Question on Windows Firewall Settings cant be changed on WIndows 2008 R2 Dc

Logging in as a Domain Admin, on Windows 2008 R2 DC and checking out the automatic updates settings, and its not allowing us to change anything, its basically greyed out. Any Idea accordingly? We had a GPO from the Windows 2003 domain which disabled automatic updates at the ROOT of the Child doma

RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

TIA A+, N+, VSP4, VTSP4 From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, October 05, 2010 1:24 PM To: NT System Admin Issues Subject: RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help. Wonderful, We are already on Windows 20

RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

that should be...interesting. - WJR On Tue, Oct 5, 2010 at 12:23, Ziots, Edward wrote: Wonderful, We are already on Windows 2008 R2 Dc's now, but I don't think we have raised the DFL/FFL yet. I dunno if we can re-introduce a Win2k3 DC back into the Domain now and have the BlackBerry se

RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

t path until we found out RIM did not support it, and numerous hits on Google on problems caused by this config. On a side rant, how sad is it in 2010 that RIM still recommends WS 2003? 32 bit no less! - WJR On Tue, Oct 5, 2010 at 12:14, Ziots, Edward wrote: Has anyone who has upgraded to Win

RE: W2K server connecting to Admin$ share on 2K3 DC

Tasklist? Or possibly TCpview? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: David Lum [mailto:david@nwea.org] Sent: Tuesday, October 05, 2010 1:34 PM To: NT System Admin Issues Subject:

RE: OT: weather.com

I agree, I was down in Lavalette this summer with my Niece and Nephew and the Jersey shore was very nice. Most people don't know how nice Jersey actually is, because all they think its like Newark That and Cape May was very nice also... Z Edward E. Ziots CISSP, Network +, Secu

RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

, 2010 at 12:14, Ziots, Edward wrote: Has anyone who has upgraded to Windows 2008 R2 Dc's seen an issue with Blackberry Server 5.x failing to do lookups of contacts (email addresses) in the GAL. Exchange Server is Exchange 2003 SP2. Do an upgrade to Windows 2008 R2 as we speak, and ran into

RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

DC's with Exchange 2003, Help. We started to go down that path until we found out RIM did not support it, and numerous hits on Google on problems caused by this config. On a side rant, how sad is it in 2010 that RIM still recommends WS 2003? 32 bit no less! - WJR On Tue, Oct 5, 2010 at 12:14

Blackberry 5x and issues contacting GAL on Windows 2008 R2 DC's with Exchange 2003, Help.

Has anyone who has upgraded to Windows 2008 R2 Dc's seen an issue with Blackberry Server 5.x failing to do lookups of contacts (email addresses) in the GAL. Exchange Server is Exchange 2003 SP2. Do an upgrade to Windows 2008 R2 as we speak, and ran into this issue, which is affecting all the b

Repost Latest 0 day in Microsoft ASP.NET to be patched out of band tommorrow

Repost From Jason Cooper on alternative security list: Seems like the threat from this one reached the critical level and a fire was lit under someones behind to make sure the patch was available accordingly. I would put this pretty high on your patch list if you have external facing ASP.NET ba

RE: Has anyone see this before with GPRESULT

ing. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, September 27, 2010 11:06 AM To: NT System Admin Issues Subject: Has anyone see this before with GPRESULT Running GPRESULT remotely from my Windows 7 and

Has anyone see this before with GPRESULT

Running GPRESULT remotely from my Windows 7 and XP machines to check out the group policy of a workstation that GE Medical systems says isnt working accordingly. We pre populated the computer accounts in the OU's they specified, but at one hospital when we do a GPresult against a remote machin

RE: KMS Help

: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, September 22, 2010 2:33 PM To: NT System Admin Issues Subject: RE: KMS Help Are you out of activations? There 'should' be a count on your MS licensing site. ____ From: "Ziots, Edwar

RE: KMS Help

Berry From: "Ziots, Edward" Date: Wed, 22 Sep 2010 14:23:53 -0400 To: NT System Admin Issues ReplyTo: "NT System Admin Issues" Subject: RE: KMS Help Another question on the KMS thing, is there a certain limit of Windows 2008 R2 systems

RE: KMS Help

Another question on the KMS thing, is there a certain limit of Windows 2008 R2 systems you can license through M$ (Via the Activate interface) in Windows 2008 R2 before your license key doesn't allow you to activate anymore without a KMS? Z Edward E. Ziots CISSP, Network +, Security + Ne

