Re: Site to Site VPN... What works?

+1 on this. I've benchmarked the linksys WRT54G against other comparible models before, it it rated at the bottom of the list when depending on hardware encryption performance. I like it as a home routing device, but I dont recommend it for site-to-site when performance needs to be maximized. --

RE: data-center in the sky

works for = goofs off at From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Wednesday, February 25, 2009 8:38 PM To: NT System Admin Issues Subject: RE: data-center in the sky Have you checked with the folks at Peak10 ? http://www.peak10.com/ They might suit your needs... Not sure *where* in

RE: Site to Site VPN... What works?

Good point. But I would still have to try... :) Although agreed that if I were setting this up for a paying client who wanted to do it "right" I wouldn't go with DD-WRT. I did find someone who indicated that vpn throughput from a windows box to DD-WRT (didn't say IPSec or PPTP) was around 5Mbps:

Re: Site to Site VPN... What works?

I had to call them about a month back...and surprisingly the support has improved 500%. Not only did I get somebody within ten minutes, they knew what they were talking about, and the actually followed up on the support call. Plus you can interact on the mysonicwall site with the support team. Al

Re: Site to Site VPN... What works?

I've spoken to them in the past couple of months a couple of times. I've experienced nothing like that at all (thank goodness.) -- ME2 On Wed, Feb 25, 2009 at 10:15 PM, Erik Goldoff wrote: >  -1 on the Sonicwall for me, more for the crappy support than the actual > device.  Getting informatio

Re: Site to Site VPN... What works?

+1 on the SonicWALL. Site-to-site VPN is as easy as pie... -- ME2 On Wed, Feb 25, 2009 at 9:57 PM, Derek Lidbom wrote: > +1 on the SonicWALL. > > My only question, if you're going to try 2 TZ180's talking to each other > (the easiest to implement), is would the one at your HQ have to have an

RE: Site to Site VPN... What works?

-1 on the Sonicwall for me, more for the crappy support than the actual device. Getting information from tech support was worse than pulling teeth, obvious script reader from a sub-asian country ( possibly the 2nd most populous ) had no knowledge beyond what was in the script, and when I aske

Re: Site to Site VPN... What works?

I don't know if I would go that route, just on a basis of CPU "horsepower". Most of the options I listed have either hardware cryptographic accelerators or enough horsepower to do it in software. The Linksys WRT54G(L) boxes have very, very weak CPUs and do not possess the necessary hardware accel

Re: Site to Site VPN... What works?

+2 for Sonicwall - TZ190s here connected to a base 3060. On Wed, Feb 25, 2009 at 8:57 PM, Derek Lidbom wrote: > +1 on the SonicWALL. > > My only question, if you're going to try 2 TZ180's talking to each other > (the easiest to implement), is would the one at your HQ have to have an > unlimited

RE: data-center in the sky

I used Rackspace in a prior life and liked them a lot. They rented me the server, gave me TS access and the admin password and let me go at it. Great bandwidth, uptime, etc. I was always VERY pleased with the whole solution. From: Michael B. Smith [mailto:mich...@theessentialexchange.com] Sent

RE: Site to Site VPN... What works?

+1 on the SonicWALL. My only question, if you're going to try 2 TZ180's talking to each other (the easiest to implement), is would the one at your HQ have to have an unlimited license (usually they are licensed per node on the network...I think 10, 25, unlimited). The unlimited version should run

RE: data-center in the sky

Ive never had better hosting/renting than with the planet. Speed and price, they are located in Texas FWIW. (www.theplanet.com) From: Michael B. Smith [mailto:mich...@theessentialexchange.com] Sent: Wednesday, February 25, 2009 8:59 PM To: NT System Admin Issues Subject: data-center in t

RE: data-center in the sky

Have you checked with the folks at Peak10 ? http://www.peak10.com/ They might suit your needs... Not sure *where* in the East Coast you want them, Matt Searfoss is the VP/GM of the center they have in Norcross not far from me, holler if you want his contact info ( and I think Shook works for t

Re: Site to Site VPN... What works?

