It's also worth installing KB2734608 as soon as you've installed WSUS 3.0SP2.
Cheers,
Phil
-Original Message-
From: Michael Leone [mailto:oozerd...@gmail.com]
Sent: 05 February 2013 20:38
To: NT System Admin Issues
Subject: Re: Advice on migrating WSUS 3.0 SP2 from Win2003 32bit to
And I forgot the link
http://www.theregister.co.uk/2013/02/04/hello_kitty_flight/
Doh!
On 6 February 2013 13:51, James Rankin kz2...@googlemail.com wrote:
Don't know whether you might have seen this already but the video at the
end is awesomely done. Go Kitty!
--
*James Rankin*
I heard from my Cisco guy that Cisco purchased them for the cloud based
controller for WAP's and have no plans to keep the Meraki brand going for long.
Kind of like the Flip Cam deal, quietly disappeared.
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Sent: Wednesday, February 06,
On Wed, Feb 6, 2013 at 5:01 AM, Randal, Phil
phil.ran...@hoopleltd.co.uk wrote:
It's also worth installing KB2734608 as soon as you've installed WSUS 3.0SP2.
I will keep that in mind. It should show up as soon as I synchronize
the first time, it says ...
Thanks
~ Finally, powerful endpoint
Cool stuff. I'm always glad to see kids getting involved in science.
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Wednesday, February 06, 2013 7:55 AM
To: NT System Admin Issues
Subject: Re: OT: Hello Kitty in space
And I forgot the link
Meraki wireless has been around for awhile. Moved into switches and then Cisco
snatched them up. We evaluated and the biggest problem we saw is that the POE
power supply is very under-rated for todays devices. A 48 port switch would
probably realistically only be able to power half of the
I can't believe they found the thing and that it didn't land in the middle of
an ocean. It was only 50 miles from where she launched it. Very amazing stuff.
From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
Sent: Wednesday, February 06, 2013 10:11 AM
To: NT System Admin Issues
Subject: RE: OT:
+1. We use MagicDisc here and haven't run into any issues.
Regards,
Cameron
___
Cameron Cooper | IT Manager | Aurico
Direct: 847.890.4021 | Cell: 224.688.2854 | Fax: 847.255.1896
ccoo...@aurico.commailto:ccoo...@aurico.com |
I like Poweriso, magiciso, vcd etc on my workstations but generally avoid
installing iso tools on prod servers to keep them pristine and end up
extracting from the workstation to the server. MS has a Mount-DiskImage cmdlet
which sounds nice but only on win8\12
We use Virtual CloneDrive as well – it works fine. Or if you want to transfer
an ISO to a USB we use http://www.pendrivelinux.com/yumi-multiboot-usb-creator/
Mike
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: 06 February 2013 15:23
To: NT System Admin Issues
Subject: Re: iso mounting
Daemon tools lite will do it yes.. but you will have to navigate having a nice
integrated search bar within IE, and a new home page, and anything else they've
bundled in to the install for your 'enjoyment' now...
Liam
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: 06 February 2013
I'd like to test my new WSUS server, before changing my GPO to point
to it. And it occurred to me that I could set a couple test VMs to
point to the new server, and see if they can get their updates from
it, before making the change to the GPO. There used to be a way to set
this via registry
I'm fairly sure you could put a Portable version of Daemon Tools up on a
network share. I use the Portable version from inside DataNow or DropBox
all the time. Saves it getting installed on your server estate. Do the same
with various tools like Process Explorer, TreeSize and the like.
On 6
Yes, we are currently a all Cisco shop(Switches, Wireless, etc) and were
looking at them for Wireless before Cisco bought them. They also have
Switches, and Firewalls(which I have not had a chance to test). I just
received 12, to replace our current controller and cisco access points at one
Haven't installed DT for a while now but, can't you uncheck those options
during the install? You used to be able to...
Regards,
Don Guyer
Catholic Health East - Information Technology
Enterprise Directory Messaging Services
3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073
email:
Thanks everyone-sounds like either Virtual Clonedrive or MagicISO(Magicdisk)
will work. I think I'll try VCD first and see what it looks like.
BTW, in my research, I ran across the fact that Win8/Srv2012 have native .iso
mounting options. Good to know about moving forward:
On Wed, Feb 6, 2013 at 10:09 AM, Glen Johnson gjohn...@vhcc.edu wrote:
I like and use Virtual CloneDrive.
