Logging in as a Domain Admin, on Windows 2008 R2 DC and checking out the
automatic updates settings, and its not allowing us to change anything,
its basically greyed out.
Any Idea accordingly? We had a GPO from the Windows 2003 domain which
disabled automatic updates at the ROOT of the Child doma
TIA A+, N+, VSP4, VTSP4
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, October 05, 2010 1:24 PM
To: NT System Admin Issues
Subject: RE: Blackberry 5x and issues contacting GAL on Windows 2008 R2
DC's with Exchange 2003, Help.
Wonderful,
We are already on Windows 20
that should be...interesting.
- WJR
On Tue, Oct 5, 2010 at 12:23, Ziots, Edward wrote:
Wonderful,
We are already on Windows 2008 R2 Dc's now, but I don't think we have
raised the DFL/FFL yet. I dunno if we can re-introduce a Win2k3 DC back
into the Domain now and have the BlackBerry se
t path until we found out RIM did not support
it, and numerous hits on Google on problems caused by this config.
On a side rant, how sad is it in 2010 that RIM still recommends WS 2003?
32 bit no less!
- WJR
On Tue, Oct 5, 2010 at 12:14, Ziots, Edward wrote:
Has anyone who has upgraded to Win
Tasklist? Or possibly TCpview?
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, October 05, 2010 1:34 PM
To: NT System Admin Issues
Subject:
I agree, I was down in Lavalette this summer with my Niece and Nephew
and the Jersey shore was very nice.
Most people don't know how nice Jersey actually is, because all they
think its like Newark
That and Cape May was very nice also...
Z
Edward E. Ziots
CISSP, Network +, Secu
, 2010 at 12:14, Ziots, Edward wrote:
Has anyone who has upgraded to Windows 2008 R2 Dc's seen an issue with
Blackberry Server 5.x failing to do lookups of contacts (email
addresses) in the GAL. Exchange Server is Exchange 2003 SP2.
Do an upgrade to Windows 2008 R2 as we speak, and ran into
DC's with Exchange 2003, Help.
We started to go down that path until we found out RIM did not support
it, and numerous hits on Google on problems caused by this config.
On a side rant, how sad is it in 2010 that RIM still recommends WS 2003?
32 bit no less!
- WJR
On Tue, Oct 5, 2010 at 12:14
Has anyone who has upgraded to Windows 2008 R2 Dc's seen an issue with
Blackberry Server 5.x failing to do lookups of contacts (email
addresses) in the GAL. Exchange Server is Exchange 2003 SP2.
Do an upgrade to Windows 2008 R2 as we speak, and ran into this issue,
which is affecting all the b
Repost From Jason Cooper on alternative security list:
Seems like the threat from this one reached the critical level and a
fire was lit under someones behind to make sure the patch was available
accordingly. I would put this pretty high on your patch list if you have
external facing ASP.NET ba
ing.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, September 27, 2010 11:06 AM
To: NT System Admin Issues
Subject: Has anyone see this before with GPRESULT
Running GPRESULT remotely from my Windows 7 and
Running GPRESULT remotely from my Windows 7 and XP machines to check out
the group policy of a workstation that GE Medical systems says isnt
working accordingly.
We pre populated the computer accounts in the OU's they specified, but
at one hospital when we do a GPresult against a remote machin
: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Sent: Wednesday, September 22, 2010 2:33 PM
To: NT System Admin Issues
Subject: RE: KMS Help
Are you out of activations? There 'should' be a count on your MS
licensing site.
____
From: "Ziots, Edwar
Berry
From: "Ziots, Edward"
Date: Wed, 22 Sep 2010 14:23:53 -0400
To: NT System Admin Issues
ReplyTo: "NT System Admin Issues"
Subject: RE: KMS Help
Another question on the KMS thing, is there a certain limit of Windows
2008 R2 systems
Another question on the KMS thing, is there a certain limit of Windows
2008 R2 systems you can license through M$ (Via the Activate interface)
in Windows 2008 R2 before your license key doesn't allow you to activate
anymore without a KMS?