SonicWALL TZ 180 - US $340 via NewEgg Cisco 851 - US $250 (not for the faint of heart, IMO the web interface is worthless) Cisco 1711 - under US $100 on eBay - again, not for the faint of heart Old PIII PC with 2 NICs and m0n0wall Matthew W. Ross wrote: > 1. Cheap, as in less than $1000. 2. Easy t

data-center in the sky

I need to find a "data-center in the sky". That is, a company that has plenty of bandwidth and rents servers to their clients. In a "past life" I used Softlayer and was happy with them, but I'm interested in knowing what else is out there (primarily interested in the East Coast USA). Thanks

RE: Site to Site VPN... What works?

You looking to setup a vpn tunnel to only one other location ? You could for very low cost use a couple of NetGear FVS firewalls and just have routing tables for each side point to the Netgear for the gateway to the other network... Probably less than 30 minutes setup Erik Goldoff IT Consulta

Re: Site to Site VPN... What works?

I user Fortinet SOHO units for some small offices on cable modem needing site-to-site VPN to our HQ units. They should speak to other non-Fortinet firewalls just fine since your HQ unit probably isn't Fortinet. They are I think $300- $600 depending on the model and options. The Fortinet devic

RE: Site to Site VPN... What works?

+1 pfsense is rock solid IMO -Original Message- From: Jeremy Phillips [mailto:jeremy.phill...@azaleos.com] Sent: Wednesday, February 25, 2009 7:40 PM To: NT System Admin Issues Subject: RE: Site to Site VPN... What works? Check out pfSense (www.pfsense.org) - I've had fantastic success w

Re: Site to Site VPN... What works?

OpenVPN uses SSL, and I don't play well with Linux (I use FreeBSD), so if I get that up and running I'll let you know. For the IPSec, it sounds like it might have been disconnecting after a failed or expired re-key, and neither was set to initiate a connection. That's something that you'll run int

RE: Site to Site VPN... What works?

Check out pfSense (www.pfsense.org) - I've had fantastic success with it in the past and commercial support is available if needed. Thanks, Jeremy Phillips Director of Operations | Azaleos Corporation | T: 206.926.1945 | M: 540.322.7980 You rely on Exchange. We keep it running. -Original M

Re: Site to Site VPN... What works?

I re-read my post, yeah, I left some details out: I tried linux hosted OpenVPN and IPSec with varying degrees of success. I never got OpenVPN working (I really didn't get enough time to get into the nitty gritty of setting it up, ran out of time) and IPSec worked, but it wasn't reliable. (It di

Re: Site to Site VPN... What works?

IPSec is a suite of protocols, which are implemented by various vendors, in varying degrees of quality. When you said you tried IPSec, what do you mean by that? I'd also like to know what your issues were with OpenVPN, as it's something I'd like to try at some point myself. Anyway, check out the

Re: OT: video-safe for work

LOL, good one Shook! On Wed, Feb 25, 2009 at 5:33 PM, Andy Shook wrote: > This so needs to be on Friday’s WServerNews and yes Stu, you can give me > credit for the find. J > > > > http://www.break.com/index/all-purpose-pair-of-nunchucks.html > > > > Shook > > > > > > > > -- Sherry Abercrombi

Site to Site VPN... What works?

Greetings List, I've got a small lab of computers offsite. I want to be able to access them for support from HQ. While dail-in style VPN works okay, I'm thinking of getting a real site-to-site network solution working. I do want all traffic between the two sites encrypted, I've looked at IPSec

OT: video-safe for work

This so needs to be on Friday's WServerNews and yes Stu, you can give me credit for the find. :) http://www.break.com/index/all-purpose-pair-of-nunchucks.html Shook ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

RE: 0-Day Excel

There is also an interesting bit of detail here- http://blogs.technet.com/swi/archive/2009/02/24/more-information-about-t he-new-excel-vulnerability.aspx "We analyze a lot of Office content type exploits and this is the first time we have seen a working exploit in-the-wild that is able to run