HIjack of Thread IIS Issue

Has anyone see issues with the latest IIS patch causing Default Web Application Pool to error out, and bomb? Specifically Patch 2124261 which was from MS10-065 accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.o

RE: HP update utility

Yes HP has Firmware Maintenance DVD's now, I think the latest is Version 9.1. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: James Rankin [mailto:kz2...@googlemail.com] Sent: Monday, Septembe

RE: iTunes

+1 with ASB's assessment, Malware analysis is a very hot topic these days and the attackers are only limited by their imagination of what they can pack in a seemingly "harmless" MP3, MP4, PDF, Doc etc etc file. Because they know what is triggering the vulnerability ( either publically known, o

RE: security concern - ESX host repeatedly hitting external IP...

com http://www.eaglemds.com/> ________ From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, September 16, 2010 11:44 AM To: NT System Admin Issues Subject: RE: security concern - ESX host repeatedly hitting external IP... > 72.18.205.156 Name:mail.fre

RE: security concern - ESX host repeatedly hitting external IP...

> 72.18.205.156 Name:mail.freerip.com Address: 72.18.205.156 That isnt pool.NTP.ORG block, which is commonly utilized in ESX environments to provide synced time to the ESX hosts and therefore its underlying ESX guests. You might need to see which ESX host its coming from and interrog

RE: #*&$&% "Security Tools" Malware

sers. It will be less daunting to them than OpenDNS, for sure, and addresses the one thing they really (should) care about. ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker> Exploiting Technology for Business Advantage... On Thu, Sep 16, 2010 at 8:31 AM, Ziots, Edward wrote: Usin

RE: #*&$&% "Security Tools" Malware

Using Open DNS also, but the clear cloud idea does have some merits, I might try this on my PC at home, and see how it works. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Jonathan Link [mail

RE: Biometric AD authentication

I agree that the fingerprint might not be the best biometric method, but its usually the most accepted method. Agree that is can be forged, but it does take some work. We all know passwords aren't going to "cut it" but is the value of the assets you are trying to protect worth the increase

RE: Server list application

Was hoping for something more structured. --Tigran On Monday, September 13, 2010, Ziots, Edward wrote: > Well you can use Keepass from the password safe, we also utilize a big > spreadsheet to track server resources and I have about 800+ here. You could > probably import that into acc

RE: Server list application

Well you can use Keepass from the password safe, we also utilize a big spreadsheet to track server resources and I have about 800+ here. You could probably import that into access or even SQL and have a web-front-end written to allow you to update the asset accordingly. Check on SourceForge.ne

RE: New ISAT Discussion Group - Join me.

Joined. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 -Original Message- From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Friday, September 10, 2010 2:21 PM To: NT System Admin Issues Subj

RE: OT : Malware alerts from McAfee, anyone experienced these yet ?

Humm a lot of what I read was packed PDF's, with links to .SCR and WMV files. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, September

RE: OT : Malware alerts from McAfee, anyone experienced these yet ?

Saw this about two days ago, from other sources, already put the mitigating controls in place, and sent the alerts to the user community. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Sam Cay

RE: OT: Completely off topic

Poker at Bellagio (while in Vegas) along with going to Luxor for the shows. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Jeff Steward [mailto:jstew...@gmail.com] Sent: Thursday, September

0 Day Adobe Reader

http://secunia.com/advisories/41340/ Heads up, more fun from Adobe Land! Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

RE: Mac and Windows mix

Yep same, MCSE in 4.0 MCSA 2000, nothing for 2k3, prolly nadda for Win2k8. But I have to say I am liking SQL 2005/SQL 2008, maybe enough to study for the MCITP in SQL 2005/2008 accordingly. Also quick question about IIS 7.0. I am reading the IIS 7 Implementation and Administration by

RE: Google email for corporate use

Even before that I would be working on a Security SLA for the contract with the provider accordingly. And be prepared to audit that provider a lot to ensure they are sticking to the SLA. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@

RE: [ISN] Russian Trojan blamed for credit card losses at US diner

+1, But again people are going cash-only these days because of the economy, and they are thinking that the debit card is tied to the available cash they have on hand which is tied to their bank account. It takes one nice XSS/CSRF attack via a malicious webpage while you are viewing your bank-s

RE: %DAYJOB%

Too bad, I am stuck up in RI... J Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, September 03, 2010 11:27 AM To: NT System Adm

RE: [ISN] Russian Trojan blamed for credit card losses at US diner

I am totally not surprised, why I have said that AV is next to useless these days, because the hackers, and malware authors are creating malware that specifically can't be detected by modern AV. Again, control the code execution, you have a better chance at keeping the Malware off the system.