Z
Edward E. Ziots
CISSP, Network +, Security +
Ne
Has anyone see issues with the latest IIS patch causing Default Web
Application Pool to error out, and bomb?
Specifically Patch 2124261 which was from MS10-065 accordingly?
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.o
Yes HP has Firmware Maintenance DVD's now, I think the latest is Version
9.1.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Monday, Septembe
+1 with ASB's assessment,
Malware analysis is a very hot topic these days and the attackers are
only limited by their imagination of what they can pack in a seemingly
"harmless" MP3, MP4, PDF, Doc etc etc file. Because they know what is
triggering the vulnerability ( either publically known, o
com http://www.eaglemds.com/>
________
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, September 16, 2010 11:44 AM
To: NT System Admin Issues
Subject: RE: security concern - ESX host repeatedly hitting external
IP...
> 72.18.205.156
Name:mail.fre
> 72.18.205.156
Name:mail.freerip.com
Address: 72.18.205.156
That isnt pool.NTP.ORG block, which is commonly utilized in ESX
environments to provide synced time to the ESX hosts and therefore its
underlying ESX guests. You might need to see which ESX host its coming
from and interrog
sers. It will
be less daunting to them than OpenDNS, for sure, and addresses the one
thing they really (should) care about.
ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>
Exploiting Technology for Business Advantage...
On Thu, Sep 16, 2010 at 8:31 AM, Ziots, Edward
wrote:
Usin
Using Open DNS also, but the clear cloud idea does have some merits, I
might try this on my PC at home, and see how it works.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Jonathan Link [mail
I agree that the fingerprint might not be the best biometric method, but its
usually the most accepted method. Agree that is can be forged, but it does take
some work.
We all know passwords aren't going to "cut it" but is the value of the assets
you are trying to protect worth the increase
Was hoping for something more structured.
--Tigran
On Monday, September 13, 2010, Ziots, Edward wrote:
> Well you can use Keepass from the password safe, we also utilize a big
> spreadsheet to track server resources and I have about 800+ here. You could
> probably import that into acc
Well you can use Keepass from the password safe, we also utilize a big
spreadsheet to track server resources and I have about 800+ here. You could
probably import that into access or even SQL and have a web-front-end written
to allow you to update the asset accordingly.
Check on SourceForge.ne
Joined.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
-Original Message-
From: Stu Sjouwerman [mailto:s...@sunbelt-software.com]
Sent: Friday, September 10, 2010 2:21 PM
To: NT System Admin Issues
Subj
Humm a lot of what I read was packed PDF's, with links to .SCR and WMV
files.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Friday, September
Saw this about two days ago, from other sources, already put the
mitigating controls in place, and sent the alerts to the user community.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Sam Cay
Poker at Bellagio (while in Vegas) along with going to Luxor for the
shows.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Jeff Steward [mailto:jstew...@gmail.com]
Sent: Thursday, September
http://secunia.com/advisories/41340/
Heads up, more fun from Adobe Land!
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
Yep same, MCSE in 4.0 MCSA 2000, nothing for 2k3, prolly nadda for
Win2k8.
But I have to say I am liking SQL 2005/SQL 2008, maybe enough to study
for the MCITP in SQL 2005/2008 accordingly.
Also quick question about IIS 7.0.
I am reading the IIS 7 Implementation and Administration by
Even before that I would be working on a Security SLA for the contract
with the provider accordingly. And be prepared to audit that provider a
lot to ensure they are sticking to the SLA.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@
+1,
But again people are going cash-only these days because of the economy,
and they are thinking that the debit card is tied to the available cash
they have on hand which is tied to their bank account. It takes one nice
XSS/CSRF attack via a malicious webpage while you are viewing your
bank-s
Too bad, I am stuck up in RI... J
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Friday, September 03, 2010 11:27 AM
To: NT System Adm
I am totally not surprised, why I have said that AV is next to useless these
days, because the hackers, and malware authors are creating malware that
specifically can't be detected by modern AV.
Again, control the code execution, you have a better chance at keeping the
Malware off the system.
them to standard when we find them.
No access to the servers needed.