RE: 0-Day Excel

Also http://blogs.technet.com/msrc/archive/2009/02/24/microsoft-security-advi sory-968272.aspx From: Bill Songstad (WCUL) [mailto:administra...@waleague.org] Sent: Wednesday, February 25, 2009 8:33 AM To: NT System Admin Issues Subject: RE: 0-Day Excel http://www.microsoft.com/technet/s

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

Well, that would certainly prevent us from needing IPv6, wouldn't it? :-) -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, February 25, 2009 4:53 PM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft "SharedView" On

RE: Mystery Domains

Now, this is something I have done for a long time via GPO! Dave -Original Message- From: Free, Bob [mailto:r...@pge.com] Sent: Wednesday, February 25, 2009 1:50 PM To: NT System Admin Issues Subject: RE: Mystery Domains Disable the computer browser service on your workstationswe did

NAP anyone?

I'm testing out NPS or NAP (whatever they call it) in a lab setting...wondering if anyone has it running on production networks yet. It seems to do what it is supposed to do, as far as I can tell. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

On Wed, Feb 25, 2009 at 9:43 AM, Micheal Espinola Jr wrote: > True, but I just dont like seeing apps like this encapsulated through > HTTP. I think we're eventually going to get to the point where all Internet traffic is on TCP/80 and every computer is going to think its IP address is 192.168.1

RE: Mystery Domains

Disable the computer browser service on your workstationswe did it years ago and never looked back. At the very least disable the ability of your workstations to maintain a browse list. His computer has probably become a browse master (or backup) for the network it is on, is picking up all

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

They aint the only l...@mers that do that sort of thing.. So AV companies and even patch management companies actually do the same thing. So goes ya Egress Filtering. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phon

Re: Flash patch, anyone?

On Wed, Feb 25, 2009 at 10:32 AM, David Lum wrote: > Grrr…I have no way to push this…has anyone signed up for “Adobe Player > Licensing” to take advantage of the network push capabilities? We do that for both Adobe Reader and Flash Player. Gets us MSIs we can tweak (transform) and then deploy

RE: 0-Day Excel

We might see this one go Out-of-cycle if it becomes bad enough, it seems to be M$ M.O. Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 -Original Message- From: Andy Ognenoff [mailto:andyognen..

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

That is p0rn! Get your http right :) Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 -Original Message- From: Michael B. Smith [mailto:mich...@theessentialexchange.com] Sent: Wednesday, February

RE: Mystery Domains

Both work fine. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, February 25, 2009 4:28 PM To: NT System Admin Issues Subject: Re: Mystery Domains \\server.domain.tld\share, vs. \\server\share On Wed, Feb 25, 2009 at 12:27, David Mazzaccaro wrote: > co

Re: Mystery Domains

\\server.domain.tld\share, vs. \\server\share On Wed, Feb 25, 2009 at 12:27, David Mazzaccaro wrote: > correct.  No WINS. > \\server\share works fine. > What do you mean by a UNC that aren't FQDN? > > > From: David Lum [mailto:david@nwea.org] > Sent: Wednesday

RE: HP RAID5 P400 SATA questions

The E200/128 controller will not do RAID5 unless you add the 128MB BBWC upgrade. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Wednesday, February 25, 2009 11:20 AM To: NT System Admin Issues Subject: RE: HP RAID5 P400 SATA questions Two of the servers will have

Re: Mystery Domains

Hopefully you really only need to worry about it if you have a single-label domain. Klint Scott Kaufman at HQ wrote: > > You don't need WINS to do hostname resolution. > > If DNS is correctly configured, hostname resolution will work just fine. > > Since 2000, the OS uses DNS first before WINS

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

Both, and that overloading ports with too many protocols is bad, too, especially well-known ports and protocols that are ill-defined. On Wed, Feb 25, 2009 at 05:19, Michael B. Smith wrote: > Are you saying that encapsulated communications are bad? > > Or that unencrypted encapsulated communicatio

Re: HP RAID5 P400 SATA questions

Yes the 1TB drives are 3.5. 454146-B21 On Wed, Feb 25, 2009 at 12:51 PM, Alverson, Tom (Xetron) < tom.alver...@ngc.com> wrote: > Are the 1TB SATA’s 2.5 or 3.5inch? I’m amazed that you can get 500GB in > a 2.5in drive, so I would guess 3.5. Do you have a PN on the 450GB 2.5in > SAS? > > > > *F

RE: Can AD child domains establish outside trust without parent permission?