RE: Trying to limit my helpdesk to Power User rights,

them to standard when we find them. No access to the servers needed. Steven On Wed, Sep 1, 2010 at 3:12 PM, Ziots, Edward wrote: The only folks with full control on the folders, is the local administrators, the local administrators are highly restricted to about four people in this new arrangemen

RE: Trying to limit my helpdesk to Power User rights,

he shares. Yes, it might not be what they are used to, and they can't create shares this way, but there's no reason that they can't change NTFS permissions. I may not understand your needs, either. On Wed, Sep 1, 2010 at 4:57 PM, Ziots, Edward wrote: I am not sure, I can tell

RE: Trying to limit my helpdesk to Power User rights,

On Wed, Sep 1, 2010 at 4:42 PM, Ziots, Edward wrote: Yep, Looks like we are going to have to go that way, problem is they field a lot of calls about permissions and directories and not gaining access, etc etc, which is just going to now fall on the Server Engineering group, more pain... more

RE: Trying to limit my helpdesk to Power User rights,

Link [mailto:jonathan.l...@gmail.com] Sent: Wednesday, September 01, 2010 4:45 PM To: NT System Admin Issues Subject: Re: Trying to limit my helpdesk to Power User rights, As in file permissions? On Wed, Sep 1, 2010 at 4:42 PM, Ziots, Edward wrote: Yep, Looks like we are going to have to go tha

RE: Trying to limit my helpdesk to Power User rights,

archive/2006/03/12/421870.as px From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, September 01, 2010 2:02 PM To: NT System Admin Issues Subject: Trying to limit my helpdesk to Power User rights, I am trying as a method of locking down my Win2k8 and below servers is removing

Trying to limit my helpdesk to Power User rights,

I am trying as a method of locking down my Win2k8 and below servers is removing administrative rights wherever I can to the minimal level, I have setup my helpdesk folks to be Power users on one of my Windows 2008 R2 boxes, and if they login local to the box, they can create a directory and share l

WIndows 2008 Firewall Need to Add service to Domain Profile

Got a screwy one here again, I am trying to get the HP Insight Management Service to be available via the Windows Firewall in Windows 2008 R2, when I look at the Firewall Settings it is set to the Domain Profile, and I add the service in accordingly and allow the ports ( 2301,2381) and sure en

New Backdoor in Apple Quicktime heads up.

Cross Post from Susan Bradley off another list, kudos to her. Apple QuickTime backdoor creates code-execution peril * The Register: http://www.theregister.co.uk/2010/08/30/apple_quicktime_critical_vuln/ Bugtraq: [0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code execution:

RE: Installing SQL 2008 R2 - problem?

Well studying up on that right now, probably moving towards it as I tier out my Windows 2008 R2/SQL 2008 R2 and retiring SQL 2000 and collapsing more SQL 2005 accordingly. But straight out with Brain-bandwidth coming up to speed with Windows 2008 R2 ( Miansi's book is a killer, well written and

RE: Insecure Library Loading Vulnerability

.REG you setted on a machine to machines And for small envs with workgoups you should visit the machines as Admin GuidoElia HELPPC Da: Ziots, Edward [mailto:ezi...@lifespan.org] Inviato: giovedì 26 agosto 2010 16.06 A: NT System Admin Issues

RE: Decrease number of CPUs in Windows?

I don't believe so, Spin up a test VM, upgrade the processors to (2) or more it turns to Multi Proc when you look at Processors in Device Manager, then shutdown the VM remove a processor, it will still show a Multi processor in Device manager ( It should, I haven't tested) and Windows should l

RE: Insecure Library Loading Vulnerability

+1, M$ has documented the right way of doing it, it's the developers of the software that is vulnerable that are the main culprit. Doesn't mean that we aren't going to live a lot of pain from this one Just another issue on the pile to deal with. Glad I got a HIPS around the workstations, w

RE: New Attacks on Adobe Shockwave APSB10-020 has been released.

e may consider this also to be an exploit - $#*& piggy-backers! -- richard "Ziots, Edward" wrote on 08/26/2010 07:54:27 AM: > Repost from BugTraq, ( There is multiple vulnerabilities in adobe > that are fixed with the APSB10-020 not just this one. Also it seems > they have

RE: Insecure Library Loading Vulnerability

Apply the hotfix accordingly. Set the registry key on a machine, export the .REG file and apply via a computer Startup GPO to the targeted systems. Or you can use regini to script out the install, etc etc. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organ

New Attacks on Adobe Shockwave APSB10-020 has been released.

