IIS vulnerability alert! (rated high)
http://www.doecirc.energy.gov/bulletins/t-286.shtml
http://secunia.com/advisories/37831/
Nah, nevermind: For an exploit to succeed, IIS must be configured in a
nondefault way and contrary to the vendor's recommended best practices. I.e.
you set yourself up
It's still a vulnerability - parsing an input string incorrectly.
Lots of nasty vulnerabilities start this way.
Kurt
On Wed, Dec 30, 2009 at 06:12, David Lum david@nwea.org wrote:
IIS vulnerability alert! (rated high)
http://www.doecirc.energy.gov/bulletins/t-286.shtml
Since the subject came up last week I just came across this, the price is right
(it's free right now) O O Defrag 10,
www.oo-software.com/home/en/special/komputerswiat/
CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for
My Google-Fu fails me at the moment... isn't there a way to fool websites
into thinking your browser ( IE or Firefox ) is actually a browser on a
mobile device ?
Thanks, and Happy 2010
Erik Goldoff
IT Consultant
Systems, Networks, Security
' Security is an ongoing process, not a one
Would a mobile device emulator app work?
On Wed, Dec 30, 2009 at 9:15 AM, Erik Goldoff egold...@gmail.com wrote:
My Google-Fu fails me at the moment... isn't there a way to fool websites
into thinking your browser ( IE or Firefox ) is actually a browser on a
mobile device ?
Thanks, and
Here's an article on making FF look like other browsers (linked from a hit on a
Bing search for 'Make Firefox look like mobile browser'):
http://www.linux.com/archive/feature/121612
HTH!
Brian,
MCSE and stuff
From: Erik Goldoff egold...@gmail.com
To: NT
Basically, you need to change the user-agent the browser reports. Besides
Sherry's idea, which is probably the easiest, there are plugins you can get
too.
http://www.ericgiguere.com/articles/masquerading-your-browser.html
https://addons.mozilla.org/en-US/firefox/addon/59
Jeff
On Wed, Dec 30,
On 30 Dec 2009 at 10:15, Erik Goldoff wrote:
My Google-Fu fails me at the moment... isn't there a way to fool websites
into thinking your browser ( IE or Firefox ) is actually a browser on a
mobile device ?
Use the UserAgent add-on with the UA of various mobile devices. Here's the UA
for
actually looking because a friend's browser is 'stuck' where all sites he
visits act like he 's on a mobile browser ... not sure if malware caused
this or just a flipped bit somewhere
Erik Goldoff
IT Consultant
Systems, Networks, Security
' Security is an ongoing process, not a one time
thanks, I need to ask my friend if he's on FF or IE
Erik Goldoff
IT Consultant
Systems, Networks, Security
' Security is an ongoing process, not a one time event ! '
_
From: Brian Richards [mailto:locomotive_breath_...@yahoo.com]
Sent: Wednesday, December 30, 2009 10:27
just fyi, he's on IE not FF, says sites think he's on an iPhone ... got him
doing a safe-mode reboot to scan for malware
Erik Goldoff
IT Consultant
Systems, Networks, Security
' Security is an ongoing process, not a one time event ! '
_
From: Erik Goldoff
Jeff's first link provides good info on how a browser version can be (or
become) obfuscated.
From: Erik Goldoff egold...@gmail.com
To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com
Sent: Wed, December 30, 2009 10:30:24 AM
Subject: RE: Make
http://blogs.technet.com/markrussinovich/archive/2009/11/03/3291024.aspx
The New Best Practice
It's a little surprising that the SID duplication issue has gone
unquestioned for so long, but everyone has assumed that someone else
knew exactly why it was a problem. To my chagrin, NewSID has never
Where were you when we discussed this last month? :)
The conclusions come down to this, as I remember them:
1] in a domain environment, it's no problem. In a workgroup/homegroup
environment, SID duplication is a possibility.
2] some third party applications do depend on SID uniqueness.
From:
I've been imaging systems for over 10 years now; never used/needed
NewSID...