Thanks Bob and Anders. We will start monitoring the specific events in logs. Jay ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ ~

Re: HP RAID5 P400 SATA questions

454232-B21 450GB SAS On Wed, Feb 25, 2009 at 12:51 PM, Alverson, Tom (Xetron) < tom.alver...@ngc.com> wrote: > Are the 1TB SATA’s 2.5 or 3.5inch? I’m amazed that you can get 500GB in > a 2.5in drive, so I would guess 3.5. Do you have a PN on the 450GB 2.5in > SAS? > > > > *From:* Steve Ens

RE: HP RAID5 P400 SATA questions

Here is the part # from our quote. HP 300GB 10K rpm Hot Plug SAS 2.5 Dual Port Hard Drive 492620-B21 Thanks for the performance data. I'll definitely do some testing when the systems arrive. -Original Message- From: Alverson, Tom (Xetron) [mailto:tom.alver...@ngc.com] Sent: Wednesday, F

RE: Mystery Domains

Couldn't these just be workgroups that someone's home computer was configured for when they plugged into your wall jack? I don't know how your network is configured, but you may have a hard time stopping this behavior. We see it every once in a while; we give every machine an IP, but home mach

RE: A simple yet...not so simple ??

You just need to read the help with adfind. If you don't want the DN, then add -nodn to the command line. I don't know what you mean by "with and without commas". Adfind -default -f "(&(objectCategory=Person)(objectClass=User)(homeDirectory=\5c\5cmyServer*)) " -csv -nodn sAMAccountName give

RE: HP RAID5 P400 SATA questions

Are the 1TB SATA's 2.5 or 3.5inch? I'm amazed that you can get 500GB in a 2.5in drive, so I would guess 3.5. Do you have a PN on the 450GB 2.5in SAS? From: Steve Ens [mailto:stevey...@gmail.com] Sent: Wednesday, February 25, 2009 1:45 PM To: NT System Admin Issues Subject: Re: HP RAID5 P40

Re: A simple yet...not so simple ??

Try this Adfind –default –f "&(objectCategory=Person)(objectClass=User)(homeDirectory=\5c\5cmyServer*)" sAMAccountName givenName homeDirectory -csv -nodn -nolabel > c:\temp\scripts\adinfo\hd.csv On Wed, Feb 25, 2009 at 1:39 PM, MarvinC wrote: > Adfind for some reason returns the dn of every ob

Re: HP RAID5 P400 SATA questions

I think they actually have 450GB 2.5" SAS drives alreadyplus the 1TB SATAs... On Wed, Feb 25, 2009 at 11:13 AM, Alverson, Tom (Xetron) < tom.alver...@ngc.com> wrote: > I have never used the E200/128 controller. Based on my experience here, > I would probably want to get any battery or memory

Re: A simple yet...not so simple ??

ok, I did this because I was curious to see if I could, not because it's better/worse. ADquery is probably faster. I tested this on our internal file pats and it worked. Requires: Powershell v1, Quest AD cmdlets # Get the users into a local variable, you can limit with a -searchroot switch PS:

RE: HP RAID5 P400 SATA questions

I have never used the E200/128 controller. Based on my experience here, I would probably want to get any battery or memory options available. When you first set it up, run the ATTO bench32.exe program to make sure it's working OK. Bench32 writes then reads back a file (you can change the file siz

Re: A simple yet...not so simple ??

Adfind for some reason returns the dn of every object in AD and instead of displaying the attributes pertaining to that server it populates those rows with sAMAccountName, which in turn causes the file to grow to 64MB. So I end up with the following: Adfind –default –f "(&(objectCategory=Person)(o

Re: A simple yet...not so simple ??

