conficker

2011-02-23 Thread Ziots, Edward

Actually its trying to guess the passwords of accounts, and invoke the
lockout feature in AD, which is what you would be seeing as the
residual.

 

So MS08-067 is the fix, along with the autoplay/autorun being disabled. 

 

Symptoms

*   Account lockout policies being reset automatically.
*   Certain Microsoft Windows services
  such as Automatic
Updates  , Background
Intelligent Transfer Service

(BITS), Windows Defender 
and Windows Error Reporting
  disabled.
*   Domain controllers
  responding slowly to
client requests.
*   Congestion on local area networks (ARP flood as consequence of
network scan).
*   Web sites related to antivirus software
  or the Windows Update
  service becoming
inaccessible.[54]  
*   User accounts locked out.[55]
 

Per Microsoft KB 

http://support.microsoft.com/kb/962007

 

Win32/Conficker has multiple propagation methods. These include the
following: 

* Exploitation of the vulnerability that is patched by security
update 958644 (MS08-067) 

* The use of network shares 

* The use of AutoPlay functionality

Therefore, you must be careful when you clean a network so that the
threat is not reintroduced to systems that have previously been cleaned.


Note The Win32/Conficker.D variant does not spread to removable drives
or shared folders over a network. Win32/Conficker.D is installed by
previous variants of Win32/Conficker.

 

 

And here is Conficker Working Group writeup on all the versions, there
is a nice right-up here. 

 

http://www.confickerworkinggroup.org/wiki/uploads/Conficker_Working_Grou
p_Lessons_Learned_17_June_2010_final.pdf

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Wednesday, February 23, 2011 12:27 PM
To: NT System Admin Issues
Subject: Conficker

 

Right, for my sins I appear to be stuck in the middle of a Conficker
outbreak. I'm not here to advise about security, but five minutes into
outbreak and the glaring hole of Autoplay being enabled is clearly how
this thing is propagating, and they've been told. Fools - they are in
the process of learning the hard way.

I avoided Conficker in my last few roles thanks to good security
practices, there's one question I can't work out from the Conficker
write-ups though. How does this thing get it's list of accounts to
attack? We have accounts locking out right left and centre, but they are
clearly not just accounts that have previously logged on to the local
machine. Does anyone know if this little beastie queries Active
Directory in some way?

TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons with
low self-esteem, no sense of humour or irrational religious beliefs. If
you are not the intended recipient, any dissemination, distribution or
copying of this email is not authorised (either explicitly or
implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear
of the unknown will be gratified to learn that there is no hidden
message revealed by reading this warning backwards, so just ignore that
Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you
have received this email in error, please add some nutmeg and egg
whites, whisk and place in a warm oven for 40 minutes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: un

RE: Security ROI - comment on this please

2011-02-22 Thread Ziots, Edward

I have to agree, 

 

Security is "viewed" as a negative, because its always been about what
you shouldn't do, or couldn't do, instead of a "risk proposition" it
really should be "viewed" as. 

 

What is your ROI on security? Well ask how much a breach known to the
public/regulators, etc etc will cost your company both from the
fines/penalties levied due to non-compliance and then try and estimate
the residual losses from brand loss/tarnished company image, paying for
credit reporting for hundreds if not thousands of individuals who you
just lost there PHI/EPHI, CC card numbers or some other critical piece
of information due to a lack of due-diligence and due-care, or the
lawsuits that will have to be settled due to said information loss. 

 

Now can we say this will never happen if you maintain a high level of
security? "NO" but you will be less at "risk" and better positioned if
the aforementioned above was to come to pass, and better able to defend
yourself in lawsuits, court of law, etc etc than you would be if you
just played the "ostrich defense" or totally ignored the security
aspects which would show gross negligence and lead to a host of other
issues. 

 

So getting the business to reduce the risk of their operations to an
acceptable level, comply with the current and future regulations/laws is
a task in its own rights. You should also strive to build your systems
with tenets of security in mind ( Confidentiality, Integrity and
Availability) along with practicing Least privilege and segregation of
duties, and then tie it all up with auditing your infrastructure and
properly risk-managing them through the information life-cycle. 

 

Sincerely,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Tuesday, February 22, 2011 2:34 PM
To: NT System Admin Issues
Subject: Re: Security ROI - comment on this please

 

That's just dumb.

 

The Myth, well, I don't know who's been saying that security produces
ROI, I'd never heard of that myth.  Protects revenue generation, is as
far as I'd define security processes in this context.  The "fact" is
interesting.  Is inurance a negative deliverable, too?  Do business
waste money on insurance?  As MBS, ASB and others indicate, it's about
risk mitigation.

Lawsuits and other costs related to a data breach are the true negative
deliverables.


 

On Tue, Feb 22, 2011 at 1:53 PM, David Lum  wrote:

This is on a Powerpoint that just came to my desk:

 

Myth: Security produces ROI

   Fact: Security is a negative deliverable

1. Produces no revenue and creates no efficiencies

2. Although limits possibilities that a future negative
fallout will happen

 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 7/2008R2 SP1 available

2011-02-22 Thread Ziots, Edward

Waiting right now, before I toast some Win7 and Windows 2008 R2
machines.  Need to see what fallout it going to happen. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Sam Cayze [mailto:sca...@gmail.com] 
Sent: Tuesday, February 22, 2011 3:40 PM
To: NT System Admin Issues
Subject: RE: Windows 7/2008R2 SP1 available

 

Installed here.  Took just over an hour on my beefy new desktop.
Machine was pretty useless while it was running.

 

From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Tuesday, February 22, 2011 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 7/2008R2 SP1 available

 



 

From: Guyer, Don [mailto:don.gu...@fiserv.com] 
Sent: Tuesday, February 22, 2011 3:25 PM
To: NT System Admin Issues
Subject: RE: Windows 7/2008R2 SP1 available

 

Just curious before I jump in. How many list'ers have installed this on
Win7?

 

Don Guyer

Windows Systems Engineer

Datasafe Platform

Fiserv Enterprise Technology

Fiserv

don.gu...@fiserv.com

Office: 1-800-523-7282 x 1673

Fax: 610-293-4499

www.fiserv.com  

 

From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Tuesday, February 22, 2011 3:22 PM
To: NT System Admin Issues
Subject: RE: Windows 7/2008R2 SP1 available

 

Going through Windows Update, it's only a 70MB or so download.

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, February 22, 2011 3:05 PM
To: NT System Admin Issues
Subject: Re: Windows 7/2008R2 SP1 available

 

The ISO has all three architectures, but you can download x64 vs x86
separately.


 

ASB (Find me online via About.Me  ) 
Exploiting Technology for Business Advantage...

 

 

On Tue, Feb 22, 2011 at 2:36 PM, Mike Hoffman  wrote:

It's a shame they won't split it into the 3 architectures on the disk.
That download has 32/64 and I64 all on the one iso.

 

Still, what's a 500gb download times 300 million copies ...

 

I'm sure when it gets on Windows Update it will be a lot smaller.

 

Mike

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: 22 February 2011 19:30
To: NT System Admin Issues
Subject: Windows 7/2008R2 SP1 available

 

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c3202ce6-405
6-4059-8a1b-3a9b77cdfdda&displaylang=en

 

It's letting me download the 2GB file without a DL manager... wonder how
long that will last.  And it appears to be just one download
irrespective of 32/64-bit.

 

Carl

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Today is the end of the line for me,

2011-02-22 Thread Ziots, Edward

 Got it, 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Friday, February 18, 2011 9:00 PM
To: NT System Admin Issues
Subject: Re: Today is the end of the line for me,

 

Hey Z - just shot you an email from my Eagle email address. Please let
me know whether or not you got it (in case for some reason your filter
would have blocked my direct email.)

Regards,

Jonathan - Thumb typed from my HTC Droid Incredible (and yes, it really
is) on the Verizon network.

On Feb 17, 2011 8:19 PM, "Ziots, Edward"  wrote:
> I think after this day I have come to the conclusion is time to move
on,
> if there is companies in the RI/MASS/CT area looking for a security
> engineer, please contact me at the email below. If the distance is
under
> 1.5 hrs I am game. 
> 
> Z
> 
> Edward E. Ziots
> CISSP, Network +, Security +
> Network Engineer
> Lifespan Organization
> Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
> Cell:401-639-3505
> 
> -Original Message-
> From: David Lum [mailto:david@nwea.org] 
> Sent: Thursday, February 17, 2011 5:50 PM
> To: NT System Admin Issues
> Subject: RE: Thoughts on this pitch from Trend
> 
> Every SBS site I manage has two servers just to offload some of that
> (that, and have redundant DC's). In some cases the "server" is a
> desktop, but it keeps that much less activity off the SBS server. AV
and
> WSUS, that's what an older desktop is good for :-).
> 
> Dave
> 
> -Original Message-
> From: Bill Humphries [mailto:nt...@hedgedigger.com] 
> Sent: Thursday, February 17, 2011 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Thoughts on this pitch from Trend
> 
> I think some of the issues have to do with smaller installations. We 
> have several clients that install the A/V server software on an SBS 
> server...and Trend can bog it down with the smart scan features
enabled.
> 
> 
> Jonathan wrote:
>> Very interesting
>>
>> We switched from McAfee to Trend a year ago. Between 500 and 600
>> nodes, including servers, and we have not experienced problems like
>> what some of you have described...we are controlling updates from our
>> own internal server, and we are not utilizing Trend's cloudy
offering.
>> [1]
>>
>> We've been *very* happy. (of course we did come from McAfee, so I
>> guess everything is relative.) :-)
>>
>> Jonathan
>>
>> [1] cloudy, get it? I crack myself up (I can ear the roans and
>> eyerolls now...)
>>
>> On Thu, Feb 17, 2011 at 12:25 PM, David Lum 
> wrote:
>> 
>>> Excellent to be aware of, thanks guys. %dayjob% environment is
> infinitely
>>> more complex than my client of 55 seats. What AV do you recommend?
> Vipre is
>>> on the list, as is Symantec (beyond my control). Trend was the third
> but I
>>> am open to nixing them in favor of something else.
>>>
>>>
>>>
>>> %dayjob% = 450+ seats with dozens (50+) remote workers that work
from
> home,
>>> multiple SAN's, couple hundred servers, blah blah blah...
>>>
>>>
>>>
>>> Dave
>>>
>>>
>>>
>>> From: Graeme Carstairs [mailto:loonyto...@gmail.com]
>>> Sent: Thursday, February 17, 2011 9:16 AM
>>>
>>> To: NT System Admin Issues
>>> Subject: Re: Thoughts on this pitch from Trend
>>>
>>>
>>>
>>> Yeh happened all over apart from on the sites, that had brand new
> over
>>> specced servers, with brand new fast PC's with an abundance of
memory
> but
>>> even they exhibited a measurable slowdown.
>>>
>>>
>>>
>>> I personally do not like any software package that at 850MB when
> downloaded
>>> expands to take up 8.5GB on the server within 4 days.
>>>
>>>
>>>
>>> And the supports advise is to switch off the new features, and leave
> you
>>> with the functionality of the old version, but doesn't improve
> performance.
>>>
>>>
>>>
>>> It also seriously corrupted a DFS share, and database on one site,
> again
>>> there are technet articles and such that state that Trend needs to
be
>>> disabled from scanning DFS databases and shares, but that was only
> after teh
>>> damage was done.
>>>
>>>
>>>
>>> Version 4 -5 issues on upgrade, and a rapid release of 5.1 to solve
> them. 5
>>> - 6 serious issues

RE: Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

Correct, especially because this is an Active-Passive Cluster, only the
owning node, holds the default SQL Cluster Group. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Friday, February 18, 2011 2:52 PM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

 

Crap...would not affect both nodes at the same time.

 - WJR



On Fri, Feb 18, 2011 at 13:50, William Robbins 
wrote:

Not underestimating the power of the luser variable...but I would expect
that would affect both nodes at the same time.

 - WJR



On Fri, Feb 18, 2011 at 13:43, Jonathan Link 
wrote:

Pure speculation, but the time frame to me screams:

User runs a manual query that in their experience takes a long
time to process (they don't know why) so they set it to start as they
leave for the day, and then take action on the results the next day...


 

On Fri, Feb 18, 2011 at 8:48 AM, Ziots, Edward
 wrote:

I have a two node X64bit Windows 2003 SP2 enterprise edition
cluster running SQL 2005 Standard Edition 64bit. 

 

What I am seeing is event ID's 1123, 1124 in the event logs on
each Cluster Node, and we are getting complaints of disconnects from the
database. 

 

We are seeing it happen around 5:50-6:00pm each night.  ( shows
in the cluster log and we seen it via pings)

 

1)  We have eliminated the backup of the server, which
happens at 3:30am in the morning ( via Legato)

2)  I have gone through with Microsoft Support the entire KB
892422. Which covers these errors. 

3)  I have switched out the cables to the public and the
private NIC's with no change in issues. 

4)  RSS/TCP Chimney are disabled in the registry and on the
NIC's on each node. 

5)  NIC Drivers are the latest from HP Site ( NC373i) and
EMC Powerpath software 5.3 SP1 for the SAN disk on each node. 

 

Basically we are pinging the Owning Node server from our
workstations and we loose about 5-10 pings during this time, on both the
primary and the secondary nodes of the cluster. ( both are into the same
Cisco Switch 45xx)

 

We also was pinging each of the servers from each other ( both
on the same switch/VLAN) and we also saw the ping loss at the same time.


 

Only idea I had is to move the public NIC's to another switch to
eliminate the switch as the point of contention, or get new hardware and
migrate the databases off this cluster and decommission it. 

 

I checked other cluster nodes connected to these switches (
32bit) and we don't see this problem. 

 

Anything I might be missing or overlooked? Questions, or
bouncing some ideas off the wall is appreciated...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_f

RE: Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

Yeah that might be a possibility, but I have 150+ connections to the SQL
Server at that time, from all over the place so to try and track down
the offending query if that is the issue, would take a lot of needle in
the haystack work. 

 

Again, 23hr and 55mins of the day the system is rock solid, with no
issues, why would a TSQL query cause the network to barf, especially
when each system would need to flood a 1GBPS switch port connection, (
basically 125MBp/s)

 

Plus I would be seeing lockdown/blocking in the database at that time
and its quiet on that reguard

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Friday, February 18, 2011 2:44 PM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

 

Pure speculation, but the time frame to me screams:

User runs a manual query that in their experience takes a long time to
process (they don't know why) so they set it to start as they leave for
the day, and then take action on the results the next day...


 

On Fri, Feb 18, 2011 at 8:48 AM, Ziots, Edward 
wrote:

I have a two node X64bit Windows 2003 SP2 enterprise edition cluster
running SQL 2005 Standard Edition 64bit. 

 

What I am seeing is event ID's 1123, 1124 in the event logs on each
Cluster Node, and we are getting complaints of disconnects from the
database. 

 

We are seeing it happen around 5:50-6:00pm each night.  ( shows in the
cluster log and we seen it via pings)

 

1)  We have eliminated the backup of the server, which happens at
3:30am in the morning ( via Legato)

2)  I have gone through with Microsoft Support the entire KB 892422.
Which covers these errors. 

3)  I have switched out the cables to the public and the private
NIC's with no change in issues. 

4)  RSS/TCP Chimney are disabled in the registry and on the NIC's on
each node. 

5)  NIC Drivers are the latest from HP Site ( NC373i) and EMC
Powerpath software 5.3 SP1 for the SAN disk on each node. 

 

Basically we are pinging the Owning Node server from our workstations
and we loose about 5-10 pings during this time, on both the primary and
the secondary nodes of the cluster. ( both are into the same Cisco
Switch 45xx)

 

We also was pinging each of the servers from each other ( both on the
same switch/VLAN) and we also saw the ping loss at the same time. 

 

Only idea I had is to move the public NIC's to another switch to
eliminate the switch as the point of contention, or get new hardware and
migrate the databases off this cluster and decommission it. 

 

I checked other cluster nodes connected to these switches ( 32bit) and
we don't see this problem. 

 

Anything I might be missing or overlooked? Questions, or bouncing some
ideas off the wall is appreciated...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

Cluster is in a specific VLAN, the new switch doesn't have that VLAN
sourced to it yet, but it will after a change. I want to try that first,
before we move further. 

I did catch a few things on google about NC373i NIC's and network
issues. The only other thing I can see is that the NIC firmware and the
BIOS firmware needs an update on each node ( about one revision behind.)

But both servers connected into the same switch, seeing the same problem
at the same time, doesn't sound like a server issue to me, at least not
right now. 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Friday, February 18, 2011 11:46 AM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

I agree I would think if it were a physical NIC problem you could see
the dropped packets...

So your private NIC's are direct connected?  Are you running a trace on
both machines watching the private NIC's?  

The specific timeframe of the disconnect also doesn't lend itself to a
NIC problem either.  Hopefully you can change switches to see if that
changes anything.  Any hopes to get the cluster on an isolated switch?
Is it in a specific VLAN now?

 - WJR

On Fri, Feb 18, 2011 at 10:35, Ziots, Edward 
wrote:

Not going to tell anymore STFU, its why I am asking for a sounding
board, right now I am at whits end, I also agree on the switch issue, I
ran across a few internet posts complaining about NC373i and HP
Broadcomm NIC's and lost packets, and I got some action items to update
the BIOS on the server and the NIC Firmware to the latest support
version and see if that helps. But I would defintely like to try moving
to another switch first to eliminate the switch as the issue.

Here is the real kicker though, if it was a NIC issue ( Physical NIC
issue), then wouldn't I also see the dropped packets on the private NIC,
which we didn't see. ( Even though they are connected via a cross over
cable)

Also I replaced the primary NIC cables, and verified the other cables
are fine ( cable tester), so the only thing I could say right now is
either it's a NIC issue not showing itself to me. ( I am not sure how
you could add another NIC to the Server and then make it the Public NIC,
without breaking the cluster itself, or bring the clustered Groups down.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

-Original Message-
From: William Robbins [mailto:dangerw...@gmail.com]
Sent: Friday, February 18, 2011 10:33 AM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

Also that's a very specific timeframe...even if it's not backups on
the cluster, could there be a backup or scheduled task on another
server on the same switch in that timeframe?

Feel free to tell me to STFU...I'm just spitballing.  :)

 - WJR

On Fri, Feb 18, 2011 at 07:48, Ziots, Edward 
wrote:
> I have a two node X64bit Windows 2003 SP2 enterprise edition cluster
running
> SQL 2005 Standard Edition 64bit.
>
>
>
> What I am seeing is event ID's 1123, 1124 in the event logs on each
Cluster
> Node, and we are getting complaints of disconnects from the database.
>
>
>
> We are seeing it happen around 5:50-6:00pm each night.  ( shows in the
> cluster log and we seen it via pings)
>
>
>
> 1)  We have eliminated the backup of the server, which happens at
3:30am
> in the morning ( via Legato)
>
> 2)  I have gone through with Microsoft Support the entire KB
892422.
> Which covers these errors.
>
> 3)  I have switched out the cables to the public and the private
NIC's
> with no change in issues.
>
> 4)  RSS/TCP Chimney are disabled in the registry and on the NIC's
on
> each node.
>
> 5)  NIC Drivers are the latest from HP Site ( NC373i) and EMC
Powerpath
> software 5.3 SP1 for the SAN disk on each node.
>
>
>
> Basically we are pinging the Owning Node server from our workstations
and we
> loose about 5-10 pings during this time, on both the primary and the
> secondary nodes of the cluster. ( both are into the same Cisco Switch
45xx)
>
>
>
> We also was pinging each of the servers from each other ( both on the
same
> switch/VLAN) and we also saw the ping loss at the same time.
>
>
>
> Only idea I had is to move the public NIC's to another switch to
eliminate
> the switch as the point of contention, or get new hardware and migrate
the
> databases off this cluster and decommission it.
>
>
>
> I checked other clus

RE: Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

Backups happen at set times outside of the window that we are seeking,
there are transactional log backups that happen every hour, but again
the symptom is loosing pings at the server in a less than 10-15 min
timeframe everyday. ( Again seems to be a Layer 2/3 issue, not Layer 7)

 

MY Virus Scan is excluding the .MDF,LDF,.NDF, LOG, TRN, BAK files and
the Quorum Drive on the servers. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Friday, February 18, 2011 12:39 PM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

 

SQL Backup, Anti-Virus dat update or Scan initiation?

On Fri, Feb 18, 2011 at 9:29 AM, Miller Bonnie L.
 wrote:

Any scheduled tasks in Windows or within SQL?  Or, a task running
against SQL (maybe check other servers or workstations that reference
the cluster for their DBs for scheduled tasks).  Could also fire up a
performance and netmon capture during the timeframe to see if anything
jumps out at you.

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, February 18, 2011 5:49 AM


To: NT System Admin Issues

Subject: Sounding board on issue we are seeing with a Windows 2003
Cluster with SQL 2005

 

I have a two node X64bit Windows 2003 SP2 enterprise edition cluster
running SQL 2005 Standard Edition 64bit. 

 

What I am seeing is event ID's 1123, 1124 in the event logs on each
Cluster Node, and we are getting complaints of disconnects from the
database. 

 

We are seeing it happen around 5:50-6:00pm each night.  ( shows in the
cluster log and we seen it via pings)

 

1)  We have eliminated the backup of the server, which happens at
3:30am in the morning ( via Legato)

2)  I have gone through with Microsoft Support the entire KB 892422.
Which covers these errors. 

3)  I have switched out the cables to the public and the private
NIC's with no change in issues. 

4)  RSS/TCP Chimney are disabled in the registry and on the NIC's on
each node. 

5)  NIC Drivers are the latest from HP Site ( NC373i) and EMC
Powerpath software 5.3 SP1 for the SAN disk on each node. 

 

Basically we are pinging the Owning Node server from our workstations
and we loose about 5-10 pings during this time, on both the primary and
the secondary nodes of the cluster. ( both are into the same Cisco
Switch 45xx)

 

We also was pinging each of the servers from each other ( both on the
same switch/VLAN) and we also saw the ping loss at the same time. 

 

Only idea I had is to move the public NIC's to another switch to
eliminate the switch as the point of contention, or get new hardware and
migrate the databases off this cluster and decommission it. 

 

I checked other cluster nodes connected to these switches ( 32bit) and
we don't see this problem. 

 

Anything I might be missing or overlooked? Questions, or bouncing some
ideas off the wall is appreciated...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

Not going to tell anymore STFU, its why I am asking for a sounding board, right 
now I am at whits end, I also agree on the switch issue, I ran across a few 
internet posts complaining about NC373i and HP Broadcomm NIC's and lost 
packets, and I got some action items to update the BIOS on the server and the 
NIC Firmware to the latest support version and see if that helps. But I would 
defintely like to try moving to another switch first to eliminate the switch as 
the issue. 

Here is the real kicker though, if it was a NIC issue ( Physical NIC issue), 
then wouldn't I also see the dropped packets on the private NIC, which we 
didn't see. ( Even though they are connected via a cross over cable)

Also I replaced the primary NIC cables, and verified the other cables are fine 
( cable tester), so the only thing I could say right now is either it's a NIC 
issue not showing itself to me. ( I am not sure how you could add another NIC 
to the Server and then make it the Public NIC, without breaking the cluster 
itself, or bring the clustered Groups down. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Friday, February 18, 2011 10:33 AM
To: NT System Admin Issues
Subject: Re: Sounding board on issue we are seeing with a Windows 2003 Cluster 
with SQL 2005

Also that's a very specific timeframe...even if it's not backups on
the cluster, could there be a backup or scheduled task on another
server on the same switch in that timeframe?