Steven
On Wed, Sep 1, 2010 at 3:12 PM, Ziots, Edward
wrote:
The only folks with full control on the folders, is the local
administrators, the local administrators are highly restricted to about
four people in this new arrangemen
he shares. Yes, it
might not be what they are used to, and they can't create shares this
way, but there's no reason that they can't change NTFS permissions.
I may not understand your needs, either.
On Wed, Sep 1, 2010 at 4:57 PM, Ziots, Edward
wrote:
I am not sure, I can tell
On Wed, Sep 1, 2010 at 4:42 PM, Ziots, Edward
wrote:
Yep,
Looks like we are going to have to go that way, problem is they field a
lot of calls about permissions and directories and not gaining access,
etc etc, which is just going to now fall on the Server Engineering
group, more pain... more
Link [mailto:jonathan.l...@gmail.com]
Sent: Wednesday, September 01, 2010 4:45 PM
To: NT System Admin Issues
Subject: Re: Trying to limit my helpdesk to Power User rights,
As in file permissions?
On Wed, Sep 1, 2010 at 4:42 PM, Ziots, Edward
wrote:
Yep,
Looks like we are going to have to go tha
archive/2006/03/12/421870.as
px
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, September 01, 2010 2:02 PM
To: NT System Admin Issues
Subject: Trying to limit my helpdesk to Power User rights,
I am trying as a method of locking down my Win2k8 and below servers is
removing
I am trying as a method of locking down my Win2k8 and below servers is
removing administrative rights wherever I can to the minimal level, I
have setup my helpdesk folks to be Power users on one of my Windows 2008
R2 boxes, and if they login local to the box, they can create a
directory and share l
Got a screwy one here again,
I am trying to get the HP Insight Management Service to be available via
the Windows Firewall in Windows 2008 R2, when I look at the Firewall
Settings it is set to the Domain Profile, and I add the service in
accordingly and allow the ports ( 2301,2381) and sure en
Cross Post from Susan Bradley off another list, kudos to her.
Apple QuickTime backdoor creates code-execution peril * The Register:
http://www.theregister.co.uk/2010/08/30/apple_quicktime_critical_vuln/
Bugtraq: [0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code
execution:
Well studying up on that right now, probably moving towards it as I tier out my
Windows 2008 R2/SQL 2008 R2 and retiring SQL 2000 and collapsing more SQL 2005
accordingly. But straight out with Brain-bandwidth coming up to speed with
Windows 2008 R2 ( Miansi's book is a killer, well written and
.REG you setted on a machine to machines
And for small envs with workgoups you should visit the machines as Admin
GuidoElia
HELPPC
Da: Ziots, Edward [mailto:ezi...@lifespan.org]
Inviato: giovedì 26 agosto 2010 16.06
A: NT System Admin Issues
I don't believe so,
Spin up a test VM, upgrade the processors to (2) or more it turns to
Multi Proc when you look at Processors in Device Manager, then shutdown
the VM remove a processor, it will still show a Multi processor in
Device manager ( It should, I haven't tested) and Windows should l
+1,
M$ has documented the right way of doing it, it's the developers of the
software that is vulnerable that are the main culprit.
Doesn't mean that we aren't going to live a lot of pain from this
one
Just another issue on the pile to deal with. Glad I got a HIPS around
the workstations, w
e may consider this also to be
an exploit - $#*& piggy-backers!
--
richard
"Ziots, Edward" wrote on 08/26/2010 07:54:27 AM:
> Repost from BugTraq, ( There is multiple vulnerabilities in adobe
> that are fixed with the APSB10-020 not just this one. Also it seems
> they have
Apply the hotfix accordingly. Set the registry key on a machine, export the
.REG file and apply via a computer Startup GPO to the targeted systems. Or you
can use regini to script out the install, etc etc.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organ
Repost from BugTraq, ( There is multiple vulnerabilities in adobe that
are fixed with the APSB10-020 not just this one. Also it seems they have
found a .DLL hijack in Adobe Illustrator CS4 and Firefox 3.6.8 from some
reports accordingly too.,
ZDI-10-164: Adobe Shockwave Player Director File
No you understood just fine. Things could break afterwards.