+1 on ADFIND. Use this instead of DSQUERY. It will make your life a lot easier. On Wed, Feb 25, 2009 at 1:03 PM, Michael B. Smith < mich...@theessentialexchange.com> wrote: > Use adfind from www.joeware.net instead of dsquery. > > > > Adfind –default –f > > "(&(objectCategory=Person)(objectC

RE: Can AD child domains establish outside trust without parent permission?

In the absence of 3rd party tools, probably the simplest way to monitor trust creation/modification is via the security log. You want Policy Change auditing enabled and watch for events 610/611/620 in W2K/W2K3. Different events in 08 but you get the idea. 610- New Trusted Domain 611- Trusted Do

RE: Viewing log files in realtime

+1 x10! This tool is invaluable! David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -Original Message- From: Steven Peck [mailto:sep...@gmail.com] Sent: Wednesday, February 25, 2009 9:54 AM To: NT System Admin Issues Subject: Re:

RE: A simple yet...not so simple ??

Use adfind from www.joeware.net instead of dsquery. Adfind -default -f "(&(objectCategory=Person)(objectClass=User)(homeDirectory=\5c\5cmydirectory path*))" -csv sAMAccountName givenName profilePath homeDirectory > c:\temp\scripts\adinfo\hd.csv Adfind has been around a long time, much longe

Re: A simple yet...not so simple ??

This may seem dumb but what's the best way to add additional attributes and have them delimited in spreadsheet form? It wants to place everything into one row and I'm tried using commas to no avail. dsquery * domainroot -limit 3000 -filter "(&(objectCategory=Person)(objectClass=User)(homeDirectory

Re: Viewing log files in realtime

Since we wandered a little into free tools and I saw mention of someone working on SMS tomorrow.. Our former SMS guru (now SCCM guru) found this a while ago and for SMS/SCCM clients it is a must have tool. http://sourceforge.net/projects/smsclictr Steven Peck http://www.blkmtn.org On Wed, Feb 2

RE: 0-Day Excel

Grrafter reading the MS KB link Bill posted I do remember seeing it, the funny sounding "Microsoft Office Isolated Conversion Environment (MOICE)" piece snapped me back to "oh yeah, seen it". Sorry for the additional traffic. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (D

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

HAHAHAHAHA. Not. It was for pr0n! :-) -Original Message- From: Troy Meyer [mailto:troy.me...@monacocoach.com] Sent: Wednesday, February 25, 2009 11:37 AM To: NT System Admin Issues Subject: RE: Another screen sharing gizmo (free) from Microsoft "SharedView" ME2, Totally agree, all that

RE: Adobe 0-day

Thanks for posting. Curious, will this work with restricted users since logons scripts run under the user's context? From: 8400...@gmail.com [mailto:8400...@gmail.com] On Behalf Of jond Sent: Wednesday, February 25, 2009 10:34 AM To: NT System Admin Issues Subjec

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

ME2, Totally agree, all that stupid encapsulation c...@p for work purposes. We all know what HTTP was intended for: http://www.cnet.com/8301-18603_1-10170726-73.html -troy -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25,

RE: 0-Day Excel

SANS had it yesterday: http://isc.sans.org/diary.html?storyid=5923  - Andy O. From: David Lum [mailto:david@nwea.org] Sent: Wednesday, February 25, 2009 10:29 AM To: NT System Admin Issues Subject: 0-Day Excel Wow, I hadn’t heard of this via my regu

Re: Adobe 0-day

Here example of the code I put in our login script if anyone needs it. It will need to be modified if you want to use it, and do your own DD, and testing before you blow up all your users computers :) @echo off :: if exist c

RE: 0-Day Excel

http://www.microsoft.com/technet/security/advisory/968272.mspx Bill From: David Lum [mailto:david@nwea.org] Sent: Wednesday, February 25, 2009 8:29 AM To: NT System Admin Issues Subject: 0-Day Excel Wow, I hadn't heard of this via my regular channels (SANS, patch mgmt mailing lis