Repost from BugTraq, ( There is multiple vulnerabilities in adobe that are fixed with the APSB10-020 not just this one. Also it seems they have found a .DLL hijack in Adobe Illustrator CS4 and Firefox 3.6.8 from some reports accordingly too., ZDI-10-164: Adobe Shockwave Player Director File

RE: Insecure Library Loading Vulnerability

No you understood just fine. Things could break afterwards. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: HELP_PC [mailto:g...@enter.it] Sent: Thursday, August 26, 2010 1:29 AM To: NT System

RE: DLL hijacking vulnerabilities more question

Marc, He is what I don't get, and I have been asking on a few lists. Including Microsoft's Private Security Discussion list, and I can't get a straight answer that GELS in my head, just trying to put two and two together here and get the concept down accordingly. Here is the exact sentence from

RE: Installing SQL 2008 R2 - problem?

Hardware and Software Requirements for Installing SQL Server 2008 R2 http://technet.microsoft.com/en-us/library/ms143506.aspx I would +1 on the .NET Framework 4.0 removal. Per the documentation: 1The following .NET Framework versions are required: * SQL Server 2008 R2 on Windows Server 2003 (6

RE: DLL hijacking vulnerabilities

The other pain part is a lot of application developers don't know that their applications are vulnerable or require everyone that uses the application to have change (share) and modify (NTFS) ( or even Full) permissions to run their application or they have application issues and blame it on securi

RE: DLL hijacking vulnerabilities

Honestly, until its tested, and Abiet I would do a lot of testing with this one. ( Especially applications loaded from shares, which it seems everyone has) I wouldn't start going to rush out the work-arounds in the MSKB. I can see this defintely breaking functionality or even the applications th

RE: 200 + Windows applications trivial to exploit bugs

om/email-install> On Fri, Aug 20, 2010 at 8:29 AM, Ziots, Edward wrote: http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/ HD Moore: Critical bug in 40 different Windows apps | ZDNet: http://www.zdnet.com/blog/security/hd-moore-critical-bug-in-40-different -windows-apps

RE: 200 + Windows applications trivial to exploit bugs

s I'll be doing more or less exactly the same things in my new role, there is truly no escape. :-) On 20 August 2010 13:29, Ziots, Edward wrote: http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/ HD Moore: Critical bug in 40 different Windows apps | ZDNet: http://www.zdnet.c

200 + Windows applications trivial to exploit bugs

http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/ HD Moore: Critical bug in 40 different Windows apps | ZDNet: http://www.zdnet.com/blog/security/hd-moore-critical-bug-in-40-different-windows-apps/7188?tag=nl.e589 SecurityFocus: http://www.securityfocus.com/archive/1/513190 L

RE: Will AMD buy NORTON next???

...@pfsf.org] Sent: Thursday, August 19, 2010 6:12 PM To: NT System Admin Issues Subject: Re: Will AMD buy NORTON next??? Don't be a hater Z! John W. Cook Systems Administrator Partnership for Strong Families From: Ziots, Edward To: NT System

RE: Will AMD buy NORTON next???

rsday, August 19, 2010 5:47 PM To: NT System Admin Issues Subject: RE: Will AMD buy NORTON next??? I'll bet you would. J From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, August 19, 2010 1:03 PM To: NT System Admin Issues Subject: RE: Will AMD buy NORTON next??? Wou

RE: Will AMD buy NORTON next???

