Re: Account lockouts

2009-03-17 Thread vbs
You may want to take a look at this which was posted by Susan Bradley on another list recently Romanians find cure for conficker - Network World: http://www.networkworld.com/news/2009/031209-romanians-find-cure-for.html Security experts claim the worm is the worst infection to date, second

RE: Account lockouts

2009-03-17 Thread Kennedy, Jim
Yes, I really meant 4776. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 17, 2009 9:39 AM To: NT System Admin Issues Subject: Account lockouts Still fighting our recent Conflicker outbreak. I have not seen any 4476's in the DC' event logs for days. So I

RE: Account lockouts

2009-03-17 Thread Kennedy, Jim
DOH! Might not be a bad idea to check 4771's too. That with the spiffy tool that 'vbs' handed out via Susan may save the day. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 17, 2009 9:49 AM To: NT System Admin Issues Subject: RE: Account lockouts Yes, I really

RE: Account lockouts - Conficker Cure?

2009-03-17 Thread Roger Wright
http://www.networkworld.com/news/2009/031209-romanians-find-cure-for.htm l Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 17, 2009 9:39 AM To: NT System Admin Issues

RE: Account lockouts - Conficker Cure?

2009-03-17 Thread Kennedy, Jim
] Sent: Tuesday, March 17, 2009 11:39 AM To: NT System Admin Issues Subject: RE: Account lockouts - Conficker Cure? http://www.networkworld.com/news/2009/031209-romanians-find-cure-for.html Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Kennedy, Jim [mailto:kennedy

RE: Account lockouts

2009-03-11 Thread Glen Johnson
Issues Subject: Re: Account lockouts I'm curious to know what classes they need that for. If you can determine that local admin is only needed for (say) a computer programming class you would greatly limit your exposure. For the schools I take care of the students, staff and faculty don't do

RE: Account lockouts

2009-03-11 Thread Kennedy, Jim
: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Wednesday, March 11, 2009 8:18 AM To: NT System Admin Issues Subject: RE: Account lockouts Oh, the teachers here want the students to learn how to install software, change screen settings, you name it. I think we can live with it for the time

RE: Account lockouts

2009-03-10 Thread Kennedy, Jim
I should have added 2008 DC's. Seeing this in 3 of the 5 DC's. The killer is I can't unlock the locked accounts. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 10, 2009 11:53 AM To: NT System Admin Issues Subject: Account lockouts

RE: Account lockouts

2009-03-10 Thread Glen Johnson
user accounts. It was event 539 on server 2003. Not sure what the server 08 equivalent event number is. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 10, 2009 12:07 PM To: NT System Admin Issues Subject: RE: Account lockouts I should have

RE: Account lockouts

2009-03-10 Thread Kennedy, Jim
, it was of great value. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 10, 2009 12:41 PM To: NT System Admin Issues Subject: RE: Account lockouts Appreciate the responses...I am digging into your ideas now. I now see syn floods on two

RE: Account lockouts

2009-03-10 Thread Glen Johnson
the infection was permenant. Glen. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, March 10, 2009 3:33 PM To: NT System Admin Issues Subject: RE: Account lockouts Officially conflicker. We were/are fully patched. Must have been via a thumb drive or website

Re: Account lockouts

2009-03-10 Thread Phil Brutsche
I suspect many of your problems would be eliminated by strictly adhering to the principle of least privilege. Glen Johnson wrote: I feel your pain. We're just now getting past it. We had 200+ lab machines w/o AV and latest patches. Said machines have deep freeze so they didn't stay infected

RE: Account lockouts

2009-03-10 Thread Glen Johnson
. Not perfect but that's one of the pitfalls of working in edu. -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Tuesday, March 10, 2009 3:50 PM To: NT System Admin Issues Subject: Re: Account lockouts I suspect many of your problems would be eliminated by strictly

Re: Account lockouts

2009-03-10 Thread Ben Scott
On Tue, Mar 10, 2009 at 4:29 PM, Glen Johnson gjohn...@vhcc.edu wrote: Students need to be able to do anything on the machines Have you considered using VMs? Isolate the VMs from the main networks (or, if possible, all networks). Lock down the host OS. The student can do whatever they

Re: Account lockouts

2009-03-10 Thread Phil Brutsche
I'm curious to know what classes they need that for. If you can determine that local admin is only needed for (say) a computer programming class you would greatly limit your exposure. For the schools I take care of the students, staff and faculty don't do anything that require them to have local