Sam
From: jbech...@actsconsulting.net [mailto:jbech...@actsconsulting.net]
Sent: Wednesday, December 30, 2009 10:07 AM
To: NT System Admin Issues
Subject: NewSID not neededWow
http://www.youtube.com/watch_popup?v=jEjUAnPc2VA
Roger Wright
___
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
All,
I am looking for a little help. As many of you are aware MS changed
their Software Assurance site. It just so happens, that I am a new EA
customer. I wanted to use the unlimited web tickets resource. In order
to do that, I need to activate my benefits.
However, due to a system
Hi,
Anyone know of a easy way to tell if a computer will be able to run a 64 bit
guest in Vmware? I have two 64 bit machines in my home lab, one running
ESXi and one running Vmware Server. Neither will run a 64 guest so I'm
looking to upgrade to do some testing with 2008 R2. Any ideas?
~
VMWare compatibility list
From: Philip Brothwell
To: NT System Admin Issues
Sent: Wed Dec 30 13:26:14 2009
Subject: Hardware for 64 bit guest OS in Vmware
Hi,
Anyone know of a easy way to tell if a computer will be able to run a 64 bit
guest in Vmware? I have
VMware has a cpu check util on their site. However, there are certain BIOS
setting requirements as well which might be your current problem.
They have a support doc on running 64 bit guests that says what is required.
--
Sent using BlackBerry
IIRC you have to enable hardware virtualization in the BIOS. If your CPU
doesn’t do that I think you’re out of luck.
http://en.wikipedia.org/wiki/X86_virtualization#Hardware_support
From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Sent: Wednesday, December 30, 2009 1:30 PM
To:
I'm trying to implement WPAD in our US office, and think I've got it
mostly covered, except for one thing.
On our main IIS box I've configured a web site called wpad, and set up
a static entry in DNS on the main DC yesterday to point to it.
I can't ping by name, but if I do a 'ping -a
Should have mentioned that I already looked at their compatibility list.
Sorry. Unless I missed something, the list doesn't say a word about whether
or not a certain machine will support a 64 bit guest.
On Wed, Dec 30, 2009 at 1:28 PM, John Cook john.c...@pfsf.org wrote:
VMWare
Specific details here:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=1003945
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Wednesday, December 30, 2009 1:33 PM
To: NT System Admin Issues
Subject: RE: Hardware for 64 bit
Correct. CPU and BIOS have to support it. I was hoping someone had some
tips on figuring this out BEFORE buying that shiny server off of eBay.
On Wed, Dec 30, 2009 at 1:33 PM, Richard Stovall
richard.stov...@researchdata.com wrote:
IIRC you have to enable hardware virtualization in the
What type of dns entry did you make?
I made a cname for mine to `wpad - fqdn.server.local.` then just put a
wpad.dat in the root of the default site on that server (this way I could move
it transparently by only adjusting the cname if need be...)
-Original Message-
From: Kurt Buff
You've probably already seen this, but it might help if you haven't?
http://support.microsoft.com/kb/934864
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Wednesday, December 30, 2009 1:36 PM
To: NT System Admin Issues
Subject: Weird DNS issue I can't figure out
Or maybe that MS kb link is not relevant.
Have you had a look at this?
http://perimetergrid.com/wp/2008/01/11/wpad-internet-explorers-worst-feature/
-Original Message-
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Wednesday, December 30, 2009 1:42 PM
To: NT
I'd check the VMware guide to see if the server/cpu is supported for ESX
4. ESX4 is itself 64-bit so if the hardware supports it, odds are really
good it will support 64-bit guests.
What are your current servers?
From: Philip Brothwell [mailto:philip.brothw...@gmail.com]
Sent: Wednesday,
I put in an A record - I have a separate web site just for this.
On Wed, Dec 30, 2009 at 10:41, Joseph L. Casale
jcas...@activenetwerx.com wrote:
What type of dns entry did you make?
I made a cname for mine to `wpad - fqdn.server.local.` then just put a
wpad.dat in the root of the default
No, hadn't seen that at all. All the descriptions I found about
implementing WPAD didn't say anything about a TXT record, so I just
created an A record.