Feel free to tell me to STFU...I'm just spitballing.  :)

 - WJR

On Fri, Feb 18, 2011 at 07:48, Ziots, Edward  wrote:
> I have a two node X64bit Windows 2003 SP2 enterprise edition cluster running
> SQL 2005 Standard Edition 64bit.
>
>
>
> What I am seeing is event ID's 1123, 1124 in the event logs on each Cluster
> Node, and we are getting complaints of disconnects from the database.
>
>
>
> We are seeing it happen around 5:50-6:00pm each night.  ( shows in the
> cluster log and we seen it via pings)
>
>
>
> 1)  We have eliminated the backup of the server, which happens at 3:30am
> in the morning ( via Legato)
>
> 2)  I have gone through with Microsoft Support the entire KB 892422.
> Which covers these errors.
>
> 3)  I have switched out the cables to the public and the private NIC's
> with no change in issues.
>
> 4)  RSS/TCP Chimney are disabled in the registry and on the NIC's on
> each node.
>
> 5)  NIC Drivers are the latest from HP Site ( NC373i) and EMC Powerpath
> software 5.3 SP1 for the SAN disk on each node.
>
>
>
> Basically we are pinging the Owning Node server from our workstations and we
> loose about 5-10 pings during this time, on both the primary and the
> secondary nodes of the cluster. ( both are into the same Cisco Switch 45xx)
>
>
>
> We also was pinging each of the servers from each other ( both on the same
> switch/VLAN) and we also saw the ping loss at the same time.
>
>
>
> Only idea I had is to move the public NIC's to another switch to eliminate
> the switch as the point of contention, or get new hardware and migrate the
> databases off this cluster and decommission it.
>
>
>
> I checked other cluster nodes connected to these switches ( 32bit) and we
> don't see this problem.
>
>
>
> Anything I might be missing or overlooked? Questions, or bouncing some ideas
> off the wall is appreciated...
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> CISSP, Network +, Security +
>
> Network Engineer
>
> Lifespan Organization
>
> Email:ezi...@lifespan.org
>
> Cell:401-639-3505
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Today is the end of the line for me,

2011-02-18 Thread Ziots, Edward

Gents/Ladies, 

 

I have already replied off list directly to the gent that said what he
said. I have thick skin, I can take it and I have spoken my piece. 

 

But I do definitely appreciate you all coming to my defense and rescue
on the matter. 


Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Doug Hampshire [mailto:dhampsh...@gmail.com] 
Sent: Friday, February 18, 2011 10:08 AM
To: NT System Admin Issues
Subject: Re: Today is the end of the line for me,

 

Yeah, cut him some slack. It's not like he asked about PDF
readers..again, or something like that.

On Fri, Feb 18, 2011 at 5:31 AM, Jonathan  wrote:

Not sure if you're chiding him in fun or not, but if you aren't.Dude
- he changed the subject line completely. He obviously had a bad
day/week. Give the guy a break.

So he forgot to delete the email below. There have been far worse things
committed on this list.

If you WERE chiding him in fun, well, put a smiley or something.

In the voice of Napoleon Dynamite, "GOSH!" :-)

Jonathan - Thumb typed from my HTC Droid Incredible (and yes, it really
is) on the Verizon network.

On Feb 17, 2011 11:22 PM, "Jim McAtee"  wrote:
> A "security engineer" who doesn't even know how to start a new
discussion 
> on an email list? Sure.
> 
> 
> - Original Message - 
> From: "Ziots, Edward" 

> To: "NT System Admin Issues" 

> Sent: Thursday, February 17, 2011 6:17 PM

> Subject: Today is the end of the line for me,
> 
> 
> I think after this day I have come to the conclusion is time to move
on,
> if there is companies in the RI/MASS/CT area looking for a security
> engineer, please contact me at the email below. If the distance is
under
> 1.5 hrs I am game.
> 
> Z
> 
> Edward E. Ziots
> CISSP, Network +, Security +
> Network Engineer
> Lifespan Organization
> Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
> Cell:401-639-3505
> 
> -Original Message-
> From: David Lum [mailto:david@nwea.org]
> Sent: Thursday, February 17, 2011 5:50 PM
> To: NT System Admin Issues
> Subject: RE: Thoughts on this pitch from Trend
> 
> Every SBS site I manage has two servers just to offload some of that
> 
> 

> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Sounding board on issue we are seeing with a Windows 2003 Cluster with SQL 2005

2011-02-18 Thread Ziots, Edward

I have a two node X64bit Windows 2003 SP2 enterprise edition cluster
running SQL 2005 Standard Edition 64bit. 

 

What I am seeing is event ID's 1123, 1124 in the event logs on each
Cluster Node, and we are getting complaints of disconnects from the
database. 

 

We are seeing it happen around 5:50-6:00pm each night.  ( shows in the
cluster log and we seen it via pings)

 

1)  We have eliminated the backup of the server, which happens at
3:30am in the morning ( via Legato)

2)  I have gone through with Microsoft Support the entire KB 892422.
Which covers these errors. 

3)  I have switched out the cables to the public and the private
NIC's with no change in issues. 

4)  RSS/TCP Chimney are disabled in the registry and on the NIC's on
each node. 

5)  NIC Drivers are the latest from HP Site ( NC373i) and EMC
Powerpath software 5.3 SP1 for the SAN disk on each node. 

 

Basically we are pinging the Owning Node server from our workstations
and we loose about 5-10 pings during this time, on both the primary and
the secondary nodes of the cluster. ( both are into the same Cisco
Switch 45xx)

 

We also was pinging each of the servers from each other ( both on the
same switch/VLAN) and we also saw the ping loss at the same time. 

 

Only idea I had is to move the public NIC's to another switch to
eliminate the switch as the point of contention, or get new hardware and
migrate the databases off this cluster and decommission it. 

 

I checked other cluster nodes connected to these switches ( 32bit) and
we don't see this problem. 

 

Anything I might be missing or overlooked? Questions, or bouncing some
ideas off the wall is appreciated...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Today is the end of the line for me,

2011-02-18 Thread Ziots, Edward

Jon, 

 

I definitely see the excitement in your email for this new opportunity,
definitely happy for you. Hopefully will be moving on to do security
only work and leave the system engineering realm behind, its beyond
time. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Thursday, February 17, 2011 11:14 PM
To: NT System Admin Issues
Subject: Re: Today is the end of the line for me,

 

+100

Wow. I wish I had read that a LONG time ago.

On a positive note, I AM moving on, and quite excited about it.

Hang in there Z!

Jonathan - Thumb typed from my HTC Droid Incredible (and yes, it really
is) on the Verizon network.

On Feb 17, 2011 9:31 PM, "Andrew S. Baker"  wrote:
> Excellent article
> 
> -ASB: http://about.me/Andrew.S.Baker
> 
> Sent from my Motorola Droid
> On Feb 17, 2011 8:28 PM, "Jonathan Link" 
wrote:
>> This may be appropriate to your mood.
>> http://www.asktheheadhunter.com/hawall.htm
>>
>>
>>
>> On Thu, Feb 17, 2011 at 8:17 PM, Ziots, Edward 
> wrote:
>>
>>> I think after this day I have come to the conclusion is time to move
on,
>>> if there is companies in the RI/MASS/CT area looking for a security
>>> engineer, please contact me at the email below. If the distance is
under
>>> 1.5 hrs I am game.
>>>
>>> Z
>>>
>>> Edward E. Ziots
>>> CISSP, Network +, Security +
>>> Network Engineer
>>> Lifespan Organization
>>> Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
>>> Cell:401-639-3505
>>>
>>> -Original Message-
>>> From: David Lum [mailto:david@nwea.org]
>>> Sent: Thursday, February 17, 2011 5:50 PM
>>> To: NT System Admin Issues
>>> Subject: RE: Thoughts on this pitch from Trend
>>>
>>> Every SBS site I manage has two servers just to offload some of that
>>> (that, and have redundant DC's). In some cases the "server" is a
>>> desktop, but it keeps that much less activity off the SBS server. AV
and
>>> WSUS, that's what an older desktop is good for :-).
>>>
>>> Dave
>>>
>>> -Original Message-
>>> From: Bill Humphries [mailto:nt...@hedgedigger.com]
>>> Sent: Thursday, February 17, 2011 11:46 AM
>>> To: NT System Admin Issues
>>> Subject: Re: Thoughts on this pitch from Trend
>>>
>>> I think some of the issues have to do with smaller installations. We
>>> have several clients that install the A/V server software on an SBS
>>> server...and Trend can bog it down with the smart scan features
enabled.
>>>
>>>
>>> Jonathan wrote:
>>> > Very interesting
>>> >
>>> > We switched from McAfee to Trend a year ago. Between 500 and 600
>>> > nodes, including servers, and we have not experienced problems
like
>>> > what some of you have described...we are controlling updates from
our
>>> > own internal server, and we are not utilizing Trend's cloudy
offering.
>>> > [1]
>>> >
>>> > We've been *very* happy. (of course we did come from McAfee, so I
>>> > guess everything is relative.) :-)
>>> >
>>> > Jonathan
>>> >
>>> > [1] cloudy, get it? I crack myself up (I can ear the roans and
>>> > eyerolls now...)
>>> >
>>> > On Thu, Feb 17, 2011 at 12:25 PM, David Lum 
>>> wrote:
>>> >
>>> >> Excellent to be aware of, thanks guys. %dayjob% environment is
>>> infinitely
>>> >> more complex than my client of 55 seats. What AV do you
recommend?
>>> Vipre is
>>> >> on the list, as is Symantec (beyond my control). Trend was the
third
>>> but I
>>> >> am open to nixing them in favor of something else.
>>> >>
>>> >>
>>> >>
>>> >> %dayjob% = 450+ seats with dozens (50+) remote workers that work
from
>>> home,
>>> >> multiple SAN's, couple hundred servers, blah blah blah...
>>> >>
>>> >>
>>> >>
>>> >> Dave
>>> >>
>>> >>
>>> >>
>>> >> From: Graeme Carstairs [mailto:loonyto...@gmail.com]
>>> >> Sent: Thursday, February 17, 2011 9:16 AM
>>> >>
>>> >> To: NT System Admin Issues
>>> >> Subject: Re: Thoughts on

RE: Today is the end of the line for me,

2011-02-18 Thread Ziots, Edward

I am truly sorry for hijacking the previous thread, and yes it has been
a bad few months. 

 

MY apologies, but definitely time is up here, honestly had enough after
this latest issue, time to move on to greener pastures or at least new
adventures. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Friday, February 18, 2011 5:31 AM
To: NT System Admin Issues
Subject: Re: Today is the end of the line for me,

 

Not sure if you're chiding him in fun or not, but if you aren't.Dude
- he changed the subject line completely. He obviously had a bad
day/week. Give the guy a break.

So he forgot to delete the email below. There have been far worse things
committed on this list.

If you WERE chiding him in fun, well, put a smiley or something.

In the voice of Napoleon Dynamite, "GOSH!" :-)

Jonathan - Thumb typed from my HTC Droid Incredible (and yes, it really
is) on the Verizon network.

On Feb 17, 2011 11:22 PM, "Jim McAtee"  wrote:
> A "security engineer" who doesn't even know how to start a new
discussion 
> on an email list? Sure.
> 
> 
> - Original Message - 
> From: "Ziots, Edward" 
> To: "NT System Admin Issues" 
> Sent: Thursday, February 17, 2011 6:17 PM
> Subject: Today is the end of the line for me,
> 
> 
> I think after this day I have come to the conclusion is time to move
on,
> if there is companies in the RI/MASS/CT area looking for a security
> engineer, please contact me at the email below. If the distance is
under
> 1.5 hrs I am game.
> 
> Z
> 
> Edward E. Ziots
> CISSP, Network +, Security +
> Network Engineer
> Lifespan Organization
> Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
> Cell:401-639-3505
> 
> -Original Message-
> From: David Lum [mailto:david@nwea.org]
> Sent: Thursday, February 17, 2011 5:50 PM
> To: NT System Admin Issues
> Subject: RE: Thoughts on this pitch from Trend
> 
> Every SBS site I manage has two servers just to offload some of that
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Today is the end of the line for me,

2011-02-17 Thread Ziots, Edward

Extremely appropriate, I think I will have a read tomorrow, I took a
quick look and see some of me in there defintely. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Thursday, February 17, 2011 8:28 PM
To: NT System Admin Issues
Subject: Re: Today is the end of the line for me,

 

This may be appropriate to your mood.

http://www.asktheheadhunter.com/hawall.htm



 

On Thu, Feb 17, 2011 at 8:17 PM, Ziots, Edward 
wrote:

I think after this day I have come to the conclusion is time to move on,
if there is companies in the RI/MASS/CT area looking for a security
engineer, please contact me at the email below. If the distance is under
1.5 hrs I am game.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

-Original Message-
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, February 17, 2011 5:50 PM
To: NT System Admin Issues
Subject: RE: Thoughts on this pitch from Trend

Every SBS site I manage has two servers just to offload some of that
(that, and have redundant DC's). In some cases the "server" is a
desktop, but it keeps that much less activity off the SBS server. AV and
WSUS, that's what an older desktop is good for :-).

Dave

-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com]
Sent: Thursday, February 17, 2011 11:46 AM
To: NT System Admin Issues
Subject: Re: Thoughts on this pitch from Trend

I think some of the issues have to do with smaller installations.  We
have several clients that install the A/V server software on an SBS
server...and Trend can bog it down with the smart scan features enabled.


Jonathan wrote:
> Very interesting
>
> We switched from McAfee to Trend a year ago. Between 500 and 600
> nodes, including servers, and we have not experienced problems like
> what some of you have described...we are controlling updates from our
> own internal server, and we are not utilizing Trend's cloudy offering.
> [1]
>
> We've been *very* happy. (of course we did come from McAfee, so I
> guess everything is relative.) :-)
>
> Jonathan
>
> [1] cloudy, get it? I crack myself up (I can ear the roans and
> eyerolls now...)
>
> On Thu, Feb 17, 2011 at 12:25 PM, David Lum 
wrote:
>
>> Excellent to be aware of, thanks guys. %dayjob% environment is
infinitely
>> more complex than my client of 55 seats. What AV do you recommend?
Vipre is
>> on the list, as is Symantec (beyond my control). Trend was the third
but I
>> am open to nixing them in favor of something else.
>>
>>
>>
>> %dayjob% = 450+ seats with dozens (50+) remote workers that work from
home,
>> multiple SAN's, couple hundred servers, blah blah blah...
>>
>>
>>
>> Dave
>>
>>
>>
>> From: Graeme Carstairs [mailto:loonyto...@gmail.com]
>> Sent: Thursday, February 17, 2011 9:16 AM
>>
>> To: NT System Admin Issues
>> Subject: Re: Thoughts on this pitch from Trend
>>
>>
>>
>> Yeh happened all over apart from on the sites, that had brand new
over
>> specced servers, with brand new fast PC's with an abundance of memory
but
>> even they exhibited a measurable slowdown.
>>
>>
>>
>> I personally do not like any software package that at 850MB when
downloaded
>> expands to take up 8.5GB on the server within 4 days.
>>
>>
>>
>> And the supports advise is to switch off the new features, and leave
you
>> with the functionality of the old version, but doesn't improve
performance.
>>
>>
>>
>> It also seriously corrupted a DFS share, and database on one site,
again
>> there are technet articles and such that state that Trend needs to be
>> disabled from scanning DFS databases and shares, but that was only
after teh
>> damage was done.
>>
>>
>>
>> Version 4 -5 issues on upgrade, and a rapid release of 5.1 to solve
them. 5
>> - 6 serious issues on upgrade, no fix, even 6.1 didnt solve the
problems.
>> The only fix was complete removal, and replace with a different
product.
>>
>>
>>
>> I have raised the issues with Trend, and told them we were stopping
selling
>> their product, and would only continue renewing existing licenses who
wanted
>> to stay with Trend, and nothing was done.
>>
>>
>>
>> They keep phoning every couple of months, to see why were not selling
and I
>> keep telling them, but they never respond, until its chase sales
figures
>> time.
>>
>>

Today is the end of the line for me,

2011-02-17 Thread Ziots, Edward

I think after this day I have come to the conclusion is time to move on,
if there is companies in the RI/MASS/CT area looking for a security
engineer, please contact me at the email below. If the distance is under
1.5 hrs I am game. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, February 17, 2011 5:50 PM
To: NT System Admin Issues
Subject: RE: Thoughts on this pitch from Trend

Every SBS site I manage has two servers just to offload some of that
(that, and have redundant DC's). In some cases the "server" is a
desktop, but it keeps that much less activity off the SBS server. AV and
WSUS, that's what an older desktop is good for :-).

Dave

-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com] 
Sent: Thursday, February 17, 2011 11:46 AM
To: NT System Admin Issues
Subject: Re: Thoughts on this pitch from Trend

I think some of the issues have to do with smaller installations.  We 
have several clients that install the A/V server software on an SBS 
server...and Trend can bog it down with the smart scan features enabled.


Jonathan wrote:
> Very interesting
>
> We switched from McAfee to Trend a year ago. Between 500 and 600
> nodes, including servers, and we have not experienced problems like
> what some of you have described...we are controlling updates from our
> own internal server, and we are not utilizing Trend's cloudy offering.
> [1]
>
> We've been *very* happy. (of course we did come from McAfee, so I
> guess everything is relative.) :-)
>
> Jonathan
>
> [1] cloudy, get it? I crack myself up (I can ear the roans and
> eyerolls now...)
>
> On Thu, Feb 17, 2011 at 12:25 PM, David Lum 
wrote:
>   
>> Excellent to be aware of, thanks guys. %dayjob% environment is
infinitely
>> more complex than my client of 55 seats. What AV do you recommend?
Vipre is
>> on the list, as is Symantec (beyond my control). Trend was the third
but I
>> am open to nixing them in favor of something else.
>>
>>
>>
>> %dayjob% = 450+ seats with dozens (50+) remote workers that work from
home,
>> multiple SAN's, couple hundred servers, blah blah blah...
>>
>>
>>
>> Dave
>>
>>
>>
>> From: Graeme Carstairs [mailto:loonyto...@gmail.com]
>> Sent: Thursday, February 17, 2011 9:16 AM
>>
>> To: NT System Admin Issues
>> Subject: Re: Thoughts on this pitch from Trend
>>
>>
>>
>> Yeh happened all over apart from on the sites, that had brand new
over
>> specced servers, with brand new fast PC's with an abundance of memory
but
>> even they exhibited a measurable slowdown.
>>
>>
>>
>> I personally do not like any software package that at 850MB when
downloaded
>> expands to take up 8.5GB on the server within 4 days.
>>
>>
>>
>> And the supports advise is to switch off the new features, and leave
you
>> with the functionality of the old version, but doesn't improve
performance.
>>
>>
>>
>> It also seriously corrupted a DFS share, and database on one site,
again
>> there are technet articles and such that state that Trend needs to be
>> disabled from scanning DFS databases and shares, but that was only
after teh
>> damage was done.
>>
>>
>>
>> Version 4 -5 issues on upgrade, and a rapid release of 5.1 to solve
them. 5
>> - 6 serious issues on upgrade, no fix, even 6.1 didnt solve the
problems.
>> The only fix was complete removal, and replace with a different
product.
>>
>>
>>
>> I have raised the issues with Trend, and told them we were stopping
selling
>> their product, and would only continue renewing existing licenses who
wanted
>> to stay with Trend, and nothing was done.
>>
>>
>>
>> They keep phoning every couple of months, to see why were not selling
and I
>> keep telling them, but they never respond, until its chase sales
figures
>> time.
>>
>>
>>
>> YMMV but they have seriously burnt my birdges, and indirectly cost my
>> company money, in fixing issues caused by their software.
>>
>>
>>
>>
>>
>>
>>
>> On 17 February 2011 17:07, David Lum  wrote:
>>
>> Weird, no issue in the environment I support when I upgraded them.
Small
>> environment though, 55 systems, fairly "clean" clients and just two
sites.
>>
>>
>>
>> Dave
>>
>>
>>
>> From: Graeme Carstairs [mailto:loonyto...@gmail.com]
>> Sent: Thursday, February 17, 2011 8:49 AM
>>
>> To: NT System Admin Issues
>>
>> Cc: Steven Peck
>> Subject: Re: Thoughts on this pitch from Trend
>>
>>
>>
>> Would avoid Tren Worry Free like the plague.
>>
>>
>>
>> It killed (literally stopped servers and clients talking, due to scan
>> overload, and resource hogging) 4 networks when it was upgraded from
5 to 6,
>>
>>
>>
>> Had to remove it and install vipre which made very angry clients very
happy
>>
>>
>>
>> Graeme
>>
>>
>>
>> On 17 February 2011 16:44, Steven Peck  wrote:
>>
>> Here we go
>> http://dilbert.com/strips/comic/2011-01-07/
>>
>> Steven Peck
>> http://www.blkmtn.org
>>
>> On Thu, Feb 17, 20

RE: Registry permissions

2011-02-17 Thread Ziots, Edward

+1 on that recommendation, it takes time, but most times, it only needs
certain access to directories/registry or maybe to start a service, but
that all can be granted at a user level. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, February 17, 2011 6:37 AM
To: NT System Admin Issues
Subject: Re: Registry permissions

 

No, because they will just change them back. Admins are gods, whatever
you do.

I have never found a piece of software that "needed admin" that I
couldn't make work as a regular user. Use LUA Buglight or Process
Monitor to track down the offending areas. 99% of the time, it is either
file permissions under Program Files that normal users only have Read
to, or Registry permissions under HKLM that Users only have Read to.
Modify them and you won't need admin anymore. Problem solved.

If you don't have the time to track down the offending areas, I have
sometimes used CPAU
(http://www.joeware.net/freetools/tools/cpau/index.htm) to use a
temporary elevation for the user when they launch the application. Then
they only have admin "inside" the application, rather than in everything
they do. Better than nothing.

Cheers,

On 17 February 2011 11:16, Nigel Parker 
wrote:

Hi
We have some people who sadly have to be local admins due to the
software
I would like to change some of the Registry permissions via a login
script to stop them being able to change certain settings
So give them Read to certain keys etc

Is this possible?

Nigel Parker

Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   
Email: 


Please consider the environment before printing this e-mail

The statements and opinions expressed in this email are my own and may
not represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it
is confidential and may be legally privileged. It is sent out only for
intended recipient(s). Access to this email by anyone else is
unauthorised. If you are not an intended recipient, any disclosure,
copying, distribution or other use or any action taken or omitted to be
taken in reliance on it, is prohibited and unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons with
low self-esteem, no sense of humour or irrational religious beliefs. If
you are not the intended recipient, any dissemination, distribution or
copying of this email is not authorised (either explicitly or
implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear
of the unknown will be gratified to learn that there is no hidden
message revealed by reading this warning backwards, so just ignore that
Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you
have received this email in error, please add some nutmeg and egg
whites, whisk and place in a warm oven for 40 minutes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Oracle Java 6 Update 24

2011-02-15 Thread Ziots, Edward

Yep just saw it, ( actually reading it now) seems like the hits keep
coming for the Java Versions.