Wouldn't give two cents for either... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, August 19, 2010 1:52 PM To: NT System Admin

RE: Intel to buy McAfee for $7.68 billion

Actually there is a quite a threat landscape on mobile devices, and its only going to get worse, because of the lack of controls on them. Think a remote wipe of a mobile device ( phone, BB, Iphone, Android, etc al) is forensically sound... think again it isn't and the remote-wipe is easy to bypass

RE: Intel to buy McAfee for $7.68 billion

LOL, U have stock? Fear... Tech is ebil these days... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Thursday, August 19, 2010 9

RE: Cannot update schema to 2008 Mini Hijack

Mini Hijack OS/X is a first class CIFS client and LPR client. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, August 18, 2010 5:47 PM To: NT System Admin Issues Subject: RE: C

RE: pinging servers

Local Network is the Public facing network taking the traffic from the users, and the Back network ( is setup for backups and other system administration to happen on). I have done this type of stuff in the past for those that want to have certain traffic go over 1 NIC ( or set of NIC's) and a

RE: Cannot update schema to 2008 Mini Hijack

Another Caveat to this discussion, is there a replacement in Windows 2008 R2 for File Services for Macintosh? Looks like M$ has nixed the support for it. Is anyone using anything else for storage for you MAC users within Windows Domains? ( 3rd party or otherwise?) Z Edward E. Ziots CISSP,

RE: Old user data

Isn't the property created on the companies computers by the employees during said work, the property of the company? Why does an employee that leaves entitled to any information whatsoever? Again HR policy will dictate what is truly personal, and what is business related, but could be a nice aven

RE: Off topic - Career Job Advice

plane these days (except maybe travelling from Sydney to Boston) Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, 18 August 2010 1:52 AM To: NT System Admin Issues Subject: RE: Off topic - Career Job Advice Good views, defintely been lurking and following this thr

RE: Off topic - Career Job Advice

Good views, defintely been lurking and following this thread. Some of us, are stuck for certain reasons in the place we live, or within the area that we have put down roots (for those that are married, having extended family, or own a home, or any combination of the three and other circumstances) a

RE: Latest Microsoft Patches - HP Universal Print Driver

, 2010 4:12 PM To: NT System Admin Issues Subject: RE: Latest Microsoft Patches - HP Universal Print Driver Nope "Last Known" did nothing. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 16, 2010 3:48 PM To: NT System Admin Issues Subject: RE: Latest Microsoft Pa

RE: Latest Microsoft Patches - HP Universal Print Driver

Either can be a GINA conflict, or Registry corruption, or failure of winlogon.exe and Crss.exe. I had this before when the Software Hive was corrupted on a machine, and it BSOD... And I guess Last known good didn't help either? How to troubleshoot a "STOP 0xC21A" error http://support

RE: processor utilization question

If the hypervisior is doing time-slicing of the resources, then can you really trust what the windows counters are accordingly. I usually go off what ESX is telling me about the VM accordingly, than the windows counters. Have you raised the processor shares for the VM, or dedicated a processor

RE: Question about Spliting Active directory files on seperate volumes

similar disk layouts on your new DCS. With x64 DCs, just make sure to put enough memory in them to cache the DIT. 4GB is probably the minimum to spec, but you might not need more than that depending on the DIT size. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, August 10,

Question about Spliting Active directory files on seperate volumes

Preface: Going from Windows 2003 R2 to Windows 2008 R2 domain ( X64), new Domain Controllers are going to be virtual ( ESX 4.x) all but one. I saw the following article from the Active Directory team about best practices and recommendations http://blogs.dirteam.com/blogs/sanderberkouwer/archive/

RE: File server structure and perms

AM, Ziots, Edward wrote: > If they don't have at least read on the directory, they aren't getting > access to it, which means they aren't going to have write, unless you > explicitly add that accordingly, which I believe also adds read. Incorrect. With NTFS, objec

RE: File server structure and perms

ganization Email:ezi...@lifespan.org Cell:401-639-3505 -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, August 10, 2010 7:48 AM To: NT System Admin Issues Subject: RE: File server structure and perms -Original Message- From: Ziots, Edward [mailto:ezi...

RE: File server structure and perms

Have you had experience is Access Based Enumeration? You can setup one master share, and unless you have NTFS permissions of read to the directory underneath, the user doesn't even see the directory, which means they wouldn't be able to read/write from it, and should solve the problem. I do agree

RE: Massive Patch Tuesday

Forecast for Tuesday = PAIN And I had to come back to work on Patch week... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 -Original Message- From: Marc Maiffret [mailto:mmaiff...@eeye.com] Sent: Fri

RE: Adobe Acrobat Font Parsing Integer Overflow Vulnerability

recently jumped ship over to go over to Adobe to help them develop their own SDL... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Friday, August 06, 2010 2:47 PM To: NT System Admin Issues