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: HELP_PC [mailto:g...@enter.it]
Sent: Thursday, August 26, 2010 1:29 AM
To: NT System
Marc,
He is what I don't get, and I have been asking on a few lists. Including
Microsoft's Private Security Discussion list, and I can't get a straight
answer that GELS in my head, just trying to put two and two together
here and get the concept down accordingly.
Here is the exact sentence from
Hardware and Software Requirements for Installing SQL Server 2008 R2
http://technet.microsoft.com/en-us/library/ms143506.aspx
I would +1 on the .NET Framework 4.0 removal.
Per the documentation:
1The following .NET Framework versions are required:
* SQL Server 2008 R2 on Windows Server 2003 (6
The other pain part is a lot of application developers don't know that
their applications are vulnerable or require everyone that uses the
application to have change (share) and modify (NTFS) ( or even Full)
permissions to run their application or they have application issues and
blame it on securi
Honestly, until its tested, and Abiet I would do a lot of testing with this
one. ( Especially applications loaded from shares, which it seems everyone has)
I wouldn't start going to rush out the work-arounds in the MSKB. I can see this
defintely breaking functionality or even the applications th
om/email-install>
On Fri, Aug 20, 2010 at 8:29 AM, Ziots, Edward
wrote:
http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/
HD Moore: Critical bug in 40 different Windows apps | ZDNet:
http://www.zdnet.com/blog/security/hd-moore-critical-bug-in-40-different
-windows-apps
s I'll be doing more or less exactly the same things
in my new role, there is truly no escape. :-)
On 20 August 2010 13:29, Ziots, Edward wrote:
http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/
HD Moore: Critical bug in 40 different Windows apps | ZDNet:
http://www.zdnet.c
http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/
HD Moore: Critical bug in 40 different Windows apps | ZDNet:
http://www.zdnet.com/blog/security/hd-moore-critical-bug-in-40-different-windows-apps/7188?tag=nl.e589
SecurityFocus:
http://www.securityfocus.com/archive/1/513190
L
...@pfsf.org]
Sent: Thursday, August 19, 2010 6:12 PM
To: NT System Admin Issues
Subject: Re: Will AMD buy NORTON next???
Don't be a hater Z!
John W. Cook
Systems Administrator
Partnership for Strong Families
From: Ziots, Edward
To: NT System
rsday, August 19, 2010 5:47 PM
To: NT System Admin Issues
Subject: RE: Will AMD buy NORTON next???
I'll bet you would. J
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, August 19, 2010 1:03 PM
To: NT System Admin Issues
Subject: RE: Will AMD buy NORTON next???
Wou
Wouldn't give two cents for either...
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: justino garcia [mailto:jgarciaitl...@gmail.com]
Sent: Thursday, August 19, 2010 1:52 PM
To: NT System Admin
Actually there is a quite a threat landscape on mobile devices, and its
only going to get worse, because of the lack of controls on them. Think
a remote wipe of a mobile device ( phone, BB, Iphone, Android, etc al)
is forensically sound... think again it isn't and the remote-wipe is
easy to bypass
LOL, U have stock? Fear... Tech is ebil these days...
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]
Sent: Thursday, August 19, 2010 9
Mini Hijack
OS/X is a first class CIFS client and LPR client.
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, August 18, 2010 5:47 PM
To: NT System Admin Issues
Subject: RE: C
Local Network is the Public facing network taking the traffic from the users,
and the Back network ( is setup for backups and other system administration to
happen on).
I have done this type of stuff in the past for those that want to have certain
traffic go over 1 NIC ( or set of NIC's) and a
Another Caveat to this discussion, is there a replacement in Windows
2008 R2 for File Services for Macintosh? Looks like M$ has nixed the
support for it. Is anyone using anything else for storage for you MAC
users within Windows Domains? ( 3rd party or otherwise?)