+1
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
Got a question about this:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb540025(v=vs.85).aspx
Replicating data to multiple servers increases data availability and
gives users in remote sites fast, reliable access to files. DFSR uses a
new compression algorithm called Remote
Would it be easier to put the test subjects in their own OU, block the domain
gpo for updates and make a new gpo for that ou? After testing is complete you
now have a tested gpo to roll out with.
-Original Message-
From: Michael Leone [mailto:oozerd...@gmail.com]
Sent: Wednesday,
Couldn't you also create a test OU, create a GPO for the new WSUS server, link
it to the test OU, put the VMs in that OU, reboot the VMs for the OU move and
verify your WSUS settings? That way you are not touching production and also,
even better, not relying on reg hacks.
Thanks
Webster
We have just come out with a Security Awareness Training doe consumers.
This is from that course (available on Home Shopping Network)
(Rule #5 answers your question.)
Here are Kevin Mitnick’s 10 Rules for Stronger Passwords
Don’t tell your passwords to anyone! Nobody should ask for your
On Wed, Feb 6, 2013 at 11:51 AM, Webster webs...@carlwebster.com wrote:
Couldn't you also create a test OU, create a GPO for the new WSUS server,
link it to the test OU, put the VMs in that OU, reboot the VMs for the OU
move and verify your WSUS settings?
I could. That's a lot more work than
I don't use all of those, but have a few non-domain WS08 R2 servers that have
settings defined under
(HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU(second
section) to autoinstall non-reboot patches (for FEP AV Definitions), and it
works.
-Original Message-
True...but in an environment with tightly-controlled images (like PVS) it can
help out. YMMV, etc.
Sent from my Blackberry, which may be an antique but delivers email RELIABLY
-Original Message-
From: Andrew S. Baker asbz...@gmail.com
Date: Wed, 6 Feb 2013 12:53:16
To: NT System Admin
Last year, we did a comparison of Meraki, Ruckus, Aerohive, Aruba and Cisco.
Meraki to be very on-par with Aerohive, as they have similar features and are
both cloud managed. We figured the math, and if you wanted only a few APs, the
cloud-managed solutions where very cost effective. But, as
Have any of you looked at Meru? I saw a presentation and it looks pretty
decent.
http://www.merunetworks.com/
On Wed, Feb 6, 2013 at 12:32 PM, Matthew W. Ross
mr...@ephrataschools.orgwrote:
Last year, we did a comparison of Meraki, Ruckus, Aerohive, Aruba and
Cisco.
Meraki to be very
Peazip Portable.
No, it doesn't mount the .iso. It just extracts the files.
--Matt Ross
Ephrata School District
- Original Message -
From: Miller Bonnie L.
[mailto:mille...@mukilteo.wednet.edu]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Wed, 06 Feb
My company doesn't do hardware (we are a software and services shop), but one
of the partner organizations we work with is a Ruckus reseller and the products
are very impressive. They installed it in a large soccer stadium that wanted to
offer free WiFi to attendees, with about 30,000 active
We're making a rather large purchase of them, for all of our offices that have
only small connections to the internet, as the Merakis will provide tunneling
back to the network. This is allowing us to actually get these offices
connected on the network, which is pretty cool.
I was not
All,
Quite some time ago, I set up an unsecured guest VLAN in our network,
providing wireless access to all of the sundry devices that staff and
visitors carry. I set up a small FreeBSD machine to serve IP addresses
via DHCP, and that was dead simple.
It is a layer2 VLAN, traversing our
I did that at my previous gig.
I also printed tent cards up and placed them in all of the conference rooms,
where company guests tend to gather. We changed the pwd every 90 days and just
printed new cards.
It worked well for me with no complaints.
Jim
Jim Holmgren
Director of
I remember seeing a solution that issued tickets with a network key for guests
as they came in. The name defeats me though, sorry
Sent from my Blackberry, which may be an antique but delivers email RELIABLY
-Original Message-
From: Kurt Buff kurt.b...@gmail.com
Date: Wed, 6 Feb 2013
Might not solve the Internet pipe issue but, how about shortening the lease
duration, to knock off inactive devices quicker?
Regards,
Don Guyer
Catholic Health East - Information Technology
Enterprise Directory Messaging Services
3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073
Kurt,
Even with the password idea, you would have to rotate it daily if not weekly or
someone will just leave it out where others can gain access. Honestly, anyone
smart enough with AirCrack could get the password you put on the SSID.
You could limit the DHCP scope to say 64 address and that
Colubris is at least one.
Thanks for saying that, it jogged my memory.
-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Wednesday, February 6, 2013 2:45 PM
To: NT System Admin Issues
Subject: Re: OT: Guest network security
I remember seeing a solution
I was going to suggest using the SonicPoint solution from SonicWall, but
you've got Sidewinders, don't you?