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Sam Cayze [mailto:sca...@gmail.com] 
Sent: Tuesday, February 15, 2011 6:18 PM
To: NT System Admin Issues
Subject: Oracle Java 6 Update 24

 

http://isc.sans.edu/diary.html?storyid=10417&rss 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: New Issue with IE patch and Vmware View Client on Windows 7

2011-02-11 Thread Ziots, Edward

Yeah new client works fine with Windows 7 X86 and the latest IE patch, 
confirmed this yesterday. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Garcia-Moran, Carlos [mailto:cgarciamo...@spragueenergy.com] 
Sent: Thursday, February 10, 2011 3:56 PM
To: NT System Admin Issues
Subject: RE: New Issue with IE patch and Vmware View Client on Windows 7

Excellent thx! I was having the exact same issue as reported and DL'ed the 
updated patch and now it works fine

Here's the VMware updated KB with link to the new file

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1034262

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, February 10, 2011 3:46 PM
To: NT System Admin Issues
Subject: New Issue with IE patch and Vmware View Client on Windows 7

http://communities.vmware.com/thread/302164

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

_
This e-mail, including attachments, contains information that is
confidential and may be protected by attorney/client or other privileges.
This e-mail, including attachments, constitutes non-public information
intended to be conveyed only to the designated recipient(s). If you are not
an intended recipient, you are hereby notified that any unauthorized use,
dissemination, distribution or reproduction of this e-mail, including
attachments, is strictly prohibited and may be unlawful. If you have
received this e-mail in error, please notify me by e-mail reply and delete
the original message and any attachments from your system.
_

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Suggestions on reading materials to get back up to speed on 2k3, 2k8, and AD...

2011-02-11 Thread Ziots, Edward

Honestly, if Miansi or Stanek Wrote the book, its good to go, I have
almost two shelves of books from them that I have read, and never gone
wrong on the implementation and setup using what they have imparted
knowledge wise. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Thursday, February 10, 2011 5:02 PM
To: NT System Admin Issues
Subject: RE: Suggestions on reading materials to get back up to speed on
2k3, 2k8, and AD...

 

The Pocket Consultant books aren't really books that you "read" so much
as pull off the shelf now and then. They also vary quite a bit in
quality so beware.

 

I happen to think my book is a good one there on your list, but, as far
as the general windows one, I'd opt for a 2008 R2 book over a straight
2008 one as a matter of it just being newer. 

 

Thanks,

Brian Desmond

br...@briandesmond.com  

 

c   - 312.731.3132

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, February 10, 2011 3:41 PM
To: NT System Admin Issues
Subject: Re: Suggestions on reading materials to get back up to speed on
2k3, 2k8, and AD...

 

Don't leave out:

*
http://www.amazon.com/Mastering-Microsoft-Windows-Server-2008/dp/0470532
866
*
http://www.amazon.com/Windows%C2%AE-Internals-Including-Windows-PRO-Deve
loper/dp/0735625301/ref=sr_1_5?s=books&ie=UTF8&qid=1297374034&sr=1-5

 

ASB (Find me online via About.Me  ) 
Exploiting Technology for Business Advantage...

 

 

On Thu, Feb 10, 2011 at 4:19 PM, Leland  wrote:

Hi guys and gals, 

 

I'm rusty and after a number of years, I'm moving back into a hands-on
sysadmin role. I was very hands on with 2000 Server back in the day, but
once I started deploying Server 2003, I backed away and started
delegating (necessary evil at the time, unfortunately). Although I
worked with Group Policy, I really didn't have much of a chance to start
leveraging it. That is changing in my new role.

 

I don't have a test environment to play with right now, so I'm at a loss
there. I've been looking at book possibilities, and this is one of the
ones I've found. I'm wondering if any of you have read it, or anything
like it, that would be of benefit to me. I'll be supporting 2003 and
2008 systems, 2003 AD, but will likely be moving it from 2003 to 2008. I
know this book doesn't go deep, but I feel like I need a primer, and
then to focus on what is new in 2008 and AD specifics.

 

http://www.amazon.com/Windows-Server-Weekend-Crash-Course/dp/0764549251/
ref=pd_sim_b_3

 

Then, I figured perhaps I would delve into these:

 

http://www.amazon.com/Active-Directory-Designing-Deploying-Running/dp/05
9652059X/ref=ntt_at_ep_dpt_1

 

http://www.amazon.com/Active-Directory-Administrators-Pocket-Consultant/
dp/0735626480/ref=pd_sim_b_2

 

http://www.amazon.com/Windows-PowerShell-Administrators-Pocket-Consultan
t/dp/0735625956/ref=pd_sim_b_4

 

Finally, I'm torn between these first 3 on 2008:

 

http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Dstripbooks&fie
ld-keywords=server+2008&x=0&y=0

 

Am I off base, or are these good places to start?

 

Guidance much appreciated,

 

Leland

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: IPhone attack reveals passwords in six minutes

2011-02-11 Thread Ziots, Edward

Honestly, if its portable, light and popular ( Iphone, Ipad, I "don't need this 
version 1,2,3,4") its going to be a target, and given the lack of controls and 
encryption available for these devices is just a big problem that everyone is 
dealing with and it has little solutions at this time, which is unfortunate for 
all of us. 

As for laptops there are more controls, some of them, when implemented 
properly, comply with state and federal regulations and provide additional 
protection against information disclosure/theft. 

Is it fool proof (nope), but it's the best we have right now. Honestly, I would 
rather see virtual desktops with no data residing on them after they are 
destroyed, and a secure method to access them, even if it was on a Tablet, IPAD 
etc etc. 

Again a lot to think about from a lot of different angles and what works for 
one customer in one country might not even begin to cut the mustard in another, 
so mileage will vary. 

EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Friday, February 11, 2011 2:40 AM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

We've been giving people laptops for years. They typically have even more data 
on them than phones. Why aren't you railing against that?

Cheers
Ken

-----Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, 11 February 2011 3:13 AM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

Two more words, "NO Battery" = NO remote Wipe, therefore dispense with that 
fallacy that its going to save you, because it doesn't do a secure wipe of the 
drive itself, which allows an attacker with the phone to basically hook it up 
to a device offline and download the information on the phone and do what they 
want with it. 

Aaron Turner of the IANS faculity is a subject matter expert in these areas and 
have put on a lot of talks, and the news is pretty grim atm. 

Basically storing any type of sensitive information on the BB, Android, Iphone, 
etc etc is like playing Russian roulette with a loaded gun pointed straight at 
your face, one of these times it isn't going to go well for you. 

But this is the risk that business continue to take over and over again, 
because the users are clammering for these devices, and the functionality they 
bring, but are clearly blind to the security and information disclosure aspects 
and how the loss, theft of data could be the business undoing. 

Sincerely,
EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: S Powell [mailto:powe...@gmail.com]
Sent: Thursday, February 10, 2011 12:10 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

two words.

remote wipe.

Yep, big security issue, but if someone has physical control of your device, 
any device,  you should always consider it compromised.

@THIS STATMENT IS VERIFIABLY INCORRECT

On Thu, Feb 10, 2011 at 08:40, David Lum  wrote:
> What I don't know is if this phone OS is any worse than anything else 
> in use. Anyone care to comment?:
>
>
>
> "Among passwords that could be revealed were those for Google Mail as 
> an MS Exchange account, other MS Exchange accounts, LDAP accounts, 
> voicemail, VPN passwords, WiFi passwords and some App passwords"
>
>
>
> http://www.computerworld.com/s/article/9208920/IPhone_attack_reveals_p
> asswords_in_six_minutes?taxonomyId=85
>
>
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe nts

New Issue with IE patch and Vmware View Client on Windows 7

2011-02-10 Thread Ziots, Edward

http://communities.vmware.com/thread/302164

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

Yes, once...

 

But I agree doing the "right thing" sometimes is very much frowned upon
in corporate America. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Thursday, February 10, 2011 2:53 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

 

Just out of personal curiosity, have you been able to do that with any
success?  I'm X number of levels below the CIO, who is levels below the
CEO.  When these requests for shiny devices come from on high my manager
would look at me like a two headed baboon if I asked him to sign a memo
from me, and HR would be telling me my stuff would be mailed to my home
address on file.

But that's just me.  :)

 - WJR



On Thu, Feb 10, 2011 at 13:48, Ziots, Edward 
wrote:

I recommend that you put in a memorandum format and make the boss
actually sign it with his own hand, if he won't then forward to your
legal department/compliance department if you have one. I agree, always
CYA yourself first.


Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505


-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]

Sent: Thursday, February 10, 2011 2:41 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

We all know you can't solve stupid! That being said I can document that
I told them to follow the protocol, my a$$ get's covered first!
John W. Cook
Systems Administrator
Partnership for Strong Families

- Original Message -
From: Ziots, Edward 
To: NT System Admin Issues 
Sent: Thu Feb 10 14:33:23 2011
Subject: RE: IPhone attack reveals passwords in six minutes

John, but you know how much users, follow directions, <=0, we been in
this game far too long to know better. Its basically trying to stop
stupid, but even trying to remote wipe, if they have slipped the sim
card or batter, u aren't getting a wipe, and the data ( unencrypted) is
gone, which in some states is a breach notification time.

So how comfortable in a risk-based proposition do we all feel about this
going forward, hopefully not good enough that some careful thoughts and
discussions about the risks they are taking ( Bussiness/Management) ( if
they accept them, they do, its the business choice) but the financial
fallout could be the undoing, along with the liability and tarnished
company image, etc etc.

Make the business accept the risk ( in writing) after a carefully
discussing the issues and documenting them, which is your CYA if things
go wrong, it will be only the folks that accepted the risk in a court of
law answering for the lack of due care and due diligence with company
resources and peoples critical information when all is said and done.

Word to the wise, I see this and things like it as the next new
"ticking" timebomb just waiting to go off...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505


-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Thursday, February 10, 2011 2:23 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

We give each user explicit directions to call us first then the Police
so we have a shot at wiping it ASAP.

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, February 10, 2011 2:13 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

Two more words, "NO Battery" = NO remote Wipe, therefore dispense with
that fallacy that its going to save you, because it doesn't do a secure
wipe of the drive itself, which allows an attacker with the phone to
basically hook it up to a device offline and download the information on
the phone and do what they want with it.

Aaron Turner of the IANS faculity is a subject matter expert in these
areas and have put on a lot of talks, and the news is pretty grim atm.

Basically storing any type of sensitive information on the BB, Android,
Iphone, etc etc is like playing Russian roulette with a loaded gun
pointed straight at your face, one of these times it isn't going to go
well for you.

But this is the risk that business continue to take over and over again,
because the users are clammering for these devices, and the
functionality they bring, but are clearly blind to the security and
information disclosure aspects and how the loss, theft of data could be
the business undoing.

Sincerely,
EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org&

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

I recommend that you put in a memorandum format and make the boss
actually sign it with his own hand, if he won't then forward to your
legal department/compliance department if you have one. I agree, always
CYA yourself first. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Thursday, February 10, 2011 2:41 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

We all know you can't solve stupid! That being said I can document that
I told them to follow the protocol, my a$$ get's covered first!
John W. Cook
Systems Administrator
Partnership for Strong Families

- Original Message -----
From: Ziots, Edward 
To: NT System Admin Issues 
Sent: Thu Feb 10 14:33:23 2011
Subject: RE: IPhone attack reveals passwords in six minutes

John, but you know how much users, follow directions, <=0, we been in
this game far too long to know better. Its basically trying to stop
stupid, but even trying to remote wipe, if they have slipped the sim
card or batter, u aren't getting a wipe, and the data ( unencrypted) is
gone, which in some states is a breach notification time.

So how comfortable in a risk-based proposition do we all feel about this
going forward, hopefully not good enough that some careful thoughts and
discussions about the risks they are taking ( Bussiness/Management) ( if
they accept them, they do, its the business choice) but the financial
fallout could be the undoing, along with the liability and tarnished
company image, etc etc.

Make the business accept the risk ( in writing) after a carefully
discussing the issues and documenting them, which is your CYA if things
go wrong, it will be only the folks that accepted the risk in a court of
law answering for the lack of due care and due diligence with company
resources and peoples critical information when all is said and done.

Word to the wise, I see this and things like it as the next new
"ticking" timebomb just waiting to go off...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Thursday, February 10, 2011 2:23 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

We give each user explicit directions to call us first then the Police
so we have a shot at wiping it ASAP.

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, February 10, 2011 2:13 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

Two more words, "NO Battery" = NO remote Wipe, therefore dispense with
that fallacy that its going to save you, because it doesn't do a secure
wipe of the drive itself, which allows an attacker with the phone to
basically hook it up to a device offline and download the information on
the phone and do what they want with it.

Aaron Turner of the IANS faculity is a subject matter expert in these
areas and have put on a lot of talks, and the news is pretty grim atm.

Basically storing any type of sensitive information on the BB, Android,
Iphone, etc etc is like playing Russian roulette with a loaded gun
pointed straight at your face, one of these times it isn't going to go
well for you.

But this is the risk that business continue to take over and over again,
because the users are clammering for these devices, and the
functionality they bring, but are clearly blind to the security and
information disclosure aspects and how the loss, theft of data could be
the business undoing.

Sincerely,
EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: S Powell [mailto:powe...@gmail.com]
Sent: Thursday, February 10, 2011 12:10 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

two words.

remote wipe.

Yep, big security issue, but if someone has physical control of your
device, any device,  you should always consider it compromised.

@THIS STATMENT IS VERIFIABLY INCORRECT

On Thu, Feb 10, 2011 at 08:40, David Lum  wrote:
> What I don't know is if this phone OS is any worse than anything else
in
> use. Anyone care to comment?:
>
>
>
> "Among passwords that could be revealed were those for Google Mail as
an MS
> Exchange account, other MS Exchange accounts, LDAP accounts,
voicemail, VPN
> passwords, WiFi passwords and some App passwords"
>
>
>
>
http://www.computerworld.com/s/article/9208920/IPhone_attack_reveals_pas
swords_in_six_minutes?taxonomyId=85
>
>
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

John, but you know how much users, follow directions, <=0, we been in
this game far too long to know better. Its basically trying to stop
stupid, but even trying to remote wipe, if they have slipped the sim
card or batter, u aren't getting a wipe, and the data ( unencrypted) is
gone, which in some states is a breach notification time. 

So how comfortable in a risk-based proposition do we all feel about this
going forward, hopefully not good enough that some careful thoughts and
discussions about the risks they are taking ( Bussiness/Management) ( if
they accept them, they do, its the business choice) but the financial
fallout could be the undoing, along with the liability and tarnished
company image, etc etc. 

Make the business accept the risk ( in writing) after a carefully
discussing the issues and documenting them, which is your CYA if things
go wrong, it will be only the folks that accepted the risk in a court of
law answering for the lack of due care and due diligence with company
resources and peoples critical information when all is said and done. 

Word to the wise, I see this and things like it as the next new
"ticking" timebomb just waiting to go off...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Thursday, February 10, 2011 2:23 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

We give each user explicit directions to call us first then the Police
so we have a shot at wiping it ASAP.

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, February 10, 2011 2:13 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

Two more words, "NO Battery" = NO remote Wipe, therefore dispense with
that fallacy that its going to save you, because it doesn't do a secure
wipe of the drive itself, which allows an attacker with the phone to
basically hook it up to a device offline and download the information on
the phone and do what they want with it.

Aaron Turner of the IANS faculity is a subject matter expert in these
areas and have put on a lot of talks, and the news is pretty grim atm.

Basically storing any type of sensitive information on the BB, Android,
Iphone, etc etc is like playing Russian roulette with a loaded gun
pointed straight at your face, one of these times it isn't going to go
well for you.

But this is the risk that business continue to take over and over again,
because the users are clammering for these devices, and the
functionality they bring, but are clearly blind to the security and
information disclosure aspects and how the loss, theft of data could be
the business undoing.

Sincerely,
EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: S Powell [mailto:powe...@gmail.com]
Sent: Thursday, February 10, 2011 12:10 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

two words.

remote wipe.

Yep, big security issue, but if someone has physical control of your
device, any device,  you should always consider it compromised.

@THIS STATMENT IS VERIFIABLY INCORRECT

On Thu, Feb 10, 2011 at 08:40, David Lum  wrote:
> What I don't know is if this phone OS is any worse than anything else
in
> use. Anyone care to comment?:
>
>
>
> "Among passwords that could be revealed were those for Google Mail as
an MS
> Exchange account, other MS Exchange accounts, LDAP accounts,
voicemail, VPN
> passwords, WiFi passwords and some App passwords"
>
>
>
>
http://www.computerworld.com/s/article/9208920/IPhone_attack_reveals_pas
swords_in_six_minutes?taxonomyId=85
>
>
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http:

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

I believe the keys are stored on the device itself, so given time, they will 
get the data. According to "Kerckhoffs's Principle"

A cryptosystem should be secure even if everything about the system, except the 
key, is public knowledge.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Thursday, February 10, 2011 12:31 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

>   If data is encrypted with strong crypto, and that crypto's secret
> key is not stored on the device, then that data can generally be
> considered safe even if the device is stolen.
> 
>   In English, that means if the security depends on a strong password
> the user must enter (and not on some magic the manufacturer has
> "hidden" inside the device), the password-protected data is safe.

... Isn't that only partially true? I mean, if the encrypted data is stolen, 
isn't it reasonable to believe it can be cracked given enough time/cpu power? 

I was always told that no encryption is uncrackable given the right resources. 
What you buy with strong cryptography is an expected length of time before it's 
cracked. But, that may be just what I have been told.


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Thu, 10 Feb 2011
09:17:29 -0800
Subject: Re: IPhone attack reveals passwords in six minutes


> On Thu, Feb 10, 2011 at 12:10 PM, S Powell  wrote:
> > Yep, big security issue, but if someone has physical control of your
> > device, any device,  you should always consider it compromised.
> 
>   If data is encrypted with strong crypto, and that crypto's secret
> key is not stored on the device, then that data can generally be
> considered safe even if the device is stolen.
> 
>   In English, that means if the security depends on a strong password
> the user must enter (and not on some magic the manufacturer has
> "hidden" inside the device), the password-protected data is safe.
> 
>   Note also "stolen".  If someone can compromise the software and
> *give it back to you*, so you then continue to use it, all bets are
> off.
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

Two more words, "NO Battery" = NO remote Wipe, therefore dispense with that 
fallacy that its going to save you, because it doesn't do a secure wipe of the 
drive itself, which allows an attacker with the phone to basically hook it up 
to a device offline and download the information on the phone and do what they 
want with it. 

Aaron Turner of the IANS faculity is a subject matter expert in these areas and 
have put on a lot of talks, and the news is pretty grim atm. 

Basically storing any type of sensitive information on the BB, Android, Iphone, 
etc etc is like playing Russian roulette with a loaded gun pointed straight at 
your face, one of these times it isn't going to go well for you. 

But this is the risk that business continue to take over and over again, 
because the users are clammering for these devices, and the functionality they 
bring, but are clearly blind to the security and information disclosure aspects 
and how the loss, theft of data could be the business undoing. 

Sincerely,
EZ

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: S Powell [mailto:powe...@gmail.com] 
Sent: Thursday, February 10, 2011 12:10 PM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

two words.

remote wipe.

Yep, big security issue, but if someone has physical control of your
device, any device,  you should always consider it compromised.

@THIS STATMENT IS VERIFIABLY INCORRECT

On Thu, Feb 10, 2011 at 08:40, David Lum  wrote:
> What I don't know is if this phone OS is any worse than anything else in
> use. Anyone care to comment?:
>
>
>
> "Among passwords that could be revealed were those for Google Mail as an MS
> Exchange account, other MS Exchange accounts, LDAP accounts, voicemail, VPN
> passwords, WiFi passwords and some App passwords"
>
>
>
> http://www.computerworld.com/s/article/9208920/IPhone_attack_reveals_passwords_in_six_minutes?taxonomyId=85
>
>
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: IPhone attack reveals passwords in six minutes

2011-02-10 Thread Ziots, Edward

This is why you expect company information to stay in a encrypted,
protected state that will comply with State and Federal regulations how?

This is the risk when you use a personal use device for corporate use,
and the fallout from it, will soon be known, abiet painfully. 

Remember if we 0wn your device, its not your device anymore, and all
that means is I need to get a piece of malware on your phone, IPAD, BB,
and it doesn't matter if the traffic is encrypted, because I get to see
and inspect and capture it before if even is encrypted, and the user
probably is none the wiser. 

I see the dream scenario when people buy into the "Marketechture" of the
"Hey scan you check into your phone and deposit it in your account"
which I believe BOA and others are touting right now. Malware gets your
routing numbers, and the attacker starts the fun on your back accounts
with a modified banking Trojan, until there is nothing left, and moves
on to the next victim. 

Food for thought, mileage will vary, 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

From: Martin Blackstone [mailto:mblackst...@gmail.com] 
Sent: Thursday, February 10, 2011 12:36 PM
To: NT System Admin Issues
Subject: RE: IPhone attack reveals passwords in six minutes

You are correct.  The device is not encrypted. Just the traffic.

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Thursday, February 10, 2011 9:34 AM
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

But that's just net traffic to and fro correct?  I thought we were
discussing encryption on the device itself, which is not on by default.

 - WJR

On Thu, Feb 10, 2011 at 11:32, Martin Blackstone 
wrote:

All BB traffic is encrypted by default.

From: William Robbins [mailto:dangerw...@gmail.com] 
Sent: Thursday, February 10, 2011 9:31 AM

To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

The big  if  on Berry's is Encryption has to be turned on.  :)

 - WJR

On Thu, Feb 10, 2011 at 11:25, Paul Hutchings
 wrote:

Normally I'd agree but what about devices such as Blackberry where they
use AES encryption and if you enter the password X times incorrectly, it
erases itself?

I ask as Blackberry have some pretty decent government certification
which suggests that unless you have some hefty resource at your disposal
(i.e. agency or state) you're not likely to get far.

(awaits the link showing how an encrypted and password protected
blackberry has been compromised in 5 minutes)

-Original Message-
From: S Powell [mailto:powe...@gmail.com]
Sent: 10 February 2011 17:10
To: NT System Admin Issues
Subject: Re: IPhone attack reveals passwords in six minutes

two words.

remote wipe.

Yep, big security issue, but if someone has physical control of your
device, any device,  you should always consider it compromised.

@THIS STATMENT IS VERIFIABLY INCORRECT

On Thu, Feb 10, 2011 at 08:40, David Lum  wrote:
> What I don't know is if this phone OS is any worse than anything else
> in use. Anyone care to comment?:
>
>
>
> "Among passwords that could be revealed were those for Google Mail as
> an MS Exchange account, other MS Exchange accounts, LDAP accounts,
> voicemail, VPN passwords, WiFi passwords and some App passwords"
>
>
>
> http://www.computerworld.com/s/article/9208920/IPhone_attack_reveals_p
> asswords_in_six_minutes?taxonomyId=85
>
>
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

--
MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 402570
VAT Registration  GB 100 1464 84

The contents of this e-mail are confidential and are solely for the use
of the intended recipient.  If you receive this e-mail in error, please
delete it and notify us either by e-mail, telephone or fax.  You should
not copy, forward or otherwise disclose the content of the e-mail as
this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an e

Update for Autorun functionality on Windows XP, Vista, and Windows 2008

2011-02-10 Thread Ziots, Edward

http://support.microsoft.com/kb/971029

 

You might want to deploy this one with your patch specifications to add
additional protection to your systems from conficker and its offspring. 

