I have been tasked with deploying Windows 7 professional at a site.
I am still trying to learn the new features available in Windows 7 so please
bear with my ignorance. :(
I am trying to formulate the list of applications which need to be part of
the build when I reached the *Anti virus*
You would do well to implement an application whitelisting GPO and also use
a GPO to disable AutoPlay. This should mitigate a lot of the threat from USB
keys. GPOs can also be used to block out access to CD and tape drives,
should they be present.
SEP is my least favourite AV product. I use Vipre
Where there is a will... :)
-ASB: http://XeeSM.com/AndrewBaker
On Mon, May 24, 2010 at 11:14 PM, Brian Desmond br...@briandesmond.comwrote:
*I’ve seen it happen when you’ve got people who don’t belong in the groups
figure out a way to temporarily add themselves. I’ve held a couple folks
Sorry, I thought I had mentioned that. Yes, I have tried drives that cause the
lockup on this server on a different server, where they work as expected. I
didn't run any disk utilities on them, though.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
ScriptLogic Active Administrator will do this, among many other AD
monitoring/backup thingies.
Not free, but not too expensive either if you need to monitor such
things. It's saved our hides a number of times.
Don Guyer
Systems Engineer - Information Services
Prudential, Fox
Thank you for your input.
For this network they have used various technologies as well but I did not
cover al of them in here.
Emails web are filtered centrally by the education grid network.
WSUS is being used as well.
The GPO team are already scratching there heads as the school has more
Why would the GPO team be scratching their heads? If you know the
applications in use, it is fairly easy to create an application whitelist.
It's also very easy to update when something is missed - the full path to
the executable that is blocked is written to the event log and can be
updated
Thank you James for the reassurance.
As for the GPO team I dont know why I did not bother asking the details
cheers
Peter
On 25 May 2010 15:19, James Rankin kz2...@googlemail.com wrote:
Why would the GPO team be scratching their heads? If you know the
applications in use, it is fairly
Windows Defender does not tend to conflict with other AV or antimalware
products. Some 3rd party products will, however, offer to disable Windows
Defender for you when they install. It beats having Defender tell you all
about the changes they are making.
-ASB: http://XeeSM.com/AndrewBaker
On
Sonicwall TZ210
Jay Dale
I.T. Manager, 3GiG
Mobile: 713.299.2541
Email: jay.d...@3-gig.commailto:jay.d...@3-gig.com
Confidentiality Notice: This e-mail, including any attached files, may contain
confidential and/or privileged information for the sole use of the intended
recipient. If you are
Yes I have just done my first SEP install on a Wndows 7 pc as a test and it
has disabled WD.
I do get your point.
:)
cheers
Peter
On 25 May 2010 15:52, Andrew S. Baker asbz...@gmail.com wrote:
Windows Defender does not tend to conflict with other AV or antimalware
products. Some 3rd party
Neither Windows 7 Enterprise nor AppLocker are required for application
white listing.
Software Restrictions Policies (the predecessor to AppLocker) isn't as
flexible but is present in all business editions of Windows = XP.
On 5/25/2010 9:08 AM, helpdesk UK wrote:
Unfortunately the school does
This type of whitelisting is really only useful in smaller environments, where
you can have people dedicated to handling this situation. If that describes a
situation, then well and good. Otherwise you need something else.
Cheers
Ken
From: James Rankin [mailto:kz2...@googlemail.com]
Sent:
Useful information that I have referenced when installing SEP on an image build:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110510364248
Matt Burian | IT Consultant
Burian Information Technology, LLC.
m...@burianit.com | Main: 937 660-8196 | Cell: 937 681-3600
Whitelisting via simple GPO without AppLocker is only of limited
effectiveness, unfortunately. You can, for instance, get around it by
starting a rogue app from the command prompt or by renaming it to match a
whitelisted app.
I definitely agree with the suggestion to turn off AutoPlay.
That is why you white list folder paths (ie c:\windows\system32 and
C:\Program Files) instead of individual executables. White listing based
on file hash would work too.
BTW both the Run dialog and cmd.exe respect both SRP and AppLocker.
On XP and 2003 you can get around software restrictions
Sorry about the delay. This client is a law firm and I recently got them PCI
compliant. I would like filtering and IDS if possible, but bigger emphasis is
plug and forget - I bill these guys for perhaps 20 hours of work/year, so I
don't want to spend 3-4hours configuring something if I don't
Agree with Brian, that is one of the primary things you are trying to
protect against IMNSHO. The quick interloper who is bypassing proper
change controls and/or trying to cover their tracks. Also why it is a
good idea to alert on 517 (or 1102 in newer OSs)
From: Brian Desmond
I know someone who setup a monitor to dump group membership changes to
a SQL database. They had a web front end for preset queries on
specific groups. Doing this they were able to find numerous instances
of just such a thing occurring which enabled them to identify the
source of intermittent
Has anyone had any known issues with this product? [SEP]
You just opened the floodgates :) Lol.