Does McAfee have anything like SonicWall's wireless solution where it's all
managed from the firewall?
PS Sophos has this too, and they give their UTM firewall away free for
home use.
Lease time is already at 4 hours, so I don't think that's our issue.
On Wed, Feb 6, 2013 at 11:47 AM, Guyer, Don dgu...@che.org wrote:
Might not solve the Internet pipe issue but, how about shortening the lease
duration, to knock off inactive devices quicker?
Regards,
Don Guyer
Catholic
While it's possible that someone will crack the password and
distribute it, I think it's a reasonable first step - simpler than
putting up a captive portal.
And, if it doesn't work, the captive portal can be done later.
I'll definitely be looking at that.
Kurt
On Wed, Feb 6, 2013 at 11:49 AM,
This looks reasonable.
I brought up the filled lease table, and that got my manager's
attention, so I've gotten permission to do this.
Kurt
On Wed, Feb 6, 2013 at 11:44 AM, Jim Holmgren jholmg...@xlhealth.com wrote:
I did that at my previous gig.
I also printed tent cards up and placed them
Interesting - if you remember the name, I'll be interested in hearing it.
Kurt
On Wed, Feb 6, 2013 at 11:45 AM, kz2...@googlemail.com wrote:
I remember seeing a solution that issued tickets with a network key for
guests as they came in. The name defeats me though, sorry
Sent from my
Looks like they were acquired by HP some time ago.
I'll take a look to see if they'll cooperate with our Cisco WAPs.
Kurt
On Wed, Feb 6, 2013 at 11:58 AM, Michael B. Smith mich...@smithcons.com wrote:
Colubris is at least one.
Thanks for saying that, it jogged my memory.
-Original
Our Sidewinders are EOL at the end of April, and my manager doesn't like them.
He's a Cisco bigot, and wants ASAs in here.
I'm fighting him to at least take a look at the Palo Alto platform, or
perhaps the newest iteration of the Sidewinders (which are now called
McAfee Enteprise Firewalls).
Yes it's block level. IIRC down to like 64KB blocks that it does the diff at.
Once you put the first image out there, you should only expect to replicate the
diffs in all the other images.
Thanks,
Brian Desmond
br...@briandesmond.commailto:br...@briandesmond.com
w - 312.625.1438 | c -
Might be good to drop down to 2 hours. At one of our locations, we went so far
as 1 hour. Local support stated lots of people come in and connect tablets just
to print out stuff, then leave.
It's always something...
: )
Regards,
Don Guyer
Catholic Health East - Information Technology
LOL Cisco bigot... why is that sooo familiar. He would probably like Fortinet
better if he knew the price and performance was way better than ASA's. ( Found
those to be clugy)_
Z
Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
This
I have two CCIE's that work for me. Both also used to work for a Cisco VAR
- so obviously Cisco bigots. They both recommended PA to me over the ASA.
From a security perspective, the PA do so much more than ASAs. We still
use ASAs for some intranet firewalls.
Are you using the Cisco controllers
If you mean PA=Palo Alto, they are dead on (scary CCIE would say that being
from the CISCO house) I work on Palo Alto Daily, and its sick how much these
things can do. Been finding a lot that I wouldn't have been able to obtain but
regular firewall log parsing, and being able to quantifiy you
Using DFS-R for PVS 6.x is really nice. PVS 5.x doesn't support DFS-R so don't
call Citrix or MS for support when it screws up your PVS system (provided you
can even get DFS-R and PVS to even start looking at each other).
Thanks
Webster
From: Brian Desmond [mailto:br...@briandesmond.com]
Yep PA=Palo Alto
When we made the switch, our ASAs were due to be replaced. Our Websense
subscription was up for renewal at the same time. The PA's were about the
same price as new ASAs + Websense renewal. Made for a no brainer decision.
Curious Z, are you using the Wildfire piece?
On Wed, Feb
We have 15 Cisco 1240AGs, which were apparently announced of End of
Sale, though EOL is apparently 2018..
No controller, but I just talked with our supplier, who is
recommending the 2504. There's a unit that comes with a 15-WAP
license, for not too expensive.
*Very* good to know about the
Anyone have a favorite VAR to work with for PA's ? A few of myusualvendors dont carry themFrom: "Ziots, Edward" ezi...@lifespan.org To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, February 6, 2013 4:08 PM Subject: RE:
OT: Guest network security
Thanks for that feedback, MBS...