RE: Adobe Acrobat Font Parsing Integer Overflow Vulnerability

Yep, And still going to keep coming, until Adobe changes its ways... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, August 06, 201

RE: EMC Powerpath and Windows 2008 R2

ngineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM

RE: Auditing in Windows 2008 and R2 what are folks doing?

n doing ACS with SCOM. YMMV Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From: "Ziots, Edward" To:&q

RE: EMC Powerpath and Windows 2008 R2

on The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Iss

RE: EMC Powerpath and Windows 2008 R2

o that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo ____ From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject

EMC Powerpath and Windows 2008 R2

Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are prese

RE: Auditing in Windows 2008 and R2 what are folks doing?

c over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog?

RE: Auditing in Windows 2008 and R2 what are folks doing?

folks doing? I find it hard to fathom that you can pass an external audit w/o some kind of formal log mgmt especially given your sector. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, July 28, 2010 12:39 PM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008

RE: Auditing in Windows 2008 and R2 what are folks doing?

ement, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get

RE: Auditing in Windows 2008 and R2 what are folks doing?

? Tough gig then. Looks like you're going to be doing a lot of creative stuff with dumpel.exe and the findstr command :-) On 28 July 2010 13:06, Ziots, Edward wrote: I don't have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is

RE: Clustering a NON_cluster aware service?

I haven't had to do this in years, but you might think about putting the "POS" into its own group so a failure of that resource won't affect the resources. I think this is a best practice, or used to be. On Wed, Jul 28, 2010 at 2:42 PM, Ziots, Edward wrote: Got another one of

RE: Clustering a NON_cluster aware service?

in the past are simply installed on the C: drive, and no dependencies are really necessary. Set the service to manual on all nodes, and then add it into cluster administrator. Bill Mayo -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, July 28, 2010 2:43

Clustering a NON_cluster aware service?

Got another one of those screw ball requests, DBA put a non-cluster aware service on one node of the SQL Server Cluster, and didn't tell us about it, now he wants it to be a cluster aware service with its own Group, drive, ect etc. I haven't had to do a Generic Service before and with everything

RE: backing up too much data

VP is taking a copy of the museums data. ( Are those tapes encrypted?) ( If not you are looking at a Information breach very soon, and why does the VP need to take the tapes home, why not contract to Iron mountain or put in a safe onsite to hold those tapes and rotate them accordingly) Food for t

RE: Auditing in Windows 2008 and R2 what are folks doing?

gate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward wrote: Hey gang, well I wanted to ask the group, what is everyone doing about their au

RE: SVCHOST grabbing CPU time, leaking memory and hanging PC

The MD5 and SHA1 hashes of the svchost.exe on my XP SP3 box, full patched are the following: 27c6d03bcdb8cfeb96b716f3d8be3e18 *svchost.exe (MD5 Hash) 49083ae3725a0488e0a8fbbe1335c745f70c4667 *svchost.exe (SHA-1 Hash) Version 5.1.2600.5512 from 4/14/1008, size ( 14,336 Bytes) Svchost is usually

Auditing in Windows 2008 and R2 what are folks doing?

Hey gang, well I wanted to ask the group, what is everyone doing about their audit policies on Windows 2008 R2 for domain controllers or member servers. I have mapped out all the audit categories and sub-categories, and events, but I don't want the logs to turn into soup, so kinda wanted to se

RE: Anyone using Forefront UAG and Direct Access

Honestly, I think we should frame that one in the SYSADMIN Hall of Fame.. Even I'd be scared to even try and contact greg for anything during his vacation time, or fear the wrath of a crazied sys admin mubling about how he is going to route his ISCI network using my head as a conduit... J

RE: Net Use requires password

n wrote: >> WSUS admin is way behind. >> Sees Security audit on horizon. >> Says screw it and updates all. >> Out of 36 servers only one bit it so >> Damn that admin... >> >> >> -Original Message- >> From: Ziots, Edward [mailto:ez

RE: Why no Internet Security Awareness Training?

We all been there.. stupidity of others, causes the people in the trenches pain Technology, no matter how well positioned is a fix for people issues ( Stupidity).. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Ce

RE: auditing Windows security logs, File Deletion on Win2k8

Subject: RE: auditing Windows security logs, File Deletion on Win2k8 Uh, yeah - PowerShell. J See Get-EventLog and Get-WinEvent. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday

<    5   6   7   8   9   10   11   12   13   14   >