MSRT just scans as part of the Windows Update process. It scans when
the updates are applied, it's a one process. I skip most of them
because it really bogs down the machine.
Sam
+ 1,000
BTDT Now no voice guys are allowed near our data cables. EVER! GRRR!
We do all cabling now with a Fluke Cable IQ.
On Mon, May 24, 2010 at 4:45 PM, Phil Brutsche p...@optimumdata.com wrote:
+1
My coworkers gave me a good ribbing when I spent $1k on a Fluke Networks
cable
+1
--
ME2
On Mon, May 24, 2010 at 2:26 PM, Raper, Jonathan - Eagle
jra...@eaglemds.com wrote:
It’ll work if your switches do an automated crossover.
However, your cabling vendor screwed up and they need to fix and recertify
every single drop they’ve done for you like that. IMNSHO, any
I've got a weird scenario.
Site A:
Windows 2003 Server Std SP2 - Web Server - DMZ
Windows 2003 Server Ent SP2 - SQL 2005 - Trusted Network
Site B:
Windows 2003 Server Ent SP2 - Web Server - DMZ
Windows 2003 Server Ent SP2 - SQL 2005 - Trusted Network
(Same SQL Server for both sites)
Site A:
Are both running the sql browser? And if so, on what ports? And are those ports
open?
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Tuesday, May 25, 2010 7:27 PM
To: NT System Admin Issues
Subject:
I am looking for some material on the OS for the IBM i series machines. I
am specifically looking for beginner type of material at the moment. Any
one know of any good reading material?
Jon
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
I'm connecting to the same SQL server and instance. Yes it is running the
sql browser and it is listening on 1434/udp.
- Sean
On Tue, May 25, 2010 at 3:29 PM, Michael B. Smith mich...@smithcons.comwrote:
Are both running the sql browser? And if so, on what ports? And are those
ports open?
Fire up netmon. It's the easiest way to figure this out without a SQL expert
handy (and perhaps even if one is).
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Tuesday, May 25, 2010 7:42 PM
To: NT
On Tue, May 25, 2010 at 7:33 PM, Jon Harris jk.har...@gmail.com wrote:
I am looking for some material on the OS for the IBM i series machines. I
am specifically looking for beginner type of material at the moment. Any
one know of any good reading material?
Not really, but if you don't
the OS is too vague, as it would be most any platform.
http://en.wikipedia.org/wiki/IBM_System_i#Software
Carl
_
From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Tuesday, May 25, 2010 7:34 PM
To: NT System Admin Issues
Subject: OT: IBM i series OS reading
I am looking for some
Yeah I know that. It is now called OS i6 or i5 but the IBM site is almost
as friendly as the Cisco site. They really don't want to give you anything
at all. Even the User Groups require money to get in and read. I have
training coming up in July and figured to get a start on it by reading
I read that already but thank you. I know it is the rebranded AS400 but
they have gone through a series of name changes for both the machine and the
OS. I think it is currently OS i6 which was an update of OS i5 but I can't
tell if it was a complete rewrite or just tweaking of the i5.
Thank you
OK, but I was asked just the other day about supporting an i-Series running
AIX. It certainly wasn't clear from the question if you'd made any attempt
to Google this or what actual OS the i-Series you have in mind might be
running.
Speaking of the Google, one can quickly learn that the
I've supported the iSeries/AS/400 since V3R1 in the mid 90's. There's a
wealth of info on the IBM site but I guess it helps if I knew which version
you were looking for. We're at V5R4 and going to V6R1 later this year. I
always found the Redbooks helpful as well as the Information Center.
Each
One analysis of the event:
http://blog.rescuetime.com/2010/05/24/the-tragic-cost-of-google-pac-man-4-82-million-hours/
http://blog.rescuetime.com/2010/05/24/the-tragic-cost-of-google-pac-man-4-82-million-hours/...I’d
wager that 75% of the people who saw the logo had no idea that you could
Since it's a school environment, I forgot to mention something else.
I have done some work for a high school in which we Faronics
DeepFreeze deployed on all student machines. When in a frozen state
the computers essentially can not be harmed from a software
perspective. Upon a reboot,
Sometimes you have to wonder ...
---fwd--
= Included Stuff Follows =
Big Changes Ahead for IT - Anyone seen this? - Spiceworks Community
This link comes from eWeeks Editor's Pick newsletter. The article is
titled: Radical
36 matches
Mail list logo