 

Advisory, 

http://www.microsoft.com/technet/security/advisory/967940.mspx

 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Superbowl

2011-02-07 Thread Ziots, Edward

But truth is truth, no matter how you dice it...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Monday, February 07, 2011 12:50 PM
To: NT System Admin Issues
Subject: Re: [OT] Superbowl

On Mon, Feb 7, 2011 at 8:13 AM, Ziots, Edward 
wrote:
> Enjoy your win, even though take away the 21 points we "gift-wrapped"
in
> turnovers for you guys and the Steelers win 25-10.

  It always amuses me when people resort to the "We would have won if
we hadn't sucked so much" defense.

  ;-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Superbowl

2011-02-07 Thread Ziots, Edward

I have to say that Aaron Rogers and the Packers Organization are also a
class-act, and their Mr McCarthy should be very proud of what the team
accomplished. That is 2x in a row for the NFC in SB's. 

 

Hopefully well get a chance to change that next year if there is a
season. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Ben Schorr [mailto:b...@rolandschorr.com] 
Sent: Monday, February 07, 2011 8:24 AM
To: NT System Admin Issues
Subject: RE: [OT] Superbowl

 

Hey, take away a few special teams faux paus and the San Diego Chargers
are the Super Bowl Champs this year.  ;-)

 

I will say this; Mike Tomlin is quality.  Great coach, solid character,
class act.  Wish we had him.

 

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com <http://www.rolandschorr.com/> 
b...@rolandschorr.com <mailto:b...@rolandschorr.com> 

Twitter: http://www.twitter.com/bschorr <http://www.twitter.com/bschorr>


Facebook: http://www.facebook.com/rolandschorr
<http://www.facebook.com/rolandschorr>  

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, February 07, 2011 06:13
To: NT System Admin Issues
Subject: RE: [OT] Superbowl

 

Nice one, 

 

But sorry, with Myron Cope upstairs, the Terrible Towel lives forever.  

 

Enjoy your win, even though take away the 21 points we "gift-wrapped" in
turnovers for you guys and the Steelers win 25-10. 

 

Z

 

 

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Bob Hartung [mailto:bhart...@wiscoind.com] 
Sent: Friday, February 04, 2011 4:08 PM
To: NT System Admin Issues
Subject: [OT] Superbowl

 

Ben Rothelisberger, after living a full life, died.  


When he got to heaven, God was showing him around. They came to a modest
little house with a faded Steelers flag in the window.  

 

"This house is yours for eternity, Ben," said God.  "This is very
special; not everyone gets a house up here." Ben felt special, indeed,
and walked up to his house. 

 
On his way up the porch, he noticed another house just around the
corner.  It was a 3-story mansion with a GREEN & 24k GOLD sidewalk, a
50-foot tall flagpole with an enormous silk PACKERS flag, and in every
window, a CHEESEHEAD. 

 
Ben looked at God and said "God, I'm not trying to be ungrateful but I
have a question. I was an all-pro QB, I hold many NFL records, and I
even won a Super Bowl." 

God said "So what's your point, Ben?"  

"Well, why does Aaron Rodgers get a better house than I do ?" 

 

God chuckled, and said: 

"Ben, that's not Aaron's house.. 
it's  Mine." 


GO PACKERS ! 

 


--

Bob Hartung
Wisco Industries, Inc.
736 Janesville St.
Oregon, WI 53575
Tel: (608) 835-3106 x215
Fax: (608) 835-7399
e-mail: bhartung(at)wiscoind.com 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: forecast database growth?

2011-02-07 Thread Ziots, Edward

What datatype are you going to be using to store the XML files in SQL?
BLOB, NTEXT, NVARCHAR? Big Int Small Int? etc etc. Each of these data
types take a certain amount of space, so you could say that an average
of X number of XML messages a day X the average storage for a message
and then extrapolate from there. 

 

Or you can do a pilot and create the database structure the way you want
it, and then put it through its paces and measure the growth from there.


 

The following MSDN article below has information on the data-types. 

 

http://technet.microsoft.com/en-us/library/ms172424.aspx

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Ryan Finnesey [mailto:ryan.finne...@harrierinvestments.com] 
Sent: Saturday, February 05, 2011 7:03 AM
To: NT System Admin Issues
Subject: forecast database growth?

 

Hi All

 

I am hoping the group can help me out.  We will soon be designing an
application that will be holding location information on aircraft in
flight; we will be receiving a large number of XML messages with this
location data that we will process with BizTalk and them feed into SQL.
Are there any tools we can use to forecast database growth?

 

Cheers

Ryan

 


This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise private information. If you have
received it in error, please notify the sender immediately and delete
the original. Any other use of the email by you is prohibited 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Superbowl

2011-02-07 Thread Ziots, Edward

Nice one, 

 

But sorry, with Myron Cope upstairs, the Terrible Towel lives forever.  

 

Enjoy your win, even though take away the 21 points we "gift-wrapped" in
turnovers for you guys and the Steelers win 25-10. 

 

Z

 

 

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Bob Hartung [mailto:bhart...@wiscoind.com] 
Sent: Friday, February 04, 2011 4:08 PM
To: NT System Admin Issues
Subject: [OT] Superbowl

 

Ben Rothelisberger, after living a full life, died.  


When he got to heaven, God was showing him around. They came to a modest
little house with a faded Steelers flag in the window.  

 

"This house is yours for eternity, Ben," said God.  "This is very
special; not everyone gets a house up here." Ben felt special, indeed,
and walked up to his house. 

 
On his way up the porch, he noticed another house just around the
corner.  It was a 3-story mansion with a GREEN & 24k GOLD sidewalk, a
50-foot tall flagpole with an enormous silk PACKERS flag, and in every
window, a CHEESEHEAD. 

 
Ben looked at God and said "God, I'm not trying to be ungrateful but I
have a question. I was an all-pro QB, I hold many NFL records, and I
even won a Super Bowl." 

God said "So what's your point, Ben?"  

"Well, why does Aaron Rodgers get a better house than I do ?" 

 

God chuckled, and said: 

"Ben, that's not Aaron's house.. 
it's  Mine." 


GO PACKERS ! 

 


--

Bob Hartung
Wisco Industries, Inc.
736 Janesville St.
Oregon, WI 53575
Tel: (608) 835-3106 x215
Fax: (608) 835-7399
e-mail: bhartung(at)wiscoind.com 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: [OT] Job Change

2011-02-03 Thread Ziots, Edward

Good lord not Eclinical Works, it's a POTS if I ever seen one. We have
it here, and it's a bear to support and to keep running. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Eldridge, Dave [mailto:d...@parkviewmc.com] 
Sent: Thursday, February 03, 2011 11:46 AM
To: NT System Admin Issues
Subject: RE: [OT] Job Change

 

Must be exciting to be moving into a new arena by choice.

Do stay in touch. Your skill set speaks for itself.

 

I sent this to you last week. When you have a second could you let me
know your thoughts on these.

 

 

Hey we have been having lots of corruption issues in ecw lately. Most
recently our faxserver has gone into a loop and quickly run out of disk
space. Their recommendation is to migrate the db on the fax server to
InnoDB from the current MyISAM db. Have you had experience with this
newer db?

 

Also they want to upgrade our database server to this also.

Are you on version 9.0 yet?

I saw one of your posts yesterday that you have everything on ecw
virtualized except your db server(s). How long have you had a physical
box running your db(s)? that is also a recommendation being pushed onto
us also.

Appreciate your feedback.

 

Again good luck.

 

dave

 

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Thursday, February 03, 2011 9:37 AM
To: NT System Admin Issues
Subject: Re: [OT] Job Change

 

Thanks guys! Dave - I wish you well with eCW. I'll do my best to provide
what little bit of insight I can. This list has been an invaluable
resource to me, and I hope to be able to continue to contribute to it
and benefit from it.

 

Jonathan

On Thu, Feb 3, 2011 at 11:34 AM, Eldridge, Dave 
wrote:

Absolutely congrats. I hope you continue to add value to this list.
Good luck.

Dave


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]

Sent: Thursday, February 03, 2011 9:24 AM
To: NT System Admin Issues
Subject: [OT] Job Change

Hi everyone,

This will be my last post from this email address, however I've
subscribed on this list as ncmcse [AT] gmail.com for those of you with
whom I've corresponded. I'm leaving the private healthcare sector and
moving back over to the vendor side. I tendered my resignation with
Eagle Physicians. My last day here will be March 2, and my first day
with NWN Corporation will be March 7th. 'll be a Senior Solutions
Engineer on the internal IT Department for NWN, and I'm excited!

I'm also on LinkedIn - if you send me an invite on LinkedIn, please
reference that we've corresponded by the NT SysAdmin list in case I
don't recognize your name right off.

Cheers!

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
www.eaglemds.com
jra...@eaglemds.com

Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the  company. Warning: Although precautions have been
taken to make sure no viruses are present in this email, the company
cannot accept responsibility for any loss or damage that arise from the
use of this email or attachments.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
Jonathan, A+, MCSA, MCSE

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.co

RE: [OT] Job Change

2011-02-03 Thread Ziots, Edward

Gratz, 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Thursday, February 03, 2011 11:24 AM
To: NT System Admin Issues
Subject: [OT] Job Change

Hi everyone,

This will be my last post from this email address, however I've
subscribed on this list as ncmcse [AT] gmail.com for those of you with
whom I've corresponded. I'm leaving the private healthcare sector and
moving back over to the vendor side. I tendered my resignation with
Eagle Physicians. My last day here will be March 2, and my first day
with NWN Corporation will be March 7th. 'll be a Senior Solutions
Engineer on the internal IT Department for NWN, and I'm excited!

I'm also on LinkedIn - if you send me an invite on LinkedIn, please
reference that we've corresponded by the NT SysAdmin list in case I
don't recognize your name right off.

Cheers!

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
www.eaglemds.com
jra...@eaglemds.com

Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Processor Queue Length counter

2011-02-03 Thread Ziots, Edward

It aint Mularkey, when people complain your systems are slow and you
don't have the tools/counters to show them they are full of Shite...

 

BTW: Look at PAL from Codeplex it's a good tool to run your Performance
Logs through. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, February 03, 2011 9:08 AM
To: NT System Admin Issues
Subject: Re: Processor Queue Length counter

 

Nice one, thanks for that, I am slowly starting to get my head around
this testing and baselining mularkey :-)

On 3 February 2011 13:58, Ziots, Edward  wrote:

James, 

 

>From the following M$ Kbase

 

http://technet.microsoft.com/en-us/library/cc768048.aspx

 

*   System : Processor Queue Length. Oddly enough, this processor
counter shows up under the System object, but not without good reason.
There is only 1 queue for tasks that need to go to the processor, even
if there is more than one CPU. Thus, counter provides a measure of the
instantaneous size of the queue for all processors at the moment that
the measurement was taken. The resulting value is a measure of how many
threads are in the Ready state waiting to be processed. When dealing
with queues, if the value exceeds 2 for a sustained period, you are
definitely having a problem with the resource in question.

So I would say that a constant value of 40 to 50 would be an issue.
Here are some guidelines that are utilized in our RAP ( rapid Assessment
Programs) for SQL from Microsoft Premier Engineers. 

System

Processor Queue Length

< 4 per CPU

For standard servers with long Quantums
<= 4 per CPU Excellent
< 8 per CPU Good
< 12 per CPU  Fair

 

So with your 16 CPU ( assuming a QUAD, Quad Core Server, the value you
are looking to be under is 64, which you are.  So this might defintely
be oks here.  

 

Z

 

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, February 03, 2011 8:44 AM
To: NT System Admin Issues
Subject: Processor Queue Length counter

 

If I have a server with 16 CPUs, and I am measuring the Processor Queue
Length counter to check performance, do I need to divide the total queue
length by 16 to get a true indication of the level it is at, or is it
accurate? I am using Citrix EdgeSight 5.3 to measure this, if it makes
any difference. My Processor Queue Length is regularly up to 40 or 50.

TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons with
low self-esteem, no sense of humour or irrational religious beliefs. If
you are not the intended recipient, any dissemination, distribution or
copying of this email is not authorised (either explicitly or
implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear
of the unknown will be gratified to learn that there is no hidden
message revealed by reading this warning backwards, so just ignore that
Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you
have received this email in error, please add some nutmeg and egg
whites, whisk and place in a warm oven for 40 minutes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answer

RE: Processor Queue Length counter

2011-02-03 Thread Ziots, Edward

James, 

 

>From the following M$ Kbase

 

http://technet.microsoft.com/en-us/library/cc768048.aspx

 

*   System : Processor Queue Length. Oddly enough, this processor
counter shows up under the System object, but not without good reason.
There is only 1 queue for tasks that need to go to the processor, even
if there is more than one CPU. Thus, counter provides a measure of the
instantaneous size of the queue for all processors at the moment that
the measurement was taken. The resulting value is a measure of how many
threads are in the Ready state waiting to be processed. When dealing
with queues, if the value exceeds 2 for a sustained period, you are
definitely having a problem with the resource in question.

So I would say that a constant value of 40 to 50 would be an issue.
Here are some guidelines that are utilized in our RAP ( rapid Assessment
Programs) for SQL from Microsoft Premier Engineers. 

System

Processor Queue Length

< 4 per CPU

For standard servers with long Quantums
<= 4 per CPU Excellent
< 8 per CPU Good
< 12 per CPU  Fair

 

So with your 16 CPU ( assuming a QUAD, Quad Core Server, the value you
are looking to be under is 64, which you are.  So this might defintely
be oks here.  

 

Z

 

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, February 03, 2011 8:44 AM
To: NT System Admin Issues
Subject: Processor Queue Length counter

 

If I have a server with 16 CPUs, and I am measuring the Processor Queue
Length counter to check performance, do I need to divide the total queue
length by 16 to get a true indication of the level it is at, or is it
accurate? I am using Citrix EdgeSight 5.3 to measure this, if it makes
any difference. My Processor Queue Length is regularly up to 40 or 50.

TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons with
low self-esteem, no sense of humour or irrational religious beliefs. If
you are not the intended recipient, any dissemination, distribution or
copying of this email is not authorised (either explicitly or
implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear
of the unknown will be gratified to learn that there is no hidden
message revealed by reading this warning backwards, so just ignore that
Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you
have received this email in error, please add some nutmeg and egg
whites, whisk and place in a warm oven for 40 minutes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Latest Microsoft 0 day flaw

2011-01-28 Thread Ziots, Edward

http://www.microsoft.com/technet/security/advisory/2501696.mspx

 

Heads up gang, this one has potential for XSS, Informational Disclosure
and its publically disclosed and has proof of concept attack code
available. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows SysInternals: ListDLLs v3.0 & Handle v3.43

2011-01-21 Thread Ziots, Edward

I agree, I remember a few Tech Ed's ago when he was showing some of the
coding he was doing for 64bit versions of the tools set, and it caused
his presentation laptop ( X64 XP to blue screen) basically he laughed it
off in the process of speaking to like 1,200 people in a large
auditorium in at the Convention Center in Orlando Flordia. 

As an extra treat, he basically did a Crash dump analysis of his own
dump with the tools and found out by the end of the presentation what
was the root cause of the blue screen. 

Honestly, Mark is a class-act a really nice guy and wicked smart...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Thursday, January 20, 2011 6:28 PM
To: NT System Admin Issues
Subject: RE: Windows SysInternals: ListDLLs v3.0 & Handle v3.43

I've been to one of his speeches as well... no one on one time with him,
but great dude.

Good books too... I've read all the "Inside NT/Win" books since Helen
Custer's original, and then when he and Solomon continued the series.

-sc

-Original Message-
From: Webster [mailto:carlwebs...@gmail.com] 
Sent: Thursday, January 20, 2011 4:54 PM
To: NT System Admin Issues
Subject: RE: Windows SysInternals: ListDLLs v3.0 & Handle v3.43

My Mark R. story.

I attended a Mark R. & David S. pre TechEd event back in 2004.  At
TechEd
2006 I met Mark R. waiting for a shuttle bus.  I mentioned that I had
attended his mind dumbing 6 hour long crash dump analysis class at
TechEd 2004.  Mark asked a lot of questions about what I thought about
the class, him, David, their presentation style, class materials, what I
thought, what did I learn, etc, etc.  Instead of a "umm, thanks for
attending" response, I got to spend probably close to 10 minutes with
him because, I felt, he was deeply interested in seeing if he/they could
have done a better job.  Nice.


Webster

> -Original Message-
> From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> Subject: RE: Windows SysInternals: ListDLLs v3.0 & Handle v3.43
> 
> +1
> 
> I don't know Mark Russinovich, nor have I ever met him, but he strikes

> me
as
> the kind of guy who really cares and would take the time to help if he
can.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: RE: DHCP reservations explained...

2011-01-19 Thread Ziots, Edward

Then go with Bluecat Devices... if you want the HA with your DHCP.. We
are doing that here with 2 Bluecat Appliances. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Tuesday, January 18, 2011 2:38 PM
To: NT System Admin Issues
Subject: Re: RE: DHCP reservations explained...

 

Right @ 100 servers. Haven't been burned, but I'm not thrilled about
lack of true failover/redundancy in DHCP in W2k3.  80/20 doesn't cut it,
IMHO.

On Jan 18, 2011 2:34 PM, "David Lum"  wrote:
> +1. For same reasons.
> 
> Jonathan I'm guessing you've been burned by DHCP issues in the past,
or have few enough servers it's not too inconvenient?
> 
> Dave
> 
> From: Erik Goldoff [mailto:egold...@gmail.com]
> Sent: Tuesday, January 18, 2011 11:16 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
> 
> I've always liked DHCP reservations over static IP addresses for
servers where possible for ease of management
> Single view of most servers from DHCP client list
> simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server
> less likely to experience IP in use conflict from out of date tracking
spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP
address to cross verify against name resolution.
> On Tue, Jan 18, 2011 at 2:06 PM, David Lum
mailto:david@nwea.org>> wrote:
> The other day someone commented that it seemed like a bit much that
50% of my 100-ish servers have DHCP reservations - driving home
yesterday I realized another reason why I have it that way (because yes,
I chew on these questions and constantly evaluate why I do some process
or another) - because my fellow SE's have their server monitoring set up
to look at specific IP's instead of hostnames and I am unable to
convince them otherwise. If the server IP changes it hoses their tests
and the dependencies.
> 
> It's not how I set *MY* monitoring up for servers I maintain, but I
have posted that question here in fact and have seen differing opinions
on weather hostname or IP is preferred.
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to
listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to
listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Perhaps the BEST hotfix ever that you may need to install

2011-01-17 Thread Ziots, Edward

Fear, 

I remember programming in Fortran for Mechanical Engineering at Penn State, and 
that was a pain, fear working with Punch Cards...

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Sunday, January 16, 2011 6:24 PM
To: NT System Admin Issues
Subject: RE: Perhaps the BEST hotfix ever that you may need to install

I remember trudging through that blizzard with a pocket full of FORTRAN punch 
cards at Michigan State to the computer building to see if my program would run.

From: Evan Brastow [ebras...@automatedemblem.com]
Sent: Saturday, January 15, 2011 9:12 AM
To: NT System Admin Issues
Subject: RE: Perhaps the BEST hotfix ever that you may need to install

Yup, the Blizzard of ’78. I was 6 also (well, 5, now that I think about it. I 
wouldn’t turn 6 until April of ’78 and the blizzard was in February) and I 
remember my father opening up the garage door, and with the way the snow had 
drifted, it ust COVERED the entire opening of the dooor. The door was wide 
open, and the garage was still dark.. lol

Evan

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Friday, January 14, 2011 9:56 PM
To: NT System Admin Issues
Subject: Re: Perhaps the BEST hotfix ever that you may need to install

In 1978 I remember a really big blizzard, jumping off the roofs of houses into 
snow piles, and snowmobiling - oh, and best of all, no school for a WEEK 
straight because they couldnt clear the roads (in Cambridge, MA).

I was 6, and that's my memory highlight!

--
ME2

On Fri, Jan 14, 2011 at 6:32 PM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
The first computer I built – in 1978 – had 4 KB of RAM and a 40 character 
hexadecimal display with a hex input keypad. It cost me all my money (I was in 
high-school working part time) for a couple of months.

But it put me on the path I still follow today! ☺

But yes – you are old.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Jeff Steward [mailto:jstew...@gmail.com]
Sent: Friday, January 14, 2011 9:23 PM
To: NT System Admin Issues
Subject: Re: Perhaps the BEST hotfix ever that you may need to install

Holy smokes!  1TB of RAMwhen I started programming we had a whopping 32k to 
use.  It is not that I'm old, it is that technology is moving so fast...right?

-Jeff Steward
On Fri, Jan 14, 2011 at 9:16 PM, Jonathan 
mailto:ncm...@gmail.com>> wrote:

Swt!
On Jan 14, 2011 9:15 PM, "Michael B. Smith" 
mailto:mich...@smithcons.com>> wrote:
> http://support.microsoft.com/kb/980598
>
> Windows Server 2008 R2 cannot be installed or started on a computer that has 
> 1 TB or more of RAM
>
> HAHAHAHAHAHAHAHAHA
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: domain controller in the cloud???

2011-01-11 Thread Ziots, Edward

Brings up a good point, that Identity and Access Management is a big
thing in the cloud, which means your authentication, authorization and
access requirements will go up, along with the right to Audit. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Tuesday, January 11, 2011 12:56 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???


If you decide to go cloud, this is a domain controller in the cloud

http://www.okta.com/ 

Warm regards,

Stu


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net] 
Sent: Monday, January 10, 2011 11:44 AM
To: NT System Admin Issues
Subject: domain controller in the cloud???

We are a private k-8 school and we have a board member who is telling us
that we should not buy any new servers to replace the current ones, he
says everything is moving to the cloud and so should our stuff(user
folders, authenication AD win 2003 R2 and Exchange 2003 is what we're
using, they want to move to gmail but there's no central management
there I know of,and offsite backups only.) We have about 350-400
students and faculty and they want to be on the bandwagon to the cloud I
think without understanding everything about it(I'm not entirely clear
either) and was looking for thoughts and opinions or resources.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

..
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: domain controller in the cloud???

2011-01-11 Thread Ziots, Edward

You would be surprised that some can't when you look at them closely. Either 
that or the vendors can't prove it. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, January 11, 2011 12:53 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

 

Yeah. Any real EMR will meet those criteria. We have audit trails the likes of 
which you wouldn't believe (or then again maybe you would). We can, have, and 
will terminate employment for anyone caught looking where they shouldn't.

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

________

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, January 11, 2011 12:48 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

 

Aren't EMR's fun. 

 

Now add the auditing requirements that tell whom looked and or updated any 
patient record ( by field, with old values and new values) and keep that for 
the life of the patient, and there you have a real treat. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, January 11, 2011 11:56 AM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

 

We digitized the "pertinent" [1] information from the old charts, and are 
storing the paper for an as yet undetermined amount of time. 

 

However, nothing new is being added to the old chart. So, it is entirely 
possible that we have patients approaching 2 years old that have no physical 
paper trail whatsoever as far as medical history within our organization goes, 
except for any paper statements that may have been mailed out.