I did find http://support.microsoft.com/kb/2003485 and I removed wpad
from the block list, and that helps for the other DC, but I still have
the
If you're looking at a box with an Intel Proc, review this:
http://ark.intel.com/VTList.aspx
If you're looking at AMD, review this:
http://en.wikipedia.org/wiki/List_of_AMD_Athlon_64_microprocessors
- Sean
On Wed, Dec 30, 2009 at 9:47 AM, Damien Solodow damien.solo...@harrison.edu
wrote:
I'm aware of the threats, but have been asked to implement anyway -
mobile users don't want to have to manually reconfigure their laptops
while in and out of the office, and Firefox is very popular...
Kurt
On Wed, Dec 30, 2009 at 10:47, Richard Stovall
richard.stov...@researchdata.com wrote:
Or
What do the logs say about the request?
That'll go a long way in diagnosing the issue.
Do you have the mime type set, does the webserver get the request formatted as
you expected, _and_ server it back?
IIRC, ff doesn’t look for a proxy by default...
-Original Message-
From: Kurt Buff
The two machines I have running vmware are not servers and are not on the
compatibility list so I am not surprised that I have problems.
On Wed, Dec 30, 2009 at 1:47 PM, Damien Solodow damien.solo...@harrison.edu
wrote:
I’d check the VMware guide to see if the server/cpu is supported for
Sean,
That looks like it will do. I guess I'll be pestering sellers for CPU
details until I find what I'm looking for.
Thanks everyone!
Phil
On Wed, Dec 30, 2009 at 1:53 PM, Sean Martin seanmarti...@gmail.com wrote:
If you're looking at a box with an Intel Proc, review this:
If you have Trusted Execution enabled in BIOS, this might be part of the
issue.
The Notes section of the article below mentions this. I also had to disable
Trusted Execution when I was trying out Windows VirtualPC.
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US
Thanks for the link. That's not the issue here but it's good to know about.
On Wed, Dec 30, 2009 at 2:10 PM, Michael Waltonen walto...@umn.edu wrote:
If you have Trusted Execution enabled in BIOS, this might be part of the
issue.
The Notes section of the article below mentions this.
Be aware that the BIOS has to support VT as well as the CPU. I did the same as
you and bought a Dell 2850 off of ebay with the 2.8 dual core Xeons that
support VT. But because the 2850 Bios doesn't have any way to enable VT, I
still can't run a 64 bit guest. The price was right and it
Afternoon all.
I was wondering if it's possible to export or copy the local user database from
one server to another (new) server. I'm looking at around 100 users that need
local user accounts and I'd really like to not have to manually recreate them!
Any help would be greatly appreciated.
And that is my fear. The right CPU and the unit is on the ESXi 4.0
installable compatibility list but cannot run a 64 bit guest... just like
your 2850.
On Wed, Dec 30, 2009 at 2:23 PM, Mike Wiebke m...@yahoo.com wrote:
Be aware that the BIOS has to support VT as well as the CPU. I did
+1
On Wed, 30 Dec 2009 10:38:33 -0600, Sam Cayze wrote:
I've been imaging systems for over 10 years now; never
used/needed
NewSID...
Sam
From: jbech...@actsconsulting.net
[mailto:jbech...@actsconsulting.net]
Sent: Wednesday, December 30, 2009 10:07 AM
To:
This looks like it can do it.
For $200, that is.
http://www.sphere10.com/fileservermigrator/
From: Marty Nelson [mailto:mnel...@transdyn.com]
Sent: Wednesday, December 30, 2009 2:32 PM
To: NT System Admin Issues
Subject: Copy Local Database of Windows Users to New Server?
First things first - I can't ping the name, wpad.mycompany.com from
the DC that holds the FSMO roles.
Once I've got that figured, I'll tackle the rest.
On Wed, Dec 30, 2009 at 11:05, Joseph L. Casale
jcas...@activenetwerx.com wrote:
What do the logs say about the request?