*ASB
**http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker*
**Providing Virtual CIO Services (IT Operations Information Security) for
the SMB market…***
On Wed, Feb 6, 2013 at 2:13 PM, Michael B. Smith mich...@smithcons.comwrote:
My company
I'll choose a Fortinet over an ASA every day of the week...
*ASB
**http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker*
**Providing Virtual CIO Services (IT Operations Information Security) for
the SMB market…***
On Wed, Feb 6, 2013 at 3:44 PM, Ziots, Edward ezi...@lifespan.org
Yes. You can contact me off-line...
*ASB
**http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker*
**Providing Virtual CIO Services (IT Operations Information Security) for
the SMB market…***
On Wed, Feb 6, 2013 at 4:59 PM, Pete Howard pchow...@yahoo.com wrote:
Anyone have a
Congrats on making to the 1 year mark. Keep up the good work.
Thanks
Webster
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Wednesday, February 06, 2013 4:13 PM
To: NT System Admin Issues
Subject: OT: blogging
It's exactly one year today since a thread on this list (and a few of the
You just need to be aware of things like encrypted files, where changing the
file and re-encrypting will typically change the entire file.
Also, for very large data sets, be aware of the need to size your DFS-R cache
on each server.
Cheers
Ken
From: Brian Desmond
A limited threat, but a good one:
Packet of death
http://blog.krisk.org/2013/02/packets-of-death.html
Also,
https://isc.sans.edu/diary/Intel+Network+Card+%2882574L%29+Packet+of+Death/15109
- see the comment...
What a brilliant sleuthing job, though, and a mention of a tool that's
new to me and
I chose to build a new system so it would be small and silent rather than
use an old computer lying around the house.
I went with:
Intel D2500CCE fanless mini-ITX motherboard (Dual core 1.86 GHz Atom CPU
with dual Intel NICs onboard)
4 GB RAM
128GB Vertex 4 SSD
It has been in 'production' for
So your wireless is served elsewise?
Kurt
On Wed, Feb 6, 2013 at 5:31 PM, Richard Stovall rich...@gmail.com wrote:
I chose to build a new system so it would be small and silent rather than
use an old computer lying around the house.
I went with:
Intel D2500CCE fanless mini-ITX motherboard
My bad. I bought a Sophos AP 30 to go along with the firewall hardware.
This AP alone was about 45% of the total cost of the project, but I still
saved a good chunk of change over the SonicWall TZ + SonicPoint solution
that I had been planning on buying before finding the Sophos home license.
Last $dayjob$ before current I pushed the guest network to a DSL line and put a
cheap Linksys SOHO router on it. Kept the Production as closed as possible and
guest had hours of operation. I found our neighbors using our guest on more
than a couple of occasions. Politics plays a big part in
Would not MAC filtering be a bit intensive for what he wants? If you could
reverse filter that would be the way to go. Jon
From: ezi...@lifespan.org
To: ntsysadmin@lyris.sunbelt-software.com
Subject: RE: Guest network security
Date: Wed, 6 Feb 2013 19:49:23 +
Kurt,
Even with the
I have to say, it is pretty cool to have basically the same features at
home that I have at work, even if the two user interfaces are completely
different. I dropped a good chunk of change up front, but I'll come out
way ahead over a period of 4+ years. (At least compared to SonicWall
pricing
On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff kurt.b...@gmail.com wrote:
A limited threat, but a good one:
Packet of death
http://blog.krisk.org/2013/02/packets-of-death.html
Wow. The author's investigation of the issue is quite impressive.
As is his workaround for vendor brain damage on
On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff kurt.b...@gmail.com wrote:
Packet of death
http://blog.krisk.org/2013/02/packets-of-death.html
P.S.: From the author, in the comments: [Intel] considered this
issue to be completely isolated to me. Once I deployed my fix it was
case closed and they
I didn't know that Sophos had gotten into the hardware world.
That's very interesting, and I'll have to take a look at it.
Just as an aside - I think that wired end-point connectivity is going
the way of the dodo, except for the most demanding loads, so it make a
deal of sense for them to do
On Wed, Feb 6, 2013 at 7:03 PM, Ben Scott mailvor...@gmail.com wrote:
On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff kurt.b...@gmail.com wrote:
Packet of death
http://blog.krisk.org/2013/02/packets-of-death.html
P.S.: From the author, in the comments: [Intel] considered this
issue to be
Wired connectivity is going to be around for a while - even for EUC. Lots of
orgs (governments, banks etc.) have limited or no wireless available for
various reasons.
Cheers
Ken
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Thursday, 7 February 2013 5:22 PM
To:
68 matches
Mail list logo