Z
Edward E. Ziots
CISSP,
Isn't the property created on the companies computers by the employees
during said work, the property of the company? Why does an employee that
leaves entitled to any information whatsoever? Again HR policy will
dictate what is truly personal, and what is business related, but could
be a nice aven
plane these days (except maybe
travelling from Sydney to Boston)
Cheers
Ken
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, 18 August 2010 1:52 AM
To: NT System Admin Issues
Subject: RE: Off topic - Career Job Advice
Good views, defintely been lurking and following this thr
Good views, defintely been lurking and following this thread. Some of
us, are stuck for certain reasons in the place we live, or within the
area that we have put down roots (for those that are married, having
extended family, or own a home, or any combination of the three and
other circumstances) a
, 2010 4:12 PM
To: NT System Admin Issues
Subject: RE: Latest Microsoft Patches - HP Universal Print Driver
Nope "Last Known" did nothing.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, August 16, 2010 3:48 PM
To: NT System Admin Issues
Subject: RE: Latest Microsoft Pa
Either can be a GINA conflict, or Registry corruption, or failure of
winlogon.exe and Crss.exe. I had this before when the Software Hive was
corrupted on a machine, and it BSOD...
And I guess Last known good didn't help either?
How to troubleshoot a "STOP 0xC21A" error
http://support
If the hypervisior is doing time-slicing of the resources, then can you
really trust what the windows counters are accordingly. I usually go off
what ESX is telling me about the VM accordingly, than the windows
counters.
Have you raised the processor shares for the VM, or dedicated a
processor
similar disk layouts on your new DCS. With x64 DCs, just
make sure to put enough memory in them to cache the DIT. 4GB is probably
the minimum to spec, but you might not need more than that depending on
the DIT size.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, August 10,
Preface: Going from Windows 2003 R2 to Windows 2008 R2 domain ( X64),
new Domain Controllers are going to be virtual ( ESX 4.x) all but one.
I saw the following article from the Active Directory team about best
practices and recommendations
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/
AM, Ziots, Edward
wrote:
> If they don't have at least read on the directory, they aren't getting
> access to it, which means they aren't going to have write, unless you
> explicitly add that accordingly, which I believe also adds read.
Incorrect.
With NTFS, objec
ganization
Email:ezi...@lifespan.org
Cell:401-639-3505
-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Tuesday, August 10, 2010 7:48 AM
To: NT System Admin Issues
Subject: RE: File server structure and perms
-Original Message-
From: Ziots, Edward [mailto:ezi...
Have you had experience is Access Based Enumeration? You can setup one
master share, and unless you have NTFS permissions of read to the
directory underneath, the user doesn't even see the directory, which
means they wouldn't be able to read/write from it, and should solve the
problem.
I do agree
Forecast for Tuesday = PAIN
And I had to come back to work on Patch week...
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
-Original Message-
From: Marc Maiffret [mailto:mmaiff...@eeye.com]
Sent: Fri
recently jumped ship over to go over
to Adobe to help them develop their own SDL...
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Friday, August 06, 2010 2:47 PM
To: NT System Admin Issues
Yep,
And still going to keep coming, until Adobe changes its ways...
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Friday, August 06, 201
ngineering
XLHealth Corporation
The Warehouse at Camden Yards
351 West Camden Street, Suite 100
Baltimore, MD 21201
410.625.2200 (main)
443.524.8573 (direct)
443-506.2400 (cell)
www.xlhealth.com
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, July 29, 2010 8:53 AM
n doing ACS with SCOM.
YMMV
Chris Bodnar, MCSE
Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003
From: "Ziots, Edward"
To:&q
on
The Warehouse at Camden Yards
351 West Camden Street, Suite 100
Baltimore, MD 21201
410.625.2200 (main)
443.524.8573 (direct)
443-506.2400 (cell)
www.xlhealth.com
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, July 29, 2010 8:53 AM
To: NT System Admin Iss
o that.
Are you using MirrorView? If so, it is possible that you are seeing the
mirror copy of the disk as well as the original.
Bill Mayo
____
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, July 29, 2010 8:32 AM
To: NT System Admin Issues
Subject
Folks,
Is anyone out there using EMC powerpath with Windows 2008 R2, to present
LUN's from an EMC SAN to servers/Clusters etc etc?