 

[1] - last physical, medication lists, known drug allergies, etc - and anything 
else the physician deemed important enough to scan in.

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  



From: Charles Whitby [mailto:charles.whi...@gmail.com] 
Sent: Tuesday, January 11, 2011 11:35 AM
To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

 

Sleep robbing, becoming a third world country overnight kinda scary.

In your move to all electronic did you digitize all of your old dead-tree 
charts?

On Tue, Jan 11, 2011 at 11:31 AM, Raper, Jonathan - Eagle  
wrote:

That was actually the first thing that came to mind, followed closely by some 
act of war/terrorism, or some kind of nuclear "accident".

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 



From: Charles Whitby [mailto:charles.whi...@gmail.com] 
Sent: Tuesday, January 11, 2011 11:22 AM
To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

 

Coronal Mass Ejection for instance?

On Tue, Jan 11, 2011 at 11:13 AM, Raper, Jonathan - Eagle  
wrote:

"It's a concern I continue to have, even as I advocate the technology for its 
technical merits."


I know that feeling, that's for sure. I've just converted a 70 doc medical 
practice to an all electronic system, of which I was and still am a strong 
advocate. Paper charts here are, for all intents and purposes, a thing of the 
past. It's great, access to information (potentially lifesaving) is almost 
instantaneous from anywhere in the world as long as you've got a decent 
internet connection and can run a Citrix plugin. It's great - as long as it is 
accessible.

 

However, I have this sinking feeling that one day, something cataclysmic will 
happen and nothing (electronic) will work. Maybe in the next few years, maybe 
not. Either for a prolonged period of time, or even indefinitely. Perhaps it 
will be a localized event that will take our data center down, or maybe 
something on a larger scale - conspiracy theories abound about end of days type 
stuff. Just because it has never happened in our recorded history, does that 
make it really so far fetched? No, I'm not off the deep end (at least not yet 
anyway), but us making ourselves more and more dependent on technology (not to 
mention the government) can and does have its drawbacks...

 

Kinda funny how we can paint ourselves into a corner, isn't it?

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eagle

RE: domain controller in the cloud???

2011-01-11 Thread Ziots, Edward

Aren't EMR's fun. 

Now add the auditing requirements that tell whom looked and or updated any 
patient record ( by field, with old values and new values) and keep that for 
the life of the patient, and there you have a real treat. 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, January 11, 2011 11:56 AM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

We digitized the "pertinent" [1] information from the old charts, and are 
storing the paper for an as yet undetermined amount of time. 

However, nothing new is being added to the old chart. So, it is entirely 
possible that we have patients approaching 2 years old that have no physical 
paper trail whatsoever as far as medical history within our organization goes, 
except for any paper statements that may have been mailed out.

[1] - last physical, medication lists, known drug allergies, etc - and anything 
else the physician deemed important enough to scan in.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

From: Charles Whitby [mailto:charles.whi...@gmail.com] 
Sent: Tuesday, January 11, 2011 11:35 AM
To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

Sleep robbing, becoming a third world country overnight kinda scary.

In your move to all electronic did you digitize all of your old dead-tree 
charts?

On Tue, Jan 11, 2011 at 11:31 AM, Raper, Jonathan - Eagle  
wrote:

That was actually the first thing that came to mind, followed closely by some 
act of war/terrorism, or some kind of nuclear "accident".

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 

From: Charles Whitby [mailto:charles.whi...@gmail.com] 
Sent: Tuesday, January 11, 2011 11:22 AM
To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

Coronal Mass Ejection for instance?

On Tue, Jan 11, 2011 at 11:13 AM, Raper, Jonathan - Eagle  
wrote:

"It's a concern I continue to have, even as I advocate the technology for its 
technical merits."

I know that feeling, that's for sure. I've just converted a 70 doc medical 
practice to an all electronic system, of which I was and still am a strong 
advocate. Paper charts here are, for all intents and purposes, a thing of the 
past. It's great, access to information (potentially lifesaving) is almost 
instantaneous from anywhere in the world as long as you've got a decent 
internet connection and can run a Citrix plugin. It's great - as long as it is 
accessible.

However, I have this sinking feeling that one day, something cataclysmic will 
happen and nothing (electronic) will work. Maybe in the next few years, maybe 
not. Either for a prolonged period of time, or even indefinitely. Perhaps it 
will be a localized event that will take our data center down, or maybe 
something on a larger scale - conspiracy theories abound about end of days type 
stuff. Just because it has never happened in our recorded history, does that 
make it really so far fetched? No, I'm not off the deep end (at least not yet 
anyway), but us making ourselves more and more dependent on technology (not to 
mention the government) can and does have its drawbacks...

Kinda funny how we can paint ourselves into a corner, isn't it?

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, January 11, 2011 10:55 AM

To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

Indeed...It's a concern I continue to have, even as I advocate the 
technology for its technical merits.

ASB (My Bio via About.Me  ) 
Exploiting Technology for Business Advantage...

On Tue, Jan 11, 2011 at 10:47 AM, Raper, Jonathan - Eagle  
wrote:

Thought provoking, if nothing else.

Thanks for sharing, Angus.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

-Original Message-

From: Angus Scott-Fleming [mailto:angu...@geoapps.com]
Sent: Tuesday, January 11, 2011 10:44 AM
To: NT System Admin Issues
Subject: Re: domain controller in the cloud???

On 10 Jan 2011 at 11:43, techconnect  wrote:

> We are a private k-8 school and we have a board member who is telling us
> that we should not buy any new servers to replace the current ones, he says
> everything is moving to the cloud and so should our stuff(user folders,
> authenication A

RE: domain controller in the cloud???

2011-01-11 Thread Ziots, Edward

I just sent it to you. 

Grin :) 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, January 11, 2011 11:53 AM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

Damnit, I hate when I reply to the list instead of in the
individual...too  many lists and not all act the same..

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, January 10, 2011 11:30 AM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

If you would like this slide deck ( so as not to kill the listserv)
please email me directly. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Monday, January 10, 2011 1:00 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

Please share!

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, January 10, 2011 12:56 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

I have a slide deck written for ISACA NE that I can share if you want it
to review the issues with moving to the cloud, which should give you
talking points.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, January 10, 2011 12:51 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

There is a lot of things you need to look at if and when moving your
resources to the cloud. Just because a member of your board says moving
to the cloud is the way to go, doesn't make it so.

There are a lot of things to consider:

1) Availability ( of your resources) and of the cloud provider ( needs
to be put in SLA) ( what happens when a major Internet ISP or link goes
down which affects your availability? ( Is it the fault of the cloud
provider? ( Not really, but the customer might not be able to get to
their systems, which means availability is not assured)
2) Data Management ( of your servers) and encryption ( needs to be put
in SLA)
3) Right to Audit ( of their processes) ( don't take a SAS 70 or SSAE 16
part 1/2, for face value)
4) Compliance ( Legal requirements) ( Most auditors don't know how to
audit systems in the cloud, so how are you going to stay compliant? (
try PCI DSS for example)
5) How do you get your data and systems out of the cloud if you have to
terminate your contract with the cloud provider, or want to move to
another cloud provider?
6) Vetting process of the cloud provider when hiring staff that has
access to your systems and data? And probably a lot of others also? (
You don't know this, and they aren't going to tell you either in most
cases)

Just food for thought, but again its all about risk, and how much you
are willing to take, that and giving up control.

Z


Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net]
Sent: Monday, January 10, 2011 11:44 AM
To: NT System Admin Issues
Subject: domain controller in the cloud???

We are a private k-8 school and we have a board member who is telling us
that we should not buy any new servers to replace the current ones, he
says everything is moving to the cloud and so should our stuff(user
folders, authenication AD win 2003 R2 and Exchange 2003 is what we're
using, they want to move to gmail but there's no central management
there I know of,and offsite backups only.) We have about 350-400
students and faculty and they want to be on the bandwagon to the cloud I
think without understanding everything about it(I'm not entirely clear
either) and was looking for thoughts and opinions or resources.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmi

RE: domain controller in the cloud???

2011-01-10 Thread Ziots, Edward

Jason, 

You aren't the only one that thinks this way and with good reason. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net] 
Sent: Monday, January 10, 2011 1:05 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

I think you nailed it about the board member, i just wanted some points to come 
back with other than it doesn't feel right. 
And as far as google I think they are a wolf in sheeps clothing, their data 
mining efforts who really knows what they do with it all until someone uncovers 
something like them not wanting to get rid of data they picked up wifi 
searching. If an indiviual was doing that the repercussions for him would be 
different.

Security and the possesion of resources are my motives, i know i have issues.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: domain controller in the cloud???

2011-01-10 Thread Ziots, Edward

If you would like this slide deck ( so as not to kill the listserv)
please email me directly. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Monday, January 10, 2011 1:00 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

Please share!

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, January 10, 2011 12:56 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

I have a slide deck written for ISACA NE that I can share if you want it
to review the issues with moving to the cloud, which should give you
talking points.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, January 10, 2011 12:51 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

There is a lot of things you need to look at if and when moving your
resources to the cloud. Just because a member of your board says moving
to the cloud is the way to go, doesn't make it so.

There are a lot of things to consider:

1) Availability ( of your resources) and of the cloud provider ( needs
to be put in SLA) ( what happens when a major Internet ISP or link goes
down which affects your availability? ( Is it the fault of the cloud
provider? ( Not really, but the customer might not be able to get to
their systems, which means availability is not assured)
2) Data Management ( of your servers) and encryption ( needs to be put
in SLA)
3) Right to Audit ( of their processes) ( don't take a SAS 70 or SSAE 16
part 1/2, for face value)
4) Compliance ( Legal requirements) ( Most auditors don't know how to
audit systems in the cloud, so how are you going to stay compliant? (
try PCI DSS for example)
5) How do you get your data and systems out of the cloud if you have to
terminate your contract with the cloud provider, or want to move to
another cloud provider?
6) Vetting process of the cloud provider when hiring staff that has
access to your systems and data? And probably a lot of others also? (
You don't know this, and they aren't going to tell you either in most
cases)

Just food for thought, but again its all about risk, and how much you
are willing to take, that and giving up control.

Z


Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net]
Sent: Monday, January 10, 2011 11:44 AM
To: NT System Admin Issues
Subject: domain controller in the cloud???

We are a private k-8 school and we have a board member who is telling us
that we should not buy any new servers to replace the current ones, he
says everything is moving to the cloud and so should our stuff(user
folders, authenication AD win 2003 R2 and Exchange 2003 is what we're
using, they want to move to gmail but there's no central management
there I know of,and offsite backups only.) We have about 350-400
students and faculty and they want to be on the bandwagon to the cloud I
think without understanding everything about it(I'm not entirely clear
either) and was looking for thoughts and opinions or resources.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the i

RE: domain controller in the cloud???

2011-01-10 Thread Ziots, Edward

I have a slide deck written for ISACA NE that I can share if you want it to 
review the issues with moving to the cloud, which should give you talking 
points. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, January 10, 2011 12:51 PM
To: NT System Admin Issues
Subject: RE: domain controller in the cloud???

There is a lot of things you need to look at if and when moving your resources 
to the cloud. Just because a member of your board says moving to the cloud is 
the way to go, doesn't make it so. 

There are a lot of things to consider: 

1) Availability ( of your resources) and of the cloud provider ( needs to be 
put in SLA) ( what happens when a major Internet ISP or link goes down which 
affects your availability? ( Is it the fault of the cloud provider? ( Not 
really, but the customer might not be able to get to their systems, which means 
availability is not assured)
2) Data Management ( of your servers) and encryption ( needs to be put in SLA)
3) Right to Audit ( of their processes) ( don’t take a SAS 70 or SSAE 16 part 
1/2, for face value)
4) Compliance ( Legal requirements) ( Most auditors don't know how to audit 
systems in the cloud, so how are you going to stay compliant? ( try PCI DSS for 
example)
5) How do you get your data and systems out of the cloud if you have to 
terminate your contract with the cloud provider, or want to move to another 
cloud provider?
6) Vetting process of the cloud provider when hiring staff that has access to 
your systems and data? And probably a lot of others also? ( You don't know 
this, and they aren't going to tell you either in most cases)

Just food for thought, but again its all about risk, and how much you are 
willing to take, that and giving up control. 

Z


Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net] 
Sent: Monday, January 10, 2011 11:44 AM
To: NT System Admin Issues
Subject: domain controller in the cloud???

We are a private k-8 school and we have a board member who is telling us that 
we should not buy any new servers to replace the current ones, he says 
everything is moving to the cloud and so should our stuff(user folders, 
authenication AD win 2003 R2 and Exchange 2003 is what we're using, they want 
to move to gmail but there's no central management there I know of,and offsite 
backups only.) We have about 350-400 students and faculty and they want to be 
on the bandwagon to the cloud I think without understanding everything about 
it(I'm not entirely clear either) and was looking for thoughts and opinions or 
resources.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: domain controller in the cloud???

2011-01-10 Thread Ziots, Edward

There is a lot of things you need to look at if and when moving your resources 
to the cloud. Just because a member of your board says moving to the cloud is 
the way to go, doesn't make it so. 

There are a lot of things to consider: 

1) Availability ( of your resources) and of the cloud provider ( needs to be 
put in SLA) ( what happens when a major Internet ISP or link goes down which 
affects your availability? ( Is it the fault of the cloud provider? ( Not 
really, but the customer might not be able to get to their systems, which means 
availability is not assured)
2) Data Management ( of your servers) and encryption ( needs to be put in SLA)
3) Right to Audit ( of their processes) ( don’t take a SAS 70 or SSAE 16 part 
1/2, for face value)
4) Compliance ( Legal requirements) ( Most auditors don't know how to audit 
systems in the cloud, so how are you going to stay compliant? ( try PCI DSS for 
example)
5) How do you get your data and systems out of the cloud if you have to 
terminate your contract with the cloud provider, or want to move to another 
cloud provider?
6) Vetting process of the cloud provider when hiring staff that has access to 
your systems and data? And probably a lot of others also? ( You don't know 
this, and they aren't going to tell you either in most cases)

Just food for thought, but again its all about risk, and how much you are 
willing to take, that and giving up control. 

Z


Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: techconnect [mailto:techconn...@bellsouth.net] 
Sent: Monday, January 10, 2011 11:44 AM
To: NT System Admin Issues
Subject: domain controller in the cloud???

We are a private k-8 school and we have a board member who is telling us that 
we should not buy any new servers to replace the current ones, he says 
everything is moving to the cloud and so should our stuff(user folders, 
authenication AD win 2003 R2 and Exchange 2003 is what we're using, they want 
to move to gmail but there's no central management there I know of,and offsite 
backups only.) We have about 350-400 students and faculty and they want to be 
on the bandwagon to the cloud I think without understanding everything about 
it(I'm not entirely clear either) and was looking for thoughts and opinions or 
resources.

Thanks,
Jason
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: How about this for an uptime

2011-01-10 Thread Ziots, Edward

I just built it this morning. 

 

And yes it reset itself, after patching, etc etc. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Monday, January 10, 2011 11:17 AM
To: NT System Admin Issues
Subject: Re: How about this for an uptime

 

Did the time/date get reset since you initially built the server?


 

ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 





On Mon, Jan 10, 2011 at 10:43 AM, Ziots, Edward 
wrote:

uptime \\lswebdev

\\lswebdev has been up for: 0 day(s), 1193046 hour(s), 71582772
minute(s), -17 second(s)

 

This is a server I just built, I found the output to be quite humorous.
So many hours but just can't make a day of it. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

How about this for an uptime

2011-01-10 Thread Ziots, Edward

uptime \\lswebdev

\\lswebdev has been up for: 0 day(s), 1193046 hour(s), 71582772
minute(s), -17 second(s)

 

This is a server I just built, I found the output to be quite humorous.
So many hours but just can't make a day of it. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Checking disk capacity remotely

2011-01-10 Thread Ziots, Edward

psinfo -d \\pcname   | findstr /I "C:"

 

Loop it through with the for command in a batch file and should output
the disk space accordingly that is free. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Mark Robinson [mailto:mark.robin...@cips.org] 
Sent: Monday, January 10, 2011 7:55 AM
To: NT System Admin Issues
Subject: Checking disk capacity remotely

 

Hi,

 

I wonder if you can help please.  I need to determine the free disk
capacity on 100+ networked PC's before we upgrade to Office 2010.  Does
anyone know of a free tool that I can use which will to scan these
machines remotely and determine and report on free disk space?   Don't
want to have to manage each machine remotely in turn using remote
desktop software if I can help it. 

 

Many thanks,

 

Mark

IMPORTANT INFORMATION

   
Internet communications are not secure and therefore CIPS does not
accept legal responsibility for the contents of any e-mail message sent
via this medium. The content of any e-mail communication is the view of
the individual and CIPS does not accept legal liability for the
contents. Although this message and any attachments are believed to be
free of virus or other defect that might affect any computer system into
which it is received and opened, it is the responsibility of the
recipient to ensure that it is virus free and no responsibility is
accepted by CIPS for any loss or damage in any way arising from its use.



CIPS runs the following software packages: MS Office Suite 2003, MS
Visio 2003, MS Project 2002. Please ensure that any files you send are
compatible. 

   
The Chartered Institute of Purchasing & Supply (CIPS) is an organisation
incorporated under Royal Charter and is based at Easton House, Easton on
the Hill, Stamford, Lincs PE9 3NZ, tel: +44 (0)1780 756777, and is a
registered Charity number 1017938. CIPS Services Limited is a wholly
owned subsidiary company of CIPS, registered in England under number
2610367 and is registered at the address shown above. Both organisations
operate under a group VAT registration number: 3426 489 42.

 

-- 
Scanned by iCritical. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: AD and firewall ports

2011-01-07 Thread Ziots, Edward

Yeah it depends on how you want to design your network and how security
conscious paranoid you want to be.  

 

DMZ can be inside, you are just separating areas of trust, or lack
thereof in the below example. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Webster [mailto:carlwebs...@gmail.com] 
Sent: Friday, January 07, 2011 4:21 PM
To: NT System Admin Issues
Subject: RE: AD and firewall ports

 

I did some work for a member of the Global Fortune 15 where there
network was:

 

Internet -> FW -> perimeter servers -> FW -> DCs -> FW -> member servers
-> FW -> PCs

 

I couldn't ping by NetBIOS name or FQDN DC1 sitting above DC2 in the
same rack because DNS was in the perimeter network.  And they wonder why
they had name resolution issues!

 

 

Webster

 

From: Free, Bob [mailto:r...@pge.com] 
Subject: RE: AD and firewall ports

 

Agreed, the old M&M paradigm is long gone. The other thing I find
intriguing about this thread is that the proximity of the OP's DMZ to
the internet is unknown,  let alone its intended purpose. The classic
definition of a DMZ only standing between an internal network and the
internet is no longer valid. I have DCs in DMZs on the main network,
heck I have one environment where all the DCs in the forest are in DMZs,
there are firewalls all over the place and the internet isn't even part
of the equation. 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DNS oddities

2011-01-07 Thread Ziots, Edward

Also you can see how the DNS suffixs work when you set the D2 switch on
nslookup. 

 

 

See the example below:

> set type=A

> set D2

> set d2

> google.com

Server:  DNS_SERVER

Address:  Address

 



SendRequest(), len 50

HEADER:

opcode = QUERY, id = 2, rcode = NOERROR

header flags:  query, want recursion

questions = 1,  answers = 0,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com.Domain.Domain.org, type = A, class = IN

 





Got answer (121 bytes):

HEADER:

opcode = QUERY, id = 2, rcode = NXDOMAIN

header flags:  response, auth. answer, want recursion, recursion
avail.

questions = 1,  answers = 0,  authority records = 1,  additional
= 0

 

QUESTIONS:

google.com.lsmaster.lifespan.org, type = A, class = IN

AUTHORITY RECORDS:

->  lsmaster.lifespan.org

type = SOA, class = IN, dlen = 38

ttl = 3600 (1 hour)

primary name server = DNS SERVER

responsible mail addr = admin.lifespan.org

serial  = 2007665889

refresh = 900 (15 mins)

retry   = 600 (10 mins)

expire  = 86400 (1 day)

default TTL = 900 (15 mins)

 





SendRequest(), len 41

HEADER:

opcode = QUERY, id = 3, rcode = NOERROR

header flags:  query, want recursion

questions = 1,  answers = 0,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com.DOMAIN.org, type = A, class = IN

 





Got answer (117 bytes):

HEADER:

opcode = QUERY, id = 3, rcode = NXDOMAIN

header flags:  response, auth. answer, want recursion, recursion
avail.

questions = 1,  answers = 0,  authority records = 1,  additional
= 0

 

QUESTIONS:

google.com.DOMAIN.org, type = A, class = IN

AUTHORITY RECORDS:

->  lifespan.org

type = SOA, class = IN, dlen = 52

ttl = 3600 (1 hour)

primary name server = DNS SERVER

responsible mail addr = postmaster.lifespan.org

serial  = 2010037251

refresh = 3600 (1 hour)

retry   = 1800 (30 mins)

expire  = 604800 (7 days)

default TTL = 900 (15 mins)

 





SendRequest(), len 28

HEADER:

opcode = QUERY, id = 4, rcode = NOERROR

header flags:  query, want recursion

questions = 1,  answers = 0,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com, type = A, class = IN

 





Got answer (44 bytes):

HEADER:

opcode = QUERY, id = 4, rcode = NOERROR

header flags:  response, want recursion, recursion avail.

questions = 1,  answers = 1,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com, type = A, class = IN

ANSWERS:

->  google.com

type = A, class = IN, dlen = 4

internet address = 173.194.35.104

ttl = 15 (15 secs)

 



Non-authoritative answer:

Name:google.com

Address:  173.194.35.104

 

 

Now like ASB said with the trailing .

> google.com.

Server:  DNS SERVER

Address:  ADDRESS

 



SendRequest(), len 28

HEADER:

opcode = QUERY, id = 5, rcode = NOERROR

header flags:  query, want recursion

questions = 1,  answers = 0,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com, type = A, class = IN

 





Got answer (44 bytes):

HEADER:

opcode = QUERY, id = 5, rcode = NOERROR

header flags:  response, want recursion, recursion avail.

questions = 1,  answers = 1,  authority records = 0,  additional
= 0

 

QUESTIONS:

google.com, type = A, class = IN

ANSWERS:

->  google.com

type = A, class = IN, dlen = 4

internet address = 173.194.35.104

ttl = 167 (2 mins 47 secs)

 



Non-authoritative answer:

Name:google.com

Address:  173.194.35.104

 

Bingo, no DNS Suffix adding to your queries. 

 

Z

 

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Friday, January 07, 2011 2:26 PM
To: NT System Admin Issues
Subject: Re: DNS oddities

 

Have you seen:
http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/th
read/a9b1a718-7b22-4678-aa91-c8ecebb4c6fa

 

I'm actually looking for a different link to give you, pertaining to how
DNS queries are performed.

 

You can see that occur at the command-line as well, unless you query
"hostname.domain.tld." vs "hostname.domain.tld"The trailing period
changes the behavior.