0-Day Excel

Wow, I hadn't heard of this via my regular channels (SANS, patch mgmt mailing list, here) http://tech.yahoo.com/news/pcworld/20090224/tc_pcworld/attackerstargetingunpatchedvulnerabilityinexcel2007 David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267

RE: HP RAID5 P400 SATA questions

Two of the servers will have 2 x 72gig 15krpm sas 2.5inch raid 1 for os and 3 x 146gig 10krpm 2.5inch sas raid 5 for data. These are for MS-Hyper-v use. Exchange server will have 2 x 72gig 15krpm sas 2.5inch raid 1 for os, 2 x 146gig 10krpm 2.5 inch sas raid 1 for logs and 3 x 300gig 10krpm 2.5inch

RE: Flash patch, anyone?

It's no big deal to get. Free, fill out the forms and they send you the link via email right away. You are just agreeing to only distribute it to your network computers. http://www.adobe.com/products/players/fpsh_distribution1.html From: David Lum [mailto:david@nwea.org] Sent: Wednesday,

Re: A simple yet...not so simple ??

Abso-freakin-YES!! Thank you sir! On Wed, Feb 25, 2009 at 10:16 AM, Michael B. Smith < mich...@theessentialexchange.com> wrote: > You are close. > > > > dsquery * domainroot -filter > "(&(objectCategory=Person)(objectClass=User)(homeDirectory=\5c\5cmyserver))" > -attr sAMAccountName homeDirecto

RE: Flash patch, anyone?

I have for their Reader products. Pretty straight forward and easy process. Open up access to a lot of deployment tools and options. From: David Lum [mailto:david@nwea.org] Sent: Wednesday, February 25, 2009 9:33 AM To: NT System Admin Issues Subject: Flash

Flash patch, anyone?

Grrr...I have no way to push this...has anyone signed up for "Adobe Player Licensing" to take advantage of the network push capabilities? http://www.adobe.com/support/security/bulletins/apsb09-01.html David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503

RE: A simple yet...not so simple ??

You are close. dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(homeDirectory=\5c\5cmyserver))" -attr sAMAccountName homeDirectory > c:\temp\scripts\adinfo\hdprofile.txt Notice that I removed an extra slash you had in there. I tested this, it works. Note that you PR

RE: Adobe 0-day

More stuff concerning the PDF/JBIG issues: http://blogs.zdnet.com/security/?p=2668 (Has got some reg tweaks and such for disabling auto open in IE) http://isc.sans.org/diary.html?storyid=5926 http://isc.sans.org/diary.html?storyid=5932 - Andy O. >-Original Message- >From: David Lum [

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

LOL On Wed, Feb 25, 2009 at 9:52 AM, Andy Shook wrote: > Please someone call the Waaa-bulance :) > > Shook > > -Original Message- > From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] > Sent: Wednesday, February 25, 2009 9:43 AM > To: NT System Admin Issues > Subject: Re: An

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

Please someone call the Waaa-bulance :) Shook -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 9:43 AM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft "SharedView" True, but

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

True, but I just dont like seeing apps like this encapsulated through HTTP. Its not what it was intended for. They should at least have the decency to pick another port for this sort of thing. Plus, I had to come in a couple of hours early today, and I needed to complain about something. ;-) --

RE: HP RAID5 P400 SATA questions

I would definitely get the battery/memory add-on option if I were you. Are you going to use SAS or SATA drives? What size? -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, February 24, 2009 9:51 PM To: NT System Admin Issues Subject: RE: HP RAID5 P400 SATA

RE: HP RAID5 P400 SATA questions

I did not see any way to choose the strip and cluster sizes while creating the array, so they are at the default. I may be able to see what the defaults were by running the raid array utility in windows. From: Brian Hintz [mailto:bhi...@gmail.com] Sent: Tuesday, February 24, 2009 6:59 PM To:

RE: HP RAID5 P400 SATA questions

I don't know if it will do RAID10. It won't even do RAID6 until you add the extra memory/battery option. My only options (as the card sits now) are RAID0 RAID1 or RAID5. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, February 24, 2009 7:18 PM To: NT System Admin Issues Subj

RE: HP RAID5 P400 SATA questions

Just do a google search for "P400 raid slow" and you will see a bunch of posting (mostly on HP forums). They usually say "update your firmware and drivers" but I always do that before starting any install. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, Fe

Re: A simple yet...not so simple ??