My SAN Guy, basically is telling me that the role service of Multipath
I/O is added to the server when the EMC Powerpath is added but when the
drives are prese
c
over TCP) if you need this to produce reliable log files centrally.
Cheers
Ken
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, 29 July 2010 3:50 AM
To: NT System Admin Issues
Subject: RE: Auditing in Windows 2008 and R2 what are folks doing?
800+ servers to a syslog?
folks doing?
I find it hard to fathom that you can pass an external audit w/o some
kind of formal log mgmt especially given your sector.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, July 28, 2010 12:39 PM
To: NT System Admin Issues
Subject: RE: Auditing in Windows 2008
ement,
you'll have a slightly better chance of procuring some funds.
-ASB: http://XeeSM.com/AndrewBaker
On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward
wrote:
Naa its far harder than that, I think someone said we can dump the event
logs via powershell, but using EventCombMT when I need to get
?
Tough gig then. Looks like you're going to be doing a lot of creative
stuff with dumpel.exe and the findstr command :-)
On 28 July 2010 13:06, Ziots, Edward wrote:
I don't have SCOM, I wish I had some event log auditing solution, been
asking for 5+ yrs, and all it ever falls on is
I haven't had to do this in years, but you might think about putting the
"POS" into its own group so a failure of that resource won't affect the
resources. I think this is a best practice, or used to be.
On Wed, Jul 28, 2010 at 2:42 PM, Ziots, Edward
wrote:
Got another one of
in
the past are simply installed on the C: drive, and no dependencies are
really necessary. Set the service to manual on all nodes, and then add
it into cluster administrator.
Bill Mayo
-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, July 28, 2010 2:43
Got another one of those screw ball requests, DBA put a non-cluster
aware service on one node of the SQL Server Cluster, and didn't tell us
about it, now he wants it to be a cluster aware service with its own
Group, drive, ect etc.
I haven't had to do a Generic Service before and with everything
VP is taking a copy of the museums data. ( Are those tapes encrypted?) (
If not you are looking at a Information breach very soon, and why does
the VP need to take the tapes home, why not contract to Iron mountain or
put in a safe onsite to hold those tapes and rotate them accordingly)
Food for t
gate the events for me. This is quite handy,
as it also monitors things like failed su to root on our ESX servers and
other stuff outside of the Windows event logging arena.
On 27 July 2010 20:15, Ziots, Edward wrote:
Hey gang, well I wanted to ask the group, what is everyone doing about
their au
The MD5 and SHA1 hashes of the svchost.exe on my XP SP3 box, full patched are
the following:
27c6d03bcdb8cfeb96b716f3d8be3e18 *svchost.exe (MD5 Hash)
49083ae3725a0488e0a8fbbe1335c745f70c4667 *svchost.exe (SHA-1 Hash)
Version 5.1.2600.5512 from 4/14/1008, size ( 14,336 Bytes)
Svchost is usually
Hey gang, well I wanted to ask the group, what is everyone doing about
their audit policies on Windows 2008 R2 for domain controllers or member
servers.
I have mapped out all the audit categories and sub-categories, and
events, but I don't want the logs to turn into soup, so kinda wanted to
se
Honestly,
I think we should frame that one in the SYSADMIN Hall of Fame..
Even I'd be scared to even try and contact greg for anything during his
vacation time, or fear the wrath of a crazied sys admin mubling about
how he is going to route his ISCI network using my head as a conduit...
J
n wrote:
>> WSUS admin is way behind.
>> Sees Security audit on horizon.
>> Says screw it and updates all.
>> Out of 36 servers only one bit it so
>> Damn that admin...
>>
>>
>> -Original Message-
>> From: Ziots, Edward [mailto:ez
We all been there.. stupidity of others, causes the people in the
trenches pain
Technology, no matter how well positioned is a fix for people issues (
Stupidity)..
Z
Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Ce
Subject: RE: auditing Windows security logs, File Deletion on Win2k8
Uh, yeah - PowerShell. J
See Get-EventLog and Get-WinEvent.
Regards,
Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday
901 - 1000 of 2356 matches
Mail list logo