 

 

(Actually, saying that last sentence helped me with a better query.  Try
this:
http://social.technet.microsoft.com/Forums/en-US/wi

RE: Some advice re Servers Virtualization

2011-01-07 Thread Ziots, Edward

Also depends on the I/O metrics on the databases also. ( You running
OLAP or OLTP?)  its not always about RAM ( which will help with the
Buffer Pool, but if you have a slow disk subsystem that can keep up with
the page spilts, inserts and deletions you are going to start seeing
slow downs in the response from the database due to a slow disk
subsystem. 

 

Why I look at SQL in a different light then regular OS virtualization,
and I still favor for proper hardware scaled properly and scoped
properly and cluster the DB and use Mirroring, Transactional Log
Shipping for DR/HA, and just migrate your multiple databases to these
few systems instead of moving multiple hardware sets with SQL on them to
virtual land. 

 

Just food for thought, 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Friday, January 07, 2011 9:06 AM
To: NT System Admin Issues
Subject: Re: Some advice re Servers Virtualization

 

Okay.

 

How much RAM do you expect to devote to each DB server?

 

So far, the specs don't look like a problem, but specific details could
raise red flags...


 

ASB (My Bio via About.Me  ) 
Exploiting Technology for Business Advantage...

 





On Fri, Jan 7, 2011 at 8:12 AM, Pierre Camilleri
 wrote:

The database servers will be virtualized and the databases are not
heavily used. In fact there will be SQL 2005/2008 and Oracle 10g
databases being hosted but will not be very large and again not heavily
used.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: AD and firewall ports

2011-01-07 Thread Ziots, Edward

Honestly, 

I wouldn't recommend per-se that you extend your AD into an "Untrust" area of 
your network, which is exactly what a DMZ is in most cases. 

I think it goes a little deeper than just firewall ports when you look at the 
risk that the organization/business is taking and should be looked at as a 
whole, instead of an ADMIN requesting, and firewall engineers denying ( but 
that is there rules and procedures, who are we to say its correct or incorrect, 
especially when they are taking the risks)

If you are going to put a server in a DMZ, I would recommend its very hardened, 
that there is firewall rules for both inbound and outbound traffic to and from 
the server that are scrutinized very closely, along with any other compensating 
controls. 

Other ideas to protect the communications are IPSEC for communications to 
internal systems, again what you are doing is extending your trusted perimeter 
into areas that are very "untrusted", so tread lightly. What works for one 
companies risk posture will not meet the mustard for anothers. 

Sincerely,
EZ

PS: Beware the new IRS fraud emails coming around, since its tax season. 

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Thursday, January 06, 2011 8:43 PM
To: NT System Admin Issues
Subject: RE: AD and firewall ports

I take back the "you don't know what you're talking about bit" - that was 
harsher than I intended. It was a bit of a gut-reaction to "fire the admin"

-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Friday, 7 January 2011 12:32 PM
To: NT System Admin Issues
Subject: RE: AD and firewall ports

As with anything in security - there are no hard and fast rules - everything is 
just risk mitigation.

Lots of people put member servers in the DMZ. Lots of people have two (or more 
DMZs). An internal DMZ could be for devices (like proxy servers, DNS servers) 
that cater only for outbound communications. External DMZ handles incoming 
requests.
Other people create a separate Forest for their DMZ - and their servers are 
members of that Forest.
Etc.

Frankly, it sounds like you don't know what you're talking about.

Cheers
Ken

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, 7 January 2011 11:56 AM
To: NT System Admin Issues
Subject: Re: AD and firewall ports

Get a new admin.

Putting an AD member server in a DMZ is stupid.

You will have broken the security model for your production environment by 
doing this.

Kurt

On Wed, Jan 5, 2011 at 16:53, joseph palmieri  wrote:
>
> Need assistance with firewall ports and active directory our server admin 
> submitted a change request to open over 1000 port to support AD. The change 
> was denied and resubmitted requesting a minimum of 100 ports to support RPC 
> communications to a member server within our DMZ. Our firewall engineers 
> stated while monitoring the firewall only 20 ports were communicated over and 
> 100 ports are not needed.
>
>
>
> Has anyone had experience with this issue and can provide some clarity…are 
> the server admin looking for an easy way out by requesting all these ports?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Quick question, Missing Dail-in Tab in Windows 2008 R2 AD domain

2011-01-06 Thread Ziots, Edward

Thanks Greg, 

Exactly what was happening I just looked at the darn account from the
domain controller. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Greg Olson [mailto:gol...@markettools.com] 
Sent: Thursday, January 06, 2011 3:21 PM
To: NT System Admin Issues
Subject: RE: Quick question, Missing Dail-in Tab in Windows 2008 R2 AD
domain

http://support.microsoft.com/kb/975448


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, January 06, 2011 12:18 PM
To: NT System Admin Issues
Subject: Quick question, Missing Dail-in Tab in Windows 2008 R2 AD
domain

In Windows 2008 R2 domains, it seems when I am looking from a Windows 7
PC ( Yes I have the Advanced Features Turned on) I can't find the
Dail-in Tab which enabled or disabled the Dail-in Networking settings
like back in Windows 2003. 

Anyone know where that is hiding in Windows 2008/R2 and how to turn it
off? 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Quick question, Missing Dail-in Tab in Windows 2008 R2 AD domain

2011-01-06 Thread Ziots, Edward

In Windows 2008 R2 domains, it seems when I am looking from a Windows 7
PC ( Yes I have the Advanced Features Turned on) I can't find the
Dail-in Tab which enabled or disabled the Dail-in Networking settings
like back in Windows 2003. 

Anyone know where that is hiding in Windows 2008/R2 and how to turn it
off? 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OTish Security Conference

2011-01-06 Thread Ziots, Edward

 

http://www.offensive-security.com/metasploit-unleashed/David_Kennedy

 

If you want to read more about David

 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Tuesday, January 04, 2011 2:46 PM
To: NT System Admin Issues
Subject: OTish Security Conference

 

There is a new security conference on the horizon that might be of
interest to some of you. Disclaimer: My son is one of three principles
putting it together, so this email was pre-cleared with Stu to avoid any
concerns. He felt it was on topic.

It's focus is going to be more on the other side of the screen, more
offensive than defensive. But having used his tools, and those of the
other people that will be there I can say it is a good way of
approaching security. Know how you are going to get owned and then
mitigate that, rather than following 'best practices'. Having and
knowing tools like Metasploit, Backtrack and Fast-Track can make you
your own in house security consultant at no cost.

Offensive is my son's back ground. Five years in the Marines where he
developed their network exploitation team. Then some time on loan to the
NSA and some foreign governments. After that he went private sector at a
very good security consultant firm and is now the Director of
Information Security at a major corporation that shall remain nameless.
They approve of and support his outside efforts but don't want to make
themselves a bigger target than they already are. He has spoken at or
been the key note at every major security/white hat hacking convention
you can name.

This is an inexpensive conference, with lots of training options
available. The list of trainers and speakers is a who's who of the white
hat community. It could very well be worth your time. Here is the
website, the teaser video on it just went live yesterday.

http://derbycon.com/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: File lock

2011-01-06 Thread Ziots, Edward

Psfile or Process Explorer. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, January 05, 2011 12:55 PM
To: NT System Admin Issues
Subject: File lock

 

2003 server file share - we have an Excel file that allows us to open
but not save it - it's "in use, try again later".

 

Computer Management does not show anyone having this file open, is there
a utility that will let me click on the file itself and have it show if
someone has it open? They were able to edit it yesterday.

 

Google-Fu of that phrase returns many hits of folks with the same issue
over the years, and I swore I have seen and resolved this before, but
for the life of me can't remember...

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: What's Your Phone?

2011-01-03 Thread Ziots, Edward

LOL, 

The post on Youtube on the Iphone vs HTC EVO was priceless, I am still
crying I am laughing soo hard. 

And no you aren't going to pick up a chick because your geek-arse owns
an iphone. 

Jeeze they will print anything for a story these days. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: Damien Solodow [mailto:damien.solo...@harrison.edu] 
Sent: Monday, January 03, 2011 4:26 PM
To: NT System Admin Issues
Subject: RE: What's Your Phone?

I think it's a combination of less back hair and more communication
skills. :) Plus typically fewer olfactory offenses.

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.217.6851 (fax)
HARRISON COLLEGE

-Original Message-
From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Monday, January 03, 2011 4:20 PM
To: NT System Admin Issues
Subject: Re: What's Your Phone?

Male owners of iPhones are also more likely to be a metro[1.] which many
chicks seem to be into these days, though I can't understand why.

James

[1.] I said more likely but not necessarily.


- Original Message -
From: "Raper, Jonathan - Eagle" 
To: "NT System Admin Issues" 
Sent: Monday, January 03, 2011 4:15 PM
Subject: Re: What's Your Phone?


>From the second article."Having an iPhone suggests users are at the
very 
least computer savvy..."

What the ?!?!?!?!?!?!?!?!?

My (albeit somewhat limited) experience points to the contrary...

What was that cartoon where the end user kept asking for an iPhone and
kept 
saying, "I don't care" to every comment that pointed out what was wrong
with 
the device?

Jonathan L. Raper, MCSE

Thumb-typed from my HTC Droid Incredible (and yes, it really is). Please

excuse brevity & any misspellings.

- Reply message -
From: "Roger Wright" 
Date: Mon, Jan 3, 2011 4:00 pm
Subject: OT: What's Your Phone?
To: "NT System Admin Issues" 


http://www.networkworld.com/news/2010/120130-iphones-android-men-women-n
ielsen.html?docid=120610f

https://www.networkworld.com/news/2010/042210-want-a-wife-girlfriend-get
.html?hpg1=bn


Roger Wright
___

"Never make hard what you can make easy." - Fred W. Frailey



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Any medical information contained in this electronic message is
CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic
message 
may contain information that is confidential and/or legally privileged.
It 
is intended only for the use of the individual(s) and/or entity named as

recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material
from 
your computer. Do not deliver, distribute or copy this message, and do
not 
disclose its contents or take any action in reliance on the information
that 
it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Brain teaser with SQL Server 2005 and high page file usage. Need a sounding board

2010-12-30 Thread Ziots, Edward

Thanks much Ken, I was search the SQLCAT page trying to find the exact
explaination after looking at the counters like 3x times it defintely
looks like the commit total is what is being shown, it kinda tipped me
off when performance monitor only shows me a 25% of a 2GB paging file
being used but Task Manager shows 30GB Page file usage. 

 

Happy holidays everyone

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Wednesday, December 29, 2010 8:43 PM
To: NT System Admin Issues
Subject: RE: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

http://blogs.technet.com/b/perfguru/archive/2008/01/08/explanation-of-pa
gefile-usage-as-reported-in-the-task-manager.aspx

Well known problem with Task Manager up to XP and Win2k3 Server (it's
changed in Vista/Win2k8 Server onwards)

PF Usage as reported in task manager in Windows XP and Windows Server
2003 is actually the system commit total. This number represents
potential page file usage, not actual page file usage. It is how much
page file space would be used if all the private committed virtual
memory in the system had to be paged out all at once.

Cheers

Ken

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Thursday, 30 December 2010 1:51 AM
To: NT System Admin Issues
Subject: RE: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

I am starting to get that feeling also, 

 

Doing some more reading here: Troubleshooting Performance Problems in
SQL Server 2005 

 

http://technet.microsoft.com/en-us/library/cc966540.aspx

 

It's just things aren't adding up, and I don't want folks bitching about
performance and blaming it on memory pressure or something else when it
isn't. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Wednesday, December 29, 2010 9:33 AM
To: NT System Admin Issues
Subject: RE: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

SQL is funny with page files. What you are seeing is its potential use
of the page file, not what it is actually using at that given moment. 

 

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, December 29, 2010 9:29 AM
To: NT System Admin Issues
Subject: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

 

I have a SQL 2005 32bit 2-node cluster, each server has 36GB of RAM and
both servers are running Windows 2003 R2 Enterprise Edition. On my
primary node which is also holding the SQL Group ( SQL server) and its
associated resources, the performance monitor is showing my Page-file at
30.8GB, but the page-file is only set to a 2GB minimum and a 4GB Maximum
( I know I know its supposed to be 1.5X Memory and 2x Memory) 

 

SO when I look at the following counters I see this:

http://support.microsoft.com/kb/2267427/en-us

 

Memory_Committed Bytes: 31GB which is the same of what I am seeing in
the Task Manager. 

Process, Working Set, _Total: 817,385,472 ( So like 817MB)n which is
basically a multiple of 4096 ( as expected, 199557 4096K pages)

Paging File, %Pagefile%^ Usage, in use: 25% ( so this doesn't jive with
a reading of 31GB in Task manager, but does jive with a calculation from
Process (combined processes, and there pagefile usage of 1.2GB)

Memory Pages/Sec: 0 ( basically was dead quiet)

Memory Pages Output/Sec: 0 (basically no pages going out to the disk,
which is expected, since I shouldn't be seeing memory pressure with 32GB
of RAM in the server)

Memory Pages Input/sec: .8 ( Again not many pages that needed taken from
the disk to satisfy memory constrains.

Memory, Available Mbytes: 5.1GB ( which is about right, since we set the
min and max of 0-32GB in SQL Server which leaves about 5GB for the OS)

 

>From the article:

Even if the Committed Bytes value is greater than the installed RAM, a
Pages Output/sec value that is low or zero most of the time indicates
that there is not a significant performance problem that is caused by
not enough RAM.

 

The committed bytes is close to the physical ram, but the pages
output/sec is virtually nil, therefore I don't see this as a memory
constraint. 

 

Also when I look at the Process Page File Bytes ( Total) I get 938MB,
which is about 22-25% of the maximum of 4096 which is the maximum of the
paging file. 

 

So does anyone have an idea, why in the heck I would be seeing 31GB for
PF usage in the Task Manager, when the Performance Monitor counters
simply do not support that case? 

 

TIA,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

~ Final

RE: Brain teaser with SQL Server 2005 and high page file usage. Need a sounding board

2010-12-29 Thread Ziots, Edward

I am starting to get that feeling also, 

 

Doing some more reading here: Troubleshooting Performance Problems in
SQL Server 2005 

 

http://technet.microsoft.com/en-us/library/cc966540.aspx

 

It's just things aren't adding up, and I don't want folks bitching about
performance and blaming it on memory pressure or something else when it
isn't. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Wednesday, December 29, 2010 9:33 AM
To: NT System Admin Issues
Subject: RE: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

SQL is funny with page files. What you are seeing is its potential use
of the page file, not what it is actually using at that given moment. 

 

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, December 29, 2010 9:29 AM
To: NT System Admin Issues
Subject: Brain teaser with SQL Server 2005 and high page file usage.
Need a sounding board

 

 

I have a SQL 2005 32bit 2-node cluster, each server has 36GB of RAM and
both servers are running Windows 2003 R2 Enterprise Edition. On my
primary node which is also holding the SQL Group ( SQL server) and its
associated resources, the performance monitor is showing my Page-file at
30.8GB, but the page-file is only set to a 2GB minimum and a 4GB Maximum
( I know I know its supposed to be 1.5X Memory and 2x Memory) 

 

SO when I look at the following counters I see this:

http://support.microsoft.com/kb/2267427/en-us

 

Memory_Committed Bytes: 31GB which is the same of what I am seeing in
the Task Manager. 

Process, Working Set, _Total: 817,385,472 ( So like 817MB)n which is
basically a multiple of 4096 ( as expected, 199557 4096K pages)

Paging File, %Pagefile%^ Usage, in use: 25% ( so this doesn't jive with
a reading of 31GB in Task manager, but does jive with a calculation from
Process (combined processes, and there pagefile usage of 1.2GB)

Memory Pages/Sec: 0 ( basically was dead quiet)

Memory Pages Output/Sec: 0 (basically no pages going out to the disk,
which is expected, since I shouldn't be seeing memory pressure with 32GB
of RAM in the server)

Memory Pages Input/sec: .8 ( Again not many pages that needed taken from
the disk to satisfy memory constrains.

Memory, Available Mbytes: 5.1GB ( which is about right, since we set the
min and max of 0-32GB in SQL Server which leaves about 5GB for the OS)

 

>From the article:

Even if the Committed Bytes value is greater than the installed RAM, a
Pages Output/sec value that is low or zero most of the time indicates
that there is not a significant performance problem that is caused by
not enough RAM.

 

The committed bytes is close to the physical ram, but the pages
output/sec is virtually nil, therefore I don't see this as a memory
constraint. 

 

Also when I look at the Process Page File Bytes ( Total) I get 938MB,
which is about 22-25% of the maximum of 4096 which is the maximum of the
paging file. 

 

So does anyone have an idea, why in the heck I would be seeing 31GB for
PF usage in the Task Manager, when the Performance Monitor counters
simply do not support that case? 

 

TIA,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Brain teaser with SQL Server 2005 and high page file usage. Need a sounding board

2010-12-29 Thread Ziots, Edward

 

I have a SQL 2005 32bit 2-node cluster, each server has 36GB of RAM and
both servers are running Windows 2003 R2 Enterprise Edition. On my
primary node which is also holding the SQL Group ( SQL server) and its
associated resources, the performance monitor is showing my Page-file at
30.8GB, but the page-file is only set to a 2GB minimum and a 4GB Maximum
( I know I know its supposed to be 1.5X Memory and 2x Memory) 

 

SO when I look at the following counters I see this:

http://support.microsoft.com/kb/2267427/en-us

 

Memory_Committed Bytes: 31GB which is the same of what I am seeing in
the Task Manager. 

Process, Working Set, _Total: 817,385,472 ( So like 817MB)n which is
basically a multiple of 4096 ( as expected, 199557 4096K pages)

Paging File, %Pagefile%^ Usage, in use: 25% ( so this doesn't jive with
a reading of 31GB in Task manager, but does jive with a calculation from
Process (combined processes, and there pagefile usage of 1.2GB)

Memory Pages/Sec: 0 ( basically was dead quiet)

Memory Pages Output/Sec: 0 (basically no pages going out to the disk,
which is expected, since I shouldn't be seeing memory pressure with 32GB
of RAM in the server)

Memory Pages Input/sec: .8 ( Again not many pages that needed taken from
the disk to satisfy memory constrains.

Memory, Available Mbytes: 5.1GB ( which is about right, since we set the
min and max of 0-32GB in SQL Server which leaves about 5GB for the OS)

 

>From the article:

Even if the Committed Bytes value is greater than the installed RAM, a
Pages Output/sec value that is low or zero most of the time indicates
that there is not a significant performance problem that is caused by
not enough RAM.

 

The committed bytes is close to the physical ram, but the pages
output/sec is virtually nil, therefore I don't see this as a memory
constraint. 

 

Also when I look at the Process Page File Bytes ( Total) I get 938MB,
which is about 22-25% of the maximum of 4096 which is the maximum of the
paging file. 

 

So does anyone have an idea, why in the heck I would be seeing 31GB for
PF usage in the Task Manager, when the Performance Monitor counters
simply do not support that case? 

 

TIA,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird One, Can't see folder, WIndows 2008 after a robocopy

2010-12-28 Thread Ziots, Edward

Yep, this is exactly what I did from my Windows 2008 SP2 machine from
the D:\ drive of a old NT 4.0 machine. 

I had to use the attrib -s -H c:\foldername to make the folder
accessible via the GUI. 

Thanks for the feedback I will keep that under the hat for future
migrations, since we are going to Windows 2008 a lot more these days. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Phil Brutsche [mailto:p...@optimumdata.com] 
Sent: Monday, December 27, 2010 6:23 PM
To: NT System Admin Issues
Subject: Re: Weird One, Can't see folder, WIndows 2008 after a robocopy

I see it most frequently when robocopy-ing the root of one drive into a
subfolder of another, ie

robocopy /s /e d:\ c:\subfolder

In the most recent case (a Windows 7 machines), specifiying "/COPY:DT"
didn't make a difference.

On 12/27/2010 5:04 PM, Mike Gill wrote:
> Crazy! I just set up a simple Robocopy script for a very small office
I
> service and had the same thing happen. After the copy is complete, the
> root folder of the destination is set to hidden. I use this script
> elsewhere, and am not sure why this instance is different.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird One, Can't see folder, WIndows 2008 after a robocopy

2010-12-27 Thread Ziots, Edward

Nevermind solved the question, it set the folder and sub folders as
read-only system and Hidden by default, which is very weird. 

 

I reset the directory with the attrib -s -h. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, December 27, 2010 2:42 PM
To: NT System Admin Issues
Subject: Weird One, Can't see folder, WIndows 2008 after a robocopy

 

I just did a robocopy from my new Windows 2008 Server from an Older
Windows NT 4.0 server with the following switches. 

 

Robocopy /S /COPYALL /R:1 /W:10 /Log+:c:\path.log

 

I look at the log and the files copied, the problem is that I can't see
the folder I just copied in Windows Explorer, but I can go to a command
promot and cd to the directory, so its basically hidden from my sight in
windows. 

 

But I did see the directories being created when I did the robocopy of
the directory over from the server. 

 

Anyone ever see this type of behavior. 

 

Already looked at hidden files and folders. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Weird One, Can't see folder, WIndows 2008 after a robocopy

2010-12-27 Thread Ziots, Edward

I just did a robocopy from my new Windows 2008 Server from an Older
Windows NT 4.0 server with the following switches. 

 

Robocopy /S /COPYALL /R:1 /W:10 /Log+:c:\path.log

 

I look at the log and the files copied, the problem is that I can't see
the folder I just copied in Windows Explorer, but I can go to a command
promot and cd to the directory, so its basically hidden from my sight in
windows. 

 

But I did see the directories being created when I did the robocopy of
the directory over from the server. 

 

Anyone ever see this type of behavior. 

 

Already looked at hidden files and folders. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OT: NTL M and bootable DOS CD

2010-12-27 Thread Ziots, Edward

Chris, we are seeing the same thing here with our techs, saying there
boot disks aren't working after they change their passwords, since we
are Win2k8 R2 DFL/FFL, the authentication requirement default is higher
than the NTLM and LM hashes of old, which I can agree that they need to
get there boot disks or deployment process up to the 21st century. 

IN same boat as you, not changing domain wide settings to allow folks to
ghost stuff with old boot disk, there are better tools ( WIM, WINPE etc
etc) 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Monday, December 27, 2010 12:31 PM
To: NT System Admin Issues
Cc: NT System Admin Issues
Subject: Re: OT: NTL M and bootable DOS CD

I'm definitely going to try and fight this, from a security perspective
it's a no brainer. The issue will be that the desktop group will say
this will push back the deployment of existing systems by a month while
they engineer a new process. Almost no way to fight that unless our
group is willing to take over the responsibility of doing that work,
which we could easily do. Just hate knowing that those guys will put up
this road block on something that should take them less than a day to
do. I'd love for their management to step in and say " you know what?
You are right. we need to redo this process and it's not going to take
us a month to do it. we'll have it done by end of the week!" Never going
to happen. 

Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 

From:Kurt Buff  
To:"NT System Admin Issues"

Date:12/27/2010 11:37 AM 
Subject:Re: OT: NTL M and bootable DOS CD 

Uh, you've already proved that your way works.

I'd call a meeting, go over their setup with them and identify the
points that need improving.

I'll bet that the re-engineering isn't really all that much, and that
the end result will actually be faster and better installs.