Tried that with this and still no luck: dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(homedirectory=\5c\5c\myserver$))" -attr sAMAccountName homeDirectory > c:\temp\scripts\adinfo\hdprofile.csv and with this: dsquery * domainroot -filter "(&(objectCategory=Person)(ob

RE: Out of band patches ?

Pretty much. I usually just sit on the non security stuff until the next monthly security patch release. For example the ones that come out Monday will sit until next month. Defender ones I do as they come out. From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, February 24, 200

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

Well, encapsulated connections are here to stay. I agree that they should be encrypted. It's not exactly as if it is a Microsoft specific thing. SSL VPNs, ssh tunneling - lots of examples in the OSS world too. -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com

RE: AD & General audit tool

Most, if not all, of this is available free from MSFT. Active Directory Topology Mapper, Group Policy Management Console, icacls - these do everything you listed. From: Cesare' A. Ramos [mailto:cra...@idfllc.com] Sent: Tuesday, February 24, 2009 11:33 PM To: NT System Admin Issues Subject: AD

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

Decisions, decisions! :-) -- ME2 On Wed, Feb 25, 2009 at 8:19 AM, Michael B. Smith wrote: > Are you saying that encapsulated communications are bad? > > Or that unencrypted encapsulated communications are bad? > > -Original Message- > From: Micheal Espinola Jr [mailto:michealespin...@

RE: Another screen sharing gizmo (free) from Microsoft "SharedView"

Are you saying that encapsulated communications are bad? Or that unencrypted encapsulated communications are bad? -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 8:14 AM To: NT System Admin Issues Subject: Re: Another scr

Re: Viewing log files in realtime

baremetal makes up a couple of great utilities. I'm a huge fan of the baregrep util. Very fast searching with the power of regular expressions. -- ME2 On Tue, Feb 24, 2009 at 5:54 PM, Free, Bob wrote: > http://www.baremetalsoft.com/baretail/index.php > > Awesome little free tool, standalone

Re: Another screen sharing gizmo (free) from Microsoft "SharedView"

Good to see Microsoft still supports bitching things through port 80. Way to go - not. -- ME2 On Tue, Feb 24, 2009 at 4:49 PM, Alverson, Tom (Xetron) wrote: > Similar but different.  Netmeeting is point to point.  SharedView > appears to communicate through Microsoft servers on ports 80 and 44

Re: Can AD child domains establish outside trust without parent permission?

Since the forest is the security boundary you can't actually prevent the local domain administrators from forming a direct ntlm trust. You can use the netdom or nltest command line tools to query each domain for trusts. You can also use adfind or dsquery to search for trustedDomain objects in each

Can AD child domains establish outside trust without parent permission?

Can AD child domains establish outside trust without permission of admin of the parent/root domain? Can this be prevented? If not, how can we monitor this? Thanks. Jay Kulsh So. Pasadena, CA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

Re: AD & General audit tool

Hi, You can use ADManager plus. I've tried it before, it's a good program For more info http://manageengine.adventnet.com/products/ad-manager/download.html Quoting "Cesare' A. Ramos" : Hellos.. We are currently in research and eval mode for a software tool that will allow us to gather al

RE: OOO responsibility

I have been asked to do this about 4 times in 12 years, so doesn't happen a lot. René -Original Message- From: Steven Peck [mailto:sep...@gmail.com] Sent: Tuesday, February 24, 2009 5:55 PM To: NT System Admin Issues Subject: Re: OOO responsibility There are occasions we do it. It's a