That'll go a long way
Aha!
I didn't stop and start the DNS service. I thought I had, but only did
it on the non-FSMO role holder.
All now works...
Kurt
On Wed, Dec 30, 2009 at 12:03, Richard Stovall
richard.stov...@researchdata.com wrote:
What do you get from:
nslookup wpad.mycompany.com
Will USMT let you do this if the source and the destination are both
server OSs?
Chris Bodnar, MCSE
Sr. Systems Engineer
Infrastructure Service Delivery
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
So, I've got the US office working - now I had to consider our foreign offices.
The AU office has a proxy of its own, but the UK office doesn't have a
proxy server.
I can configure DHCP in each office to point IE to another web site,
each for a wpad.dat of their own, for each office, but that
Here's an odd one
Windows 2008 server, Terminal/XenApp server. I cannot get Control Panel or
Server Manager to run. But I can open the administrative utilities, logs, and
so on. Applications run for XenApps users (Office, Great Plains, etc). I
don't have the issue on any other XenApp
WPAD does work with firefox... If you select the Automatically detect proxy
setting in the proxy configuration.
To do this, You must edit the %programfiles%\Mozilla Firefox\greprefs\all.js
file, and change the following line:
pref(network.proxy.type, 0);
... to ...
pref(network.proxy.type,
GPO/startup or login script
On Wed, Dec 30, 2009 at 1:57 PM, Matthew W. Ross
mr...@ephrataschools.orgwrote:
WPAD does work with firefox... If you select the Automatically detect
proxy setting in the proxy configuration.
To do this, You must edit the %programfiles%\Mozilla
Yes, but I'm not very good at making scripts... At least not on Windows.
Is there an equivalent to 'sed' for Windows? I need to delete that line, then
append the correct setting to the end of the file.
--Matt Ross
Ephrata School District
- Original Message -
From: Don Ely
The file is the same on every workstation, right?
Just drop it in netlogon and copy it from there.
Carl
-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Sent: Wednesday, December 30, 2009 5:12 PM
To: NT System Admin Issues
Subject: Re: Further WPAD issue - not
I have several (dozen or more) systems that in windowsupdate.log gives me this
error
WARNING: Cached cookie has expired or new PID is available
Which I fix by restarting the Automatic Updates service on the client PC. How
do I go about finding out the root cause?
David Lum // SYSTEMS ENGINEER
I'd much rather delete the file and append the setting that just overwrite the
file... the file does change with newer versions of Firefox.
But that's me.
--Matt Ross
Ephrata School District
- Original Message -
From: Carl Houseman
[mailto:c.house...@gmail.com]
To: NT System Admin
Yes, WPAD works with firefox, but only with DNS, not with
DHCP-and-DNS, even though DHCP-and-DNS is more secure.
On Wed, Dec 30, 2009 at 13:57, Matthew W. Ross mr...@ephrataschools.org wrote:
WPAD does work with firefox... If you select the Automatically detect proxy
setting in the proxy
http://gnuwin32.sf.net - it's got all the tools you might like.
On Wed, Dec 30, 2009 at 14:11, Matthew W. Ross mr...@ephrataschools.org wrote:
Yes, but I'm not very good at making scripts... At least not on Windows.
Is there an equivalent to 'sed' for Windows? I need to delete that line, then
So it's not working for you if you have the DHCP setting for option 252 set?
Even if you have the wpad.* domain pointing at your proxy server?
Odd. My reading says that Firefox doesn't even tech the DHCP method. It only
works with the DNS method. DHCP shouldn't be effecting FF at all...
Can
Yes, there are several programs that can allow me to run my windows box like my
linux boxes. There is a brand new release of Cygwin as well...
But I hate to use tools that are not part of the base operating system. If I
end up doing something that breaks with a future version of the script or
I understand the desire for native tools. In this case, I think you'll
discover that 'findstr' is much better than 'find' - they're both
native.