Kurt

On Mon, Dec 27, 2010 at 07:32, Christopher Bodnar
 wrote:
> Sorry, just venting:
>
> OK, so we implemented our new SCCM infrastructure about 9 months ago
(all
> W2K8 servers). Almost done with the migration from our old SMS 2003
> infrastructure (W2K3 R2 servers). I get a request from our desktop
guys last
> week to create a few shares on the new SCCM servers to hold the
workstation
> images. No problem. So I get a call from the desktop guys saying they
can't
> access the new shares. I ask them how they are being accessed. They
say from
> a bootable DOS CD. I thought them meant WinPE, so I tested that, and
> verified there are no issues. Go  back to the desktop guys and they
say, no
> it's really DOS 6.22 using NDIS 2.0. So I start looking into it and
found
> that the old SMS servers have a GPO setting that allows NTLM
connections,
> the rest of the network doesn't. I was not aware of this. Our
currently
> policy is to allow NTLMv2 only, and refuse LM and NTLM. I ask them if
they
> can move to WinPE. They tell me the engineering involved will be too
much
> work. So now the question is. do I put up a fight and go to our
Security
> group and tell them I want to keep NTLMv2, and have the desktops guys
> re-engineer the process? My guess is that I'll be over ruled, and be
forced
> to allow NTLM for the new SCCM servers.
>
> Uggg.
>
>
>
> Chris Bodnar, MCSE
> Systems Engineer
> Distributed Systems Service Delivery - Intel Services
> Guardian Life Insurance Company of America
> Email: christopher_bod...@glic.com
> Phone: 610-807-6459
> Fax: 610-807-6003 - This
message,
> and any attachments to it, may contain information that is privileged,
> confidential, and exempt from disclosure under applicable law. If the
reader
> of this message is not the intended recipient, you are notified that
any
> use, dissemination, distribution, copying, or communication of this
message
> is strictly prohibited. If you have received this message in error,
please
> notify the sender immediately by return e-mail and delete the message
and
> any attachments. Thank you.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  >  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/

> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: IIS 6.0 Invalid App

2010-12-21 Thread Ziots, Edward

Could you create a new App Pool under the identity of the
IUSR_COMPUTERNAME Account, or account which has the rights to the web
applications directory ( Usually Read and Execute, but you might need
more or less depending on the application) and make that web-app run
under the new Web Application Pool and see if that works for you. 

 

If not I would probably uninstall and reinstall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: itli...@imcu.com [mailto:itli...@imcu.com] 
Sent: Tuesday, December 21, 2010 2:51 PM
To: NT System Admin Issues
Subject: IIS 6.0 Invalid App

 

I have a server that a vendor is trying to load their webapp on and they
have hosed up the default website.

Windows Standard server 2003 iis 6.0

My default website now has invalid application pool under the
application pool.

I have tried the following:

http://www.developmentnow.com/g/59_2007_1_0_0_845804/Invalid-Application
-Pool.htm

All that did was successfully delete the default application pool.

The IISRESET did nothing but restart IIS.

Do I need to just uninstall IIS and reinstall it?

Then have them try and install their webapp again?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Heads up for Sophos AV users

2010-12-21 Thread Ziots, Edward

Paged Pool depletion due to handle leak with Sophos AV:

http://support.microsoft.com/kb/2486249/en-us?sd=rss&spid=12925

Looks like Sophos AV has an issue that leaks Pool memory over time to cause 
BSOD on the servers/workstations.  Could cause hangs as much as every 24 hrs. 

Z

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Printers...

2010-12-21 Thread Ziots, Edward

Steve needs redundancy in his UPS Infrastructure.   But yes it defintely, 
sucketh majorly to see an entire server farm go Kaput due to some worker 
tinkering with your UPS, when they should have never had access to them. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Monday, December 20, 2010 2:35 PM
To: NT System Admin Issues
Subject: Re: Printers...

 

It sucks to be Steve right now 
John W. Cook 
Systems Administrator 
Partnership for Strong Families

 



From: Steve Ens  
To: NT System Admin Issues  
Sent: Mon Dec 20 14:31:13 2010
Subject: Re: Printers 

Steve just had all the power to his servers  go out.  It was a shame for Steve 
as he didn't realize that there were workers onsite looking at the UPS.  Now 
Steve is not in a good mood.  Steve is upset.

On Mon, Dec 20, 2010 at 1:28 PM, VIPCS  wrote:

Jeffrey just set up a Windows Server 2008 R2 server with two Xerox printers.  
For one printer (a WorkCenter printer), he was able to load the x32 drivers as 
additional drivers directly on the server (on the sharing tab of the printer) 
after the printer was installed. For the other printer (a Phaser), he had to 
connect with an x32 client (Windows XP machine) as administrator and load the 
x32 drivers from that machine.

 

So yes, it can be done, but it depends on the specific printer and drivers 
available as to how to do it.

 

Sincerely,

 

Jeffrey and Mary Jane Harris

VIPCS

 



From: Kelli Sterley [mailto:kjsterley.li...@gmail.com] 
Sent: Monday, December 20, 2010 2:20 PM 


To: NT System Admin Issues

Subject: Printers 

 

I have just started with a company and have been challenged to fix some issues 
they have been having.  Here is one issue... 


They have a new server running Win2008 64 bit.  They have installed a bunch of 
printers using the drivers from the manufacturers but these are 64 bit drivers. 
 They have shared the printers to the general user (all 32 bit users) and no 
one can print.  Is it possible to have printers on a 64 bit server and share 
them to the 32 bit user?  The guy before me said he could not get the 32 bit 
drivers to install on the server and so here I am. 

 

I just want to make sure it is possible before I spend hours trying to get it 
to work.

 

Any help would be great!  Thanks!

 

Kelli

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 



CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
Consider the environment. Please don't print this e-mail unless you really need 
to.



This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the company. 
Warning: Although precautions have been taken to make sure no viruses are 
present in this email, the company cannot accept responsibility for any loss or 
damage that arise from the use of this email or attachments.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

2010-12-20 Thread Ziots, Edward

I would be assuming but in windows 2003 with a full format on the same hardware 
that 600GB LUN is done in less than 10 mins. Its been 1.5 hrs and I am at 4%. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Monday, December 20, 2010 1:42 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

It’s the difference between a quick and a full format, isn’t it?

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, December 20, 2010 1:34 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

Well finally got it built, I took care of it with a new Smart Start CD. 

 

Now I am enduring formatting a 600GB LUN that is 2% done and its been 1+ hr’s.  
It seems like all the Windows 2008 boxes we build take forever to format the 
disk ( either done vis Disk_part or the format command). In Windows 2003 R2 it 
been done already.  Have others also seen the format times for disks inside a 
Windows 2008 box take an hideously long time. ( Like 600GB and probably will 
take 3hrs to format?)

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 11:50 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

It can't hurt to give the 32 bit version of 8.60 a try, can it?

On Mon, Dec 20, 2010 at 10:52 AM, Ziots, Edward <> wrote:

Yep trying that now but 8.25 is the latest,  so retrying a few things. We might 
have just got it working, even though via the matrix it isn’t officially 
supported. 

 

Trying to make the DL 380G3 retired if at all possible and use the G4-G7 
hardware for any new builds,

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 10:36 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

Try a new SmartStart CD.

Seriously.

 

I had similar issues with up to 8.3, I think, when trying to install on a 
BL460c.  A more current one will likely solve the problem.

 

The link below is for the 8.60 32 bit CD.  I dug it up by searching for DL380 
G5.  The latest one that would show for a G3 is 8.25.

 

http://h2.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121516&prodNameId=3288134&swEnvOID=4022&swLang=8&mode=2&taskId=135&swItem=MTX-00b1501bdf9a4ddda9353d075e

 



 

On Mon, Dec 20, 2010 at 10:25 AM, Ziots, Edward  wrote:

Need to bounce this one off the list. I have a DL380G3 that I am trying to load 
Windows 2008 Standard for a new file server, I have already tried Smart Start 
CD 8.00, 8.15 and 8.25. I also have tried 2 boot DVD's ( If I put the Windows 
2008 DVD in the DVD ROM and boot the server it starts to load windows) but 
through the Smart Start CD, when it is asking for either flat-files or CD-Image 
to load the OS from, I pick flat files and it prompts me for where on the DVD 
the source OS's are.

I pick DVD folder then the sources folder within that folder, and click on show 
sub-directories, and sure enough on 2 DVD's it can't find it.

I know the darn DVD's are good because I can get Windows to load from the 
freaking DVD.

Any idea, what I might be doing wrong with the load of the Windows 2008 through 
the Smart start process which is what I would like to accomplish.

Either that, or its back to Windows 2003 R2 Sp2 which I would like to start 
getting away from but at least I will have a built server I will have space on 
for information that needs to get migrated off older systems

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 


~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.su

RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

2010-12-20 Thread Ziots, Edward

Well finally got it built, I took care of it with a new Smart Start CD. 

 

Now I am enduring formatting a 600GB LUN that is 2% done and its been 1+ hr’s.  
It seems like all the Windows 2008 boxes we build take forever to format the 
disk ( either done vis Disk_part or the format command). In Windows 2003 R2 it 
been done already.  Have others also seen the format times for disks inside a 
Windows 2008 box take an hideously long time. ( Like 600GB and probably will 
take 3hrs to format?)

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 11:50 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

It can't hurt to give the 32 bit version of 8.60 a try, can it?

On Mon, Dec 20, 2010 at 10:52 AM, Ziots, Edward <> wrote:

Yep trying that now but 8.25 is the latest,  so retrying a few things. We might 
have just got it working, even though via the matrix it isn’t officially 
supported. 

 

Trying to make the DL 380G3 retired if at all possible and use the G4-G7 
hardware for any new builds,

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 10:36 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

Try a new SmartStart CD.

Seriously.

 

I had similar issues with up to 8.3, I think, when trying to install on a 
BL460c.  A more current one will likely solve the problem.

 

The link below is for the 8.60 32 bit CD.  I dug it up by searching for DL380 
G5.  The latest one that would show for a G3 is 8.25.

 

http://h2.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121516&prodNameId=3288134&swEnvOID=4022&swLang=8&mode=2&taskId=135&swItem=MTX-00b1501bdf9a4ddda9353d075e

 



 

On Mon, Dec 20, 2010 at 10:25 AM, Ziots, Edward  wrote:

Need to bounce this one off the list. I have a DL380G3 that I am trying to load 
Windows 2008 Standard for a new file server, I have already tried Smart Start 
CD 8.00, 8.15 and 8.25. I also have tried 2 boot DVD's ( If I put the Windows 
2008 DVD in the DVD ROM and boot the server it starts to load windows) but 
through the Smart Start CD, when it is asking for either flat-files or CD-Image 
to load the OS from, I pick flat files and it prompts me for where on the DVD 
the source OS's are.

I pick DVD folder then the sources folder within that folder, and click on show 
sub-directories, and sure enough on 2 DVD's it can't find it.

I know the darn DVD's are good because I can get Windows to load from the 
freaking DVD.

Any idea, what I might be doing wrong with the load of the Windows 2008 through 
the Smart start process which is what I would like to accomplish.

Either that, or its back to Windows 2003 R2 Sp2 which I would like to start 
getting away from but at least I will have a built server I will have space on 
for information that needs to get migrated off older systems

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 


~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <h

RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

2010-12-20 Thread Ziots, Edward

Yes the server isn’t 64bit compatible or it would have been R2. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 10:40 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

I made a guess that he's trying to install 32 bit because of the age of the 
server, and since the specified OS is 2008 instead of 2008 R2.

On Mon, Dec 20, 2010 at 10:31 AM, James Rankin  wrote:

FWIW it may be an idea to try the latest SmartStart

http://h2.www2.hp.com/bizsupport/TechSupport/SoftwareIndex.jsp?lang=en&cc=us&prodNameId=344318&prodTypeId=18964&prodSeriesId=345557&swLang=8&taskId=135&swEnvOID=4064
 

 

On 20 December 2010 15:25, Ziots, Edward  wrote:

Need to bounce this one off the list. I have a DL380G3 that I am trying to load 
Windows 2008 Standard for a new file server, I have already tried Smart Start 
CD 8.00, 8.15 and 8.25. I also have tried 2 boot DVD's ( If I put the Windows 
2008 DVD in the DVD ROM and boot the server it starts to load windows) but 
through the Smart Start CD, when it is asking for either flat-files or CD-Image 
to load the OS from, I pick flat files and it prompts me for where on the DVD 
the source OS's are.

I pick DVD folder then the sources folder within that folder, and click on show 
sub-directories, and sure enough on 2 DVD's it can't find it.

I know the darn DVD's are good because I can get Windows to load from the 
freaking DVD.

Any idea, what I might be doing wrong with the load of the Windows 2008 through 
the Smart start process which is what I would like to accomplish.

Either that, or its back to Windows 2003 R2 Sp2 which I would like to start 
getting away from but at least I will have a built server I will have space on 
for information that needs to get migrated off older systems

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin





-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."

IMPORTANT: This email is intended for the use of the individual addressee(s) 
named above and may contain information that is confidential, privileged or 
unsuitable for overly sensitive persons with low self-esteem, no sense of 
humour or irrational religious beliefs. If you are not the intended recipient, 
any dissemination, distribution or copying of this email is not authorised 
(either explicitly or implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context somewhere 
other than in this warning, it does not have any legal or no grammatical use 
and may be ignored. No animals were harmed in the transmission of this email, 
although the kelpie next door is living on borrowed time, let me tell you. 
Those of you with an overwhelming fear of the unknown will be gratified to 
learn that there is no hidden message revealed by reading this warning 
backwards, so just ignore that Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your computer 
you can ensure that no harm befalls you and your pets. If you have received 
this email in error, please add some nutmeg and egg whites, whisk and place in 
a warm oven for 40 minutes. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 load issue on DL 380G3, location of Source OS files.

2010-12-20 Thread Ziots, Edward

Yep trying that now but 8.25 is the latest,  so retrying a few things. We might 
have just got it working, even though via the matrix it isn’t officially 
supported. 

 

Trying to make the DL 380G3 retired if at all possible and use the G4-G7 
hardware for any new builds,

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Monday, December 20, 2010 10:36 AM
To: NT System Admin Issues
Subject: Re: Windows 2008 load issue on DL 380G3, location of Source OS files.

 

Try a new SmartStart CD.

Seriously.

 

I had similar issues with up to 8.3, I think, when trying to install on a 
BL460c.  A more current one will likely solve the problem.

 

The link below is for the 8.60 32 bit CD.  I dug it up by searching for DL380 
G5.  The latest one that would show for a G3 is 8.25.

 

http://h2.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=1121516&prodNameId=3288134&swEnvOID=4022&swLang=8&mode=2&taskId=135&swItem=MTX-00b1501bdf9a4ddda9353d075e

 



 

On Mon, Dec 20, 2010 at 10:25 AM, Ziots, Edward  wrote:

Need to bounce this one off the list. I have a DL380G3 that I am trying to load 
Windows 2008 Standard for a new file server, I have already tried Smart Start 
CD 8.00, 8.15 and 8.25. I also have tried 2 boot DVD's ( If I put the Windows 
2008 DVD in the DVD ROM and boot the server it starts to load windows) but 
through the Smart Start CD, when it is asking for either flat-files or CD-Image 
to load the OS from, I pick flat files and it prompts me for where on the DVD 
the source OS's are.

I pick DVD folder then the sources folder within that folder, and click on show 
sub-directories, and sure enough on 2 DVD's it can't find it.

I know the darn DVD's are good because I can get Windows to load from the 
freaking DVD.

Any idea, what I might be doing wrong with the load of the Windows 2008 through 
the Smart start process which is what I would like to accomplish.

Either that, or its back to Windows 2003 R2 Sp2 which I would like to start 
getting away from but at least I will have a built server I will have space on 
for information that needs to get migrated off older systems

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Windows 2008 load issue on DL 380G3, location of Source OS files.

2010-12-20 Thread Ziots, Edward

Need to bounce this one off the list. I have a DL380G3 that I am trying to load 
Windows 2008 Standard for a new file server, I have already tried Smart Start 
CD 8.00, 8.15 and 8.25. I also have tried 2 boot DVD's ( If I put the Windows 
2008 DVD in the DVD ROM and boot the server it starts to load windows) but 
through the Smart Start CD, when it is asking for either flat-files or CD-Image 
to load the OS from, I pick flat files and it prompts me for where on the DVD 
the source OS's are. 

I pick DVD folder then the sources folder within that folder, and click on show 
sub-directories, and sure enough on 2 DVD's it can't find it. 

I know the darn DVD's are good because I can get Windows to load from the 
freaking DVD. 

Any idea, what I might be doing wrong with the load of the Windows 2008 through 
the Smart start process which is what I would like to accomplish. 

Either that, or its back to Windows 2003 R2 Sp2 which I would like to start 
getting away from but at least I will have a built server I will have space on 
for information that needs to get migrated off older systems

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Experience with doing IT Audits

2010-12-20 Thread Ziots, Edward

Jim, 

 

You just hit the "bingo", that is the power of the auditors, its something that 
Upper Management can't turn a blind eye to, or they will be found negligent and 
if something bad happens and it goes to court, you are covered and they are 
serious in hot water. (Failure of due care and due diligence)

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jim Holmgren [mailto:jholmg...@xlhealth.com] 
Sent: Monday, December 20, 2010 9:36 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

Z,

I totally agree and wish I would have thought to include that in my reply.  If 
used wisely, Auditors can provide a voice that upper management is not allowed 
to ignore.  

 

We had a security audit done here recently and it enabled me to put together a 
lot of initiatives that I could not get any traction on by myself.

 

Jim

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, December 20, 2010 9:32 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

Also, 

 

Auditors are not your enemy, which a lot of IT managers think they are, if 
utilized correctly you can get a lot accomplished that is getting squashed by 
the politics etc etc in your companies. 

 

I welcome the auditors, it gives you a chance to see what is broken and look 
forward to fixing it.  Especially when you been saying it all along and it 
falls on deaf ears, because people want to play the ostrich defense ( head in 
the sand)

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jim Holmgren [mailto:jholmg...@xlhealth.com] 
Sent: Monday, December 20, 2010 9:28 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

BTDT too many times to count.  For what it is worth, my advice when dealing 
with Auditors:  

1)  Only give the auditors what they ask for - do not volunteer any 
additional information.  Most of the time, they just want to check the boxes 
and move on to the next person.  You aren't doing yourself any favors by asking 
for more work.

2)  Have written, approved policies and some way to prove that you follow 
them.  Most of the time the guidelines do not get into specifics about the 
contents of the policies.  They only say "you must have a retention policy and 
abide by it" - they generally don't say "you must keep emails for X days".

 

Jim

 

 

Jim Holmgren

Manager of Server Engineering

XLHealth Corporation

The Warehouse at Camden Yards

351 West Camden Street, Suite 100

Baltimore, MD 21201 

410.625.2200 (main)

443.524.8573 (direct)

443-506.2400 (cell)

www.xlhealth.com

 

 

 

From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, December 20, 2010 9:22 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

+10,000,000,000,002

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Friday, December 17, 2010 4:36 PM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

Likewise for PCI and NIST-800.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Carl Webster [mailto:carlwebs...@gmail.com] 
Sent: Friday, December 17, 2010 4:39 PM
To: NT System Admin Issues
Subject: Re: Experience with doing IT Audits

 

I have done IT Audits for SOX Compliance.  What would you like to know other 
than I hate, despise and detest doing them?

 

 

Webster

On Fri, Dec 17, 2010 at 3:24 PM, Juma, Lumumba  wrote:

Hi All,

 

I need help from somebody who has been involved in doing IT audits for 
companies/organizations. We can communicate directly off the list.

 

Many thanks,

 

Juma.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoft

RE: Experience with doing IT Audits

2010-12-20 Thread Ziots, Edward

Also, 

 

Auditors are not your enemy, which a lot of IT managers think they are, if 
utilized correctly you can get a lot accomplished that is getting squashed by 
the politics etc etc in your companies. 

 

I welcome the auditors, it gives you a chance to see what is broken and look 
forward to fixing it.  Especially when you been saying it all along and it 
falls on deaf ears, because people want to play the ostrich defense ( head in 
the sand)

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jim Holmgren [mailto:jholmg...@xlhealth.com] 
Sent: Monday, December 20, 2010 9:28 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

BTDT too many times to count.  For what it is worth, my advice when dealing 
with Auditors:  

1)  Only give the auditors what they ask for - do not volunteer any 
additional information.  Most of the time, they just want to check the boxes 
and move on to the next person.  You aren't doing yourself any favors by asking 
for more work.

2)  Have written, approved policies and some way to prove that you follow 
them.  Most of the time the guidelines do not get into specifics about the 
contents of the policies.  They only say "you must have a retention policy and 
abide by it" - they generally don't say "you must keep emails for X days".

 

Jim

 

 

Jim Holmgren

Manager of Server Engineering

XLHealth Corporation

The Warehouse at Camden Yards

351 West Camden Street, Suite 100

Baltimore, MD 21201 

410.625.2200 (main)

443.524.8573 (direct)

443-506.2400 (cell)

www.xlhealth.com

 

 

 

From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, December 20, 2010 9:22 AM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

+10,000,000,000,002

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Friday, December 17, 2010 4:36 PM
To: NT System Admin Issues
Subject: RE: Experience with doing IT Audits

 

Likewise for PCI and NIST-800.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Carl Webster [mailto:carlwebs...@gmail.com] 
Sent: Friday, December 17, 2010 4:39 PM
To: NT System Admin Issues
Subject: Re: Experience with doing IT Audits

 

I have done IT Audits for SOX Compliance.  What would you like to know other 
than I hate, despise and detest doing them?

 

 

Webster

On Fri, Dec 17, 2010 at 3:24 PM, Juma, Lumumba  wrote:

Hi All,

 

I need help from somebody who has been involved in doing IT audits for 
companies/organizations. We can communicate directly off the list.

 

Many thanks,

 

Juma.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use 
of the intended recipient(s) and may contain confidential and/or protected 
health information. Under the Federal Law (HIPAA), the intended recipient is 
obligated to keep this information secure and confidential. Any disclosure to 
third parties without authorization from the member of as permitted by law is 
prohibited and punishable under Federal Law. If you are not the intended 
recipient, please contact the sender by reply e-mail and destroy all copies of 
the original message. 

NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso 
exclusivo del (los) destinatario (s) y puede incluir información confidencial 
y/o información de salud protegida. La Ley Federal (HIPAA) establece que el 
destinatario está obligado a mantener la información confidencial y sequra. 
HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin 
autorización del afiliado o permitido por l

RE: RDP Load Balancing Session Load balancing How are you accomplishing this

2010-12-19 Thread Ziots, Edward

Let me read up and I will hit ya offline. 

 

This is a Windows 2008 (Not R2) setup. From what I saw on the Whitepaper
I read you had to setup a DNS round robin so basically if you had four
TS servers, DNS would do round robin for the connection. SO A record for
TSNAME and it would go to TS1 then 2 etc etc. 

 

Thanks

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: David Lum [mailto:david@nwea.org] 
Sent: Friday, December 17, 2010 9:26 AM
To: NT System Admin Issues
Subject: RE: RDP Load Balancing Session Load balancing How are you
accomplishing this

 

Broker goes on a separate box. With R2 you can cluster the gateway and
broker systems so you don't have a single point of failure (I think pre
R2 you couldn't cluster the broker). The broker can't be a Session Host
though (the role needs to be installed, but published apps don't go on
it).