However, both vbscript and powershell are also native (mostly - it
depends on how you view powershell, and whether you have anything
older than Win2k or
I have some folks here saying Skype might answer some business needs because
they can do job interviews remotely (we hire a fair amount of folks who never
step foot in our state, much less our office) and can accommodate
out-of-country calls easily.
Do any of you guys have systems in place to
Well, I'm sure that vbscript would be my optimum choice, but I need to sit down
and learn it someday.
Until then, here's the _completely_ _untested_ script I wrote for editing the
all.js file:
set new_all_js=%temp%\newall.%random%.js
find /V network.proxy.type %programfiles%\Mozilla
And already I see that the script is wrong...
line 3 has quotes and escapes that don't need to be there. The code should be:
set new_all_js=%temp%\newall.%random%.js
find /V network.proxy.type %programfiles%\Mozilla Firefox\greprefs\all.js
%new_all_js%
echo pref(network.proxy.type, 4);
WPAD works great in the US office, for both FF and IE.
However, I must consider the overseas offices, because it's a really
bad idea to try to run their web traffic to outside web sites through
our proxy server here.
The big problem is (as you pointed out) that FF doesn't do the
DHCP-and-DNS
Does the site have it's own DNS server? Could it have it's own DNS server, even
if it forwards everything to your primary DNS _except_ wpad.example.tld?
Just a thought. Sm:)e.
--Matt Ross
Ephrata School District
- Original Message -
From: Kurt Buff
[mailto:kurt.b...@gmail.com]
To: NT
Have your staff lawyer read the EULA.
On Wed, Dec 30, 2009 at 14:54, David Lum david@nwea.org wrote:
I have some folks here saying Skype might answer some business needs because
they can do job interviews remotely (we hire a fair amount of folks who
never step foot in our state, much less
As I said - single forest/single domain - plus, DNS is AD-integrated.
No way to break that out, given what I know.
If someone knows more or differently, I'm all ears.
Kurt
On Wed, Dec 30, 2009 at 15:07, Matthew W. Ross mr...@ephrataschools.org wrote:
Does the site have it's own DNS server?
Have you tried using the local admin account to access these? I know DA
should have rights but if the administrators group has gotten messed up then
the DA might not have rights.
Jon
On Wed, Dec 30, 2009 at 4:46 PM, Tom Miller tmil...@hnncsb.org wrote:
Here's an odd one
Windows 2008
Check with Dell they might still have an upgraded BIOS for that model. If
nothing else see if they will sell you the replacement MB/SB that will run
VT enabled software. I talked to them about a similar issue and after
almost 2 months of going back and forth they admitted they had a replacement
Get something like LiveMeeting or WebEx. I know LiveMeeting does video fine - I
assume WebEx does too. Adobe Connect is another one.
Thanks,
Brian Desmond
br...@briandesmond.commailto:br...@briandesmond.com
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, December
Any restrictive GPs? Maybe move it to a test OU with no GPs and retry...
***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***
-Original Message-
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Wednesday, December 30, 2009 2:47 PM
I guess I've retrained my hands. It doesn't happen to me that much anymore.
But the driver does have an option that when it detects an external mouse,
it will auto disable the trackpad if you want. It doesn't work that well
with Bluetooth mice and sleep however.
--
Mike Gill
From: Steven
[Not sure if I sent this already, so apologies if this is a duplicate.]
Windows 2008 server running Terminal Server and XenApp, IE 8.
When Server Manager attempts to load upon logon, it fails and closes. I cannot
open Control Panel, but I can open the utils under Programs -- Administrative
On 30 Dec 2009 at 14:11, Matthew W. Ross wrote:
Yes, but I'm not very good at making scripts... At least not on Windows.
Is there an equivalent to 'sed' for Windows? I need to delete that line,
then append the correct setting to the end of the file.
Clay's Utilities from
On 30 Dec 2009 at 10:30, Erik Goldoff wrote:
actually looking because a friend's browser is 'stuck' where all sites he
visits act like he 's on a mobile browser ... not sure if malware caused
this or just a flipped bit somewhere
OK, then check the User Agent of the friend's browser:
74 matches
Mail list logo