 

My clients hit the gateway web access box, and from there they hit the
broker and it load balances to the session host systems. 5 servers,
three of them SH's.

 

Funny timing - today is the day my RDS farm gets its first production
use (up to 12 folks currently on the way to an estimated 80 or so) and
it's cool to watch the RDS farm and each new session is connecting to a
different SH server like clockwork, User1 hits Server1, User2 = Server2,
User3 = Server3, User4=Server1, etc... although I think at some point
the broker also sees which server is actually the busiest and doesn't
just count active sessions..

 

http://fixmyitsystem.blogspot.com/2010/08/buildng-rds-load-balanced-farm
-with-rd.html

http://blogs.msdn.com/b/rds/archive/2010/10/15/remote-desktop-connection
-broker-scalability-testing-results.aspx

http://technet.microsoft.com/en-us/library/cc772245.aspx

 

Ping me off list of you want, since I just went through building my RDS
farm and have URL's and checklists all over the place..

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, December 17, 2010 5:30 AM
To: NT System Admin Issues
Subject: RDP Load Balancing Session Load balancing How are you
accomplishing this

 

Folks, 

 

I have a new system setup which they are looking to get more available
and eliminate a single point of failure in the connection to Windows
2008 Terminal Services Servers. 

 

Each server runs the same application pointed to the backend system as a
logged on account ( why the application works), therefore Would just the
installation of the Terminal Session Broker Load Balancing feature need
to be loaded?  ( I am wondering if this should be installed on one of
the TS servers existing, or  on a separate host. 

 

Also from a client prespective, using RDP ( 6.1) would the users connect
to the TS Session Broker Server and that would load balance the connect
to 1 of the 4 TS Servers that are loading the application?

 

Some insight from those using this in Win2k8 would be appreciated. 

 

Sincerely,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Mac connectivity to Win2K8R2

2010-12-19 Thread Ziots, Edward

And they are using smb://IP_Address_of_Server?  When they try and
connect. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Friday, December 17, 2010 10:23 AM
To: NT System Admin Issues
Subject: Mac connectivity to Win2K8R2

 

Anybody had any success with Mac clients older than 10.6 being able to
connect to Win2K8R2 shares (via SMB)?

 

We disabled NTLMv1 on the domain a bit back, but as long as the 10.4.x
(and up) Macs were bound to AD, we could connect to Win2K3 share. But
these same machines can't connect to Win2K8R2 shares.

 

Any thoughts?

 

-sc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RDP Load Balancing Session Load balancing How are you accomplishing this

2010-12-17 Thread Ziots, Edward

Folks, 

 

I have a new system setup which they are looking to get more available
and eliminate a single point of failure in the connection to Windows
2008 Terminal Services Servers. 

 

Each server runs the same application pointed to the backend system as a
logged on account ( why the application works), therefore Would just the
installation of the Terminal Session Broker Load Balancing feature need
to be loaded?  ( I am wondering if this should be installed on one of
the TS servers existing, or  on a separate host. 

 

Also from a client prespective, using RDP ( 6.1) would the users connect
to the TS Session Broker Server and that would load balance the connect
to 1 of the 4 TS Servers that are loading the application?

 

Some insight from those using this in Win2k8 would be appreciated. 

 

Sincerely,

EZ

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Late Friday Funny

2010-12-13 Thread Ziots, Edward

I loved the Desktop Part, < Yeah the girl that last owned the PC left 9
yrs ago and left the desktop looking like this.  ROFL LMAO...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Monday, December 13, 2010 4:10 PM
To: NT System Admin Issues
Subject: Re: Late Friday Funny

 

Classic...   You gotta love the abuse of Exchange admin privs...

--
ME2

 

 





On Mon, Dec 13, 2010 at 7:19 AM, Miller, Michael
 wrote:

Look up the rest of them, good sequels too.


-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, December 13, 2010 8:57 AM
To: NT System Admin Issues

Subject: RE: Late Friday Funny

Defintely a good one,

Thanks
Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505

-Original Message-
From: Evan Brastow [mailto:ebras...@automatedemblem.com]
Sent: Saturday, December 11, 2010 9:54 PM
To: NT System Admin Issues
Subject: OT: Late Friday Funny

I think this is the first "Friday Funny" I've posted in the 11 or 12
years I've been on this list, and of course, it has to be late.

Web guy vs Sales guy:

http://www.youtube.com/watch?v=uRGljemfwUE&feature=player_embedded

Enjoy,

Evan


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



This message, and any response to it, may constitute a public record and
thus may be publicly available to anyone who requests it in accordance
with Chapter 149 of the Ohio Revised Code.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: 2008 R2 printing

2010-12-13 Thread Ziots, Edward

Just stay away from the HP Print drivers and use the Universal Print
driver, and it works pretty well. The HPBRO ( HP Port resolver and HP
Status Server crap just mucks up Print servers and PC's something silly)


 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, December 13, 2010 1:35 PM
To: NT System Admin Issues
Subject: RE: 2008 R2 printing

 

Did the same, 

 

R2 for X64 and Windows 2008 SP2 for x32. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Monday, December 13, 2010 11:28 AM
To: NT System Admin Issues
Subject: Re: 2008 R2 printing

 

I ended up going with two print servers, one for x86 (2008 x86) and one
for x64 (2008 R2). It made everything simpler, from my point of view
anyway. YMMV

On 13 December 2010 16:24, David Lum  wrote:

Is it me, or does it take more than trivial effort to load 32-bit XP
drivers on a 2008 R2 print server?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: 2008 R2 printing

2010-12-13 Thread Ziots, Edward

Did the same, 

 

R2 for X64 and Windows 2008 SP2 for x32. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Monday, December 13, 2010 11:28 AM
To: NT System Admin Issues
Subject: Re: 2008 R2 printing

 

I ended up going with two print servers, one for x86 (2008 x86) and one
for x64 (2008 R2). It made everything simpler, from my point of view
anyway. YMMV

On 13 December 2010 16:24, David Lum  wrote:

Is it me, or does it take more than trivial effort to load 32-bit XP
drivers on a 2008 R2 print server?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Late Friday Funny

2010-12-13 Thread Ziots, Edward

Defintely a good one, 

Thanks
Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

-Original Message-
From: Evan Brastow [mailto:ebras...@automatedemblem.com] 
Sent: Saturday, December 11, 2010 9:54 PM
To: NT System Admin Issues
Subject: OT: Late Friday Funny

I think this is the first "Friday Funny" I've posted in the 11 or 12
years I've been on this list, and of course, it has to be late.

Web guy vs Sales guy:

http://www.youtube.com/watch?v=uRGljemfwUE&feature=player_embedded

Enjoy,

Evan


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-10 Thread Ziots, Edward

Remote code execution "unathenticated" should really be the "red flag" =
Worm, which defintely equals bad news. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: pdw1...@hotmail.com [mailto:pdw1...@hotmail.com] 
Sent: Thursday, December 09, 2010 4:39 PM
To: NT System Admin Issues
Subject: RE: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

For me, the red flag is "remote code execution."



Subject: RE: Microsoft Breaking the bank patch wise this month, 17
bulletins
Date: Thu, 9 Dec 2010 15:06:35 -0500
From: ezi...@lifespan.org
To: ntsysadmin@lyris.sunbelt-software.com

I have seen from a risk-management standpoint, that Critical isn't that
critical when you look at the compensating controls, and stuff that is
labeled Important, turn quite critical in certain organizations, when
you look at the functions it fixes and the systems affected. 

 

I never really take the default, severity that M$ gives for the patches,
based on all the additional risk mitigation you have to look at in the
patches individually, and which organization will be different.

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 2:59 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Actually, I am going to offer a different subject line

Microsoft continuing to provide software support in a timely manner.

As to 'breaking the bank'.
2 Critical out of 17 is hardly breaking the bank.  The rest are
'important' and while yes, important is important, without the rest of
the description it is hardly to evaluate under the 'breaking the bank'
headline.



On Thu, Dec 9, 2010 at 11:39 AM, Steven Peck  wrote:

And by next Saturday we'll have them fully deployed on our systems per
normal.  Just another patch cycle is all. :)

On Thu, Dec 9, 2010 at 11:22 AM, Ziots, Edward 
wrote:

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

 

On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

Good deal, too bad the organization here has different times for each
and everyone one of their systems they have agreed upon and its all
outside normal business hours and no we aren't using SMS, SCCM or
otherwise. 

 

At least its to the point that its scheduled and agreed upon downtime
and off hours, which was a lot better than 5+ yrs ago when I started the
process. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 3:01 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

2000 servers in 5 environments and 7 data centers, 5000+ desktop systems
in more locations.
In a healthcare related industry.

We have a re-occuring change for patch management with scheduled check
out with developers and the business.

On Thu, Dec 9, 2010 at 11:57 AM, Ziots, Edward 
wrote:

But how many systems do you have, when you got 800+ Servers and 10K in
workstations, by next Saturday after Patch Tuesday, probably not going
to happen here with the required Change Management and provided and the
scheduled downtime in a healthcare setting. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 2:40 PM


To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

And by next Saturday we'll have them fully deployed on our systems per
normal.  Just another patch cycle is all. :)

On Thu, Dec 9, 2010 at 11:22 AM, Ziots, Edward 
wrote:

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

 

On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

Indeed they needed a reboot, and they are going to get one, along with
the rest of the known world. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Thursday, December 09, 2010 3:02 PM
To: NT System Admin Issues
Subject: RE: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

And after the other thread, Russia needed a reboot.  LOL.

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 2:59 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Actually, I am going to offer a different subject line

Microsoft continuing to provide software support in a timely manner.

As to 'breaking the bank'.
2 Critical out of 17 is hardly breaking the bank.  The rest are
'important' and while yes, important is important, without the rest of
the description it is hardly to evaluate under the 'breaking the bank'
headline.



On Thu, Dec 9, 2010 at 11:39 AM, Steven Peck  wrote:

And by next Saturday we'll have them fully deployed on our systems per
normal.  Just another patch cycle is all. :)

On Thu, Dec 9, 2010 at 11:22 AM, Ziots, Edward 
wrote:

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

 

On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

I have seen from a risk-management standpoint, that Critical isn't that
critical when you look at the compensating controls, and stuff that is
labeled Important, turn quite critical in certain organizations, when
you look at the functions it fixes and the systems affected. 

 

I never really take the default, severity that M$ gives for the patches,
based on all the additional risk mitigation you have to look at in the
patches individually, and which organization will be different.

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 2:59 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Actually, I am going to offer a different subject line

Microsoft continuing to provide software support in a timely manner.

As to 'breaking the bank'.
2 Critical out of 17 is hardly breaking the bank.  The rest are
'important' and while yes, important is important, without the rest of
the description it is hardly to evaluate under the 'breaking the bank'
headline.




On Thu, Dec 9, 2010 at 11:39 AM, Steven Peck  wrote:

And by next Saturday we'll have them fully deployed on our systems per
normal.  Just another patch cycle is all. :)

On Thu, Dec 9, 2010 at 11:22 AM, Ziots, Edward 
wrote:

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

 

On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

But how many systems do you have, when you got 800+ Servers and 10K in
workstations, by next Saturday after Patch Tuesday, probably not going
to happen here with the required Change Management and provided and the
scheduled downtime in a healthcare setting. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Steven Peck [mailto:sep...@gmail.com] 
Sent: Thursday, December 09, 2010 2:40 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

And by next Saturday we'll have them fully deployed on our systems per
normal.  Just another patch cycle is all. :)

On Thu, Dec 9, 2010 at 11:22 AM, Ziots, Edward 
wrote:

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 

 

On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

Maybe, 

 

But I'd be really sure to get the IE patch that is going to be released
deployed,  I would also recommend checking out the SANS ISC page next
Wednesday for their breakdown on the risk associated with the patches,
they usually do a pretty good job overall. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, December 09, 2010 2:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Breaking the bank patch wise this month, 17
bulletins

 

Maybe even more pain for the people who don't patch.


 

ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
Exploiting Technology for Business Advantage...
 





On Thu, Dec 9, 2010 at 1:49 PM, Ziots, Edward 
wrote:

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org <mailto:email%3aezi...@lifespan.org> 
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Microsoft Breaking the bank patch wise this month, 17 bulletins

2010-12-09 Thread Ziots, Edward

http://www.microsoft.com/technet/security/bulletin/ms10-dec.mspx

I guess the Christmas pain is coming early. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Quick Newb SQL Question

2010-12-08 Thread Ziots, Edward

Yep, agreed we do it every hour, and its part of the maintenance plan
for all DB's. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jacob [mailto:ja...@excaliburfilms.com] 
Sent: Wednesday, December 08, 2010 2:01 PM
To: NT System Admin Issues
Subject: RE: Quick Newb SQL Question

 

Make sure you back up transaction logs also or your transaction logs
will grow

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Wednesday, December 08, 2010 9:54 AM
To: NT System Admin Issues
Subject: RE: Quick Newb SQL Question

 

Yep, you defintely want to set it for full-recovery mode. This is why we
control all DB installs, so that the vendors don't do whatever they feel
like, and leave the users high and dry. ( Best you can do with Simple
recovery mode is go back to the last full backup), with full recovery
mode you can apply the latest backup and replay the transaction logs up
to the minute you need the database back to. 

 

Good reason to always use best practices, never give vendors SA, and
apply least privilege when granting permissions to vendor accounts for
access to their databases. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Wednesday, December 08, 2010 11:22 AM
To: NT System Admin Issues
Subject: Re: Quick Newb SQL Question

 

Thanks, I changed it in the management studio. I'm doing a full backup
weekly, differentials daily and trans log hourly and also having backup
exec grab those files nightly and put them on tape. The people (Henry
Shein) who installed SQL and their software Dentrix setup the database
in simple recovery mode. I knew with my limited knowledge that SQL 2008
had better backup functions then what's offered by simple mode, hence
wanting to make the change, just wanted to make sure the change wouldn't
screw anything up.

 

James 

- Original Message ----- 

    From: Ziots, Edward <mailto:ezi...@lifespan.org>  

To: NT System Admin Issues
<mailto:ntsysadmin@lyris.sunbelt-software.com>  

Sent: Wednesday, December 08, 2010 10:42 AM

Subject: RE: Quick Newb SQL Question

 

Nope, you should keep your production DB's in full recovery
mode. You can switch that  in the SQL management Studio under options I
believe, or via TSQL ( Look in books online, they have the syntax) 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Tuesday, December 07, 2010 2:59 PM
To: NT System Admin Issues
Subject: Quick Newb SQL Question

 

I have a SQL 2008 R2 database that was setup with the simple
recovery model. It has been in production for a couple of weeks now. I
would like to change it to full recovery model. Can I change this now
without anything blowing up?

 

James

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftwa

RE: Quick Newb SQL Question

2010-12-08 Thread Ziots, Edward

Yep, you defintely want to set it for full-recovery mode. This is why we
control all DB installs, so that the vendors don't do whatever they feel
like, and leave the users high and dry. ( Best you can do with Simple
recovery mode is go back to the last full backup), with full recovery
mode you can apply the latest backup and replay the transaction logs up
to the minute you need the database back to. 

 

Good reason to always use best practices, never give vendors SA, and
apply least privilege when granting permissions to vendor accounts for
access to their databases. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Wednesday, December 08, 2010 11:22 AM
To: NT System Admin Issues
Subject: Re: Quick Newb SQL Question

 

Thanks, I changed it in the management studio. I'm doing a full backup
weekly, differentials daily and trans log hourly and also having backup
exec grab those files nightly and put them on tape. The people (Henry
Shein) who installed SQL and their software Dentrix setup the database
in simple recovery mode. I knew with my limited knowledge that SQL 2008
had better backup functions then what's offered by simple mode, hence
wanting to make the change, just wanted to make sure the change wouldn't
screw anything up.

 

James 

- Original Message ----- 

    From: Ziots, Edward <mailto:ezi...@lifespan.org>  

To: NT System Admin Issues
<mailto:ntsysadmin@lyris.sunbelt-software.com>  

Sent: Wednesday, December 08, 2010 10:42 AM

Subject: RE: Quick Newb SQL Question

 

Nope, you should keep your production DB's in full recovery
mode. You can switch that  in the SQL management Studio under options I
believe, or via TSQL ( Look in books online, they have the syntax) 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Tuesday, December 07, 2010 2:59 PM
To: NT System Admin Issues
Subject: Quick Newb SQL Question

 

I have a SQL 2008 R2 database that was setup with the simple
recovery model. It has been in production for a couple of weeks now. I
would like to change it to full recovery model. Can I change this now
without anything blowing up?

 

James

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Quick Newb SQL Question

2010-12-08 Thread Ziots, Edward

Nope, you should keep your production DB's in full recovery mode. You
can switch that  in the SQL management Studio under options I believe,
or via TSQL ( Look in books online, they have the syntax) 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Tuesday, December 07, 2010 2:59 PM
To: NT System Admin Issues
Subject: Quick Newb SQL Question

 

I have a SQL 2008 R2 database that was setup with the simple recovery
model. It has been in production for a couple of weeks now. I would like
to change it to full recovery model. Can I change this now without
anything blowing up?

 

James

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Win 2003 R2 strangeness

2010-12-07 Thread Ziots, Edward

Printmig?  To migratge the printers, or can use rmtshare to re-create
network shares via a script. 

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, December 07, 2010 9:16 AM
To: NT System Admin Issues
Subject: RE: Win 2003 R2 strangeness

Ok, so it happened again this morning. I have moved the DHCP server to
our
other DC as well as pointing people to the same file share on the other
DC.
Now all I need to do is move the printers. Anyone got a nice, easy way
to
move half a dozen network printer shares w/o reinstalling them from
scratch?
:-)



-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Monday, December 06, 2010 4:26 PM
To: NT System Admin Issues
Subject: RE: Win 2003 R2 strangeness

Well, Vipre has it's own SQL instance.




-Original Message-
From: Phil Brutsche [mailto:p...@optimumdata.com] 
Sent: Monday, December 06, 2010 4:20 PM
To: NT System Admin Issues
Subject: Re: Win 2003 R2 strangeness

I believe he was talking about the ICVerify service, not SQL.

If VIPRE depends on that SQL service it will cease to function.

On 12/6/2010 3:17 PM, John Aldrich wrote:
> Thanks... Again, since Vipre depends on SQL Express, I was afraid to
do
> that, but I took a shot and it looks like I can disable that instance
of
SQL
> Express without affecting Vipre any. :-) So, it's disabled, and I told
SQL
> Express not to start that database on O/S startup.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Really, really, really, early Friday Funny.

2010-12-07 Thread Ziots, Edward

NICE>..

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Tuesday, December 07, 2010 8:12 AM
To: NT System Admin Issues
Subject: RE: Really, really, really, early Friday Funny.

 

I’ll see you and raise you one…

 

http://www.youtube.com/watch?v=9a8jGVXOMsw&feature=player_embedded

 

 

 

From: Daniel Rodriguez [mailto:drod...@gmail.com] 
Sent: Monday, December 06, 2010 7:14 PM
To: NT System Admin Issues
Subject: Really, really, really, early Friday Funny.

 

Saw this and had to pass it along.

http://www.boingboing.net/2010/12/05/irate-cash4gold-lett.html

Really funny. Hope you all enjoy.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: IPAD vs Android tablets

2010-12-07 Thread Ziots, Edward

Yep, Greg, that is very much the issue these days on the healthcare
side.  I can't disagree at all accordingly.  As long as the
practice/DR's are signing that they assume the risk/liability, you are
basically off the hook.

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Monday, December 06, 2010 9:55 PM
To: NT System Admin Issues
Subject: RE: IPAD vs Android tablets

 

Not to worry, my customers beat me up much harder Z.

You have very good points regarding the security.  A simple enough
method to mitigate it is not install Email on the device and require
them to use Outlook via the Terminal Server.  RDP would be the method,
and yes if they stole the device, implanted a root kit, keylogger etc on
it they could obtain the information.   We are looking at Authentication
tokens required to TS into it, but the vendors are small.  Wyse has an
app, but we have not tested two-factor yet.  Good thing its available on
Droid or Ipad.  Doctors do get what they want, they drive the money to
the practice, but for all their yelling and complaining when the
Practice Admin says fine, this is what you now get paid, they start back
pedaling.. J  In the end we can simply as we always do define the
risks/benefits, remind them of compliance and offer them
software/hardware to meet that compliance..but in the end its their
decision.  Not mine.  

Some practices enforce those policies, others choose not too.  When it
hits the fan it will hit them in the pocketbook and I will waive my
signed document of disclosure and release of liability and help them
clean up the mess.

 

 

 

Greg Sweers

CEO

ACTS360.com <http://www.acts360.com/> 

P.O. Box 1193

Brandon, FL  33509

813-657-0849 Office

813-758-6850 Cell

813-341-1270 Fax

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, December 06, 2010 10:58 AM
To: NT System Admin Issues
Subject: RE: IPAD vs Android tablets

 

Is the traffic between the EMR site and the tablet encrypted? ( Proves
Confidentiality of the information being transferred between the client
and the EMR)? (IPSEC or TLS/SSLv3)

 

If emails get stored on the devices, then electronic communications
within the non-encrypted emails, could contain PHI/PII or other
sensitive company communications  that if divulged to the public or a
malicious third party could bring about information disclosure, or
breach notification laws.  Not trying to beat you up Greg, but just
because you say the users aren't sending information with HIPAA related
information anymore, doesn't mean they still aren't doing it. ( We all
know folks are ignorant of policies, and/or circumvent them for various
reasons)

 

Also, I am not sure there is any forensically sound data wiping
utilities for the IPAD/Iphone/ ( Other mobile device) therefore if they
obtain the device itself ( Physical Theft) its only a matter of time
that all the information on the device will be obtained. Either that or
a more sinister plot is to plant a rootkit on the device, or a backdoor
as a legit application, and re-introduce it back to the users and
monitor all the information crossing said device and gleam the
information form afar, thus having complete control over the device and
obtaining multiple different sets of information, credentials, to
conduct more nefarious deeds. 

 

There has been plenty of attacks against RDP accordingly ( MITM, namely)
that could be brought to bear, but I would assume that's a low risk type
of attack, if they got the network between you and the EMR, you
basically toasty anyways. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Monday, December 06, 2010 9:42 AM
To: NT System Admin Issues
Subject: RE: IPAD vs Android tablets

 

Heard and being addressed.  The main function is for RDP back into their
server farm to access their EMR applications while on rounds in
hospitals and doing clinics/on call.

 

Email would be the only thing to get stored on the devices and they do
not send anything Hipaa within emails anymore.

 

Greg Sweers

CEO

ACTS360.com <http://www.acts360.com/> 

P.O. Box 1193

Brandon, FL  33509

813-657-0849 Office

813-758-6850 Cell

813-341-1270 Fax

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Sunday, December 05, 2010 4:55 PM
To: NT System Admin Issues
Subject: RE: IPAD vs Android tablets

 

Honestly the security features on a lot of things Tablets are lacking,
and probably will not satisify MASS CMR 201.17 for data encryption of
EPHI/PII, along with leaving you open for more issues within HIPAA and
the HItech Act, therefore you might want to seriously reconsider using
these to vie

< 3 4 5 6 7 8 9 10 11 12 >

701 - 800 of 2356 matches

Mail list logo