RE: Assistance with eMail footers

Are you guys seriously still falling for this obvious troll? From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Wednesday, September 15, 2010 8:56 PM To: NT System Admin Issues Subject: Re: Assistance with eMail footers I think you will find they are trying to help you say "No this is a very bad

RE: iTunes

Music obtained from peer to peer networks is often infected. No music format that I am aware of has the capability of carrying executable code. All files – music or otherwise – are streams of 1’s and 0’s. I’s solely up to the application playing the files that determine what the bits mean. If t

Re: iTunes

chance that the bug would lead to usable results by the “attacker” is extremely thin. It is a bit like saying that text files should be banned because some text file might possibly exist that causes notepad to download a trojan and install it. Possible, but not very likely. From: Crawford, Scott [

RE: Cheap/Free POP3/SMTP Server?

http://erlegreer.com/L0L/ From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Monday, September 20, 2010 10:14 AM To: NT System Admin Issues Subject: RE: Cheap/Free POP3/SMTP Server? Are you *really* rolling on the floor? Shook From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, Se

RE: Speaking of Drobo ... (was: SAN question)

The difference is that memory is consumed and released over time but for the most part, storage just grows. This is the same as CPU overcommit which is one of the basis of the virtualization revolution. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, September 23, 2010 1:43

RE: Tower Climbing

That makes my hands sweaty. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Wednesday, September 29, 2010 4:02 PM To: NT System Admin Issues Subject: Tower Climbing We have a pair of 70' towers that we have our wireless bridges mounted on. I think they're really tall. I'd never go up the

RE: Restricting groups in Active Directory

You're *incredibly* optimistic. Do you actually think there's a chance that a company that wants all of IT to be Domain Admins has seen the light and doesn't let users run as local admins? From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, September 30, 2010 10:34 AM To: NT Sy

RE: Restricting groups in Active Directory

here will already be precedent for limiting administrative user rights. On Thu, Sep 30, 2010 at 12:29 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: You're *incredibly* optimistic. Do you actually think there's a chance that a company that wants all of IT to be Domain Admins

RE: GPO msi packages

Agreed, but the one big advantage is that you can deploy the wrapped setup.exe with a GPO without having to use scripts. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, October 05, 2010 2:57 PM To: NT System Admin Issues Subject: Re: GPO msi packages On T

RE: OT: weather.com

What part of ND? Williston here. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 12:34 PM To: NT System Admin Issues Subject: Re: OT: weather.com Humanity. Make fun of "them" because they aren't "us." Growing up in ND, made fun of Montanans (common joke was w

RE: OT: weather.com

ct 6, 2010 at 2:13 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: What part of ND? Williston here. From: Jonathan Link [mailto:jonathan.l...@gmail.com<mailto:jonathan.l...@gmail.com>] Sent: Tuesday, October 05, 2010 12:34 PM To: NT System Admin Issues Subject: Re: O

RE: 64 Bit flash beta 2

That would be an L2+ http://erlegreer.com/LOL/ From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, October 07, 2010 5:18 PM To: NT System Admin Issues Subject: Re: 64 Bit flash beta 2 I enjoy reading your posts, Ben. That one brought a good chuckle... ASB On Thu, Oct 7, 2010

RE: Robocopy

...and CLI strings like that are why we have GUI's :) I usually add /nfl /ndl /np /log:log.txt so I can see the errors at a glance. From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Friday, October 15, 2010 8:52 PM To: NT System Admin Issues Subject: RE: Robocopy I usually use the /mir

RE: Print Drivers

The setting you're referring to are: [cid:image001.png@01CB6EC7.88E557F0] From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, October 18, 2010 1:09 PM To: NT System Admin Issues Subject: RE: Print Drivers If I remember right there's a GP setting that says to let normal users instal

RE: ESXi

I've had to recover a file from a windows VM that was on an ESX volume. OnTrack EZRecover scanned for missing partitions and actually found the partition in the deleted VMDK and let me recover the file. EZR doesn't work on linux file systems so I couldn't restore the actual vmdk file, but that

RE: Keyboard recommendation

+1 The worst is the enter key that's two rows high and then a single key sized backspace with \ to its left. Blech. Make sure you get the inverted T cursor controls and not a + layout or worse. Also, I have to have: insert, home, pageup delete, end, page down in that order. Tell me again who th

RE: Keyboard recommendation

Well, sounds like you're a perfect candidate for mine: http://www.microsoft.com/hardware/mouseandkeyboard/ProductDetails.aspx?pid=095 From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Friday, October 22, 2010 8:33 AM To: NT System Admin Issues Subject: RE: Keyboard recomme

RE: Keyboard recommendation

n Issues Subject: RE: Keyboard recommendation this looks promising! thx ________ From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, October 22, 2010 11:41 AM To: NT System Admin Issues Subject: RE: Keyboard recommendation Well, sounds like you're a p

RE: WSUS and non public patches

Not finding anything on Bing or Google. Do you happen to have a link handy? Or does this require Essentials? From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, October 25, 2010 4:35 PM To: NT System Admin Issues Subject: RE: WSUS and non public patches I believe the System Center

RE: WindowsSecurity.com/Chris Sanders reviews VIPRE Enterprise.

Feel free, they're still there, but not terribly interesting :) -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Wednesday, October 27, 2010 4:33 PM To: NT System Admin Issues Subject: Re: WindowsSecurity.com/Chris Sanders reviews VIPRE Enterprise. On 27 Oc

RE: Adobe acrobat reader updates

Agreed. I dropped shockwave for a trial. That lasted about a week :) -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Thursday, October 28, 2010 2:12 PM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates Cool, that is the way I have be

RE: trade publications - toss or archive?

I'm pretty disappointed it went digital. I'd definitely be willing to pay for it, but they gave out so many free subscriptions, I think it just became a casualty. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, October 28, 2010 3:38 PM To: NT System Admin Issues Subject: RE

RE: Reinstallation of Windows 7

L3 very nice. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, February 10, 2012 11:23 AM To: NT System Admin Issues Subject: Re: Reinstallation of Windows 7 He's not "wrong" per se. He's just currently occupying an alternate reality from the one where his approach would work the

RE: Setup separate lab VLAN

p. 2. I can ping the firewall at 192.168.1.253 but I can't ping anything past it. Jay Dale Senior Systems Administrator P:281-574-2414 From: Crawford, Scott [mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]> Sent: Tuesday, January 31, 2012 4:39 PM To: NT Sys

RE: Allowing or not Allowing iTunes on corporate computers????

I for one would like to see the batch. We're building a GPO to install the MSIs inside the install. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, February 14, 2012 1:51 PM To: NT System Admin Issues Subject: Re: Allowing or not Allowing iTunes on corpora

RE: Picking up file server tuning again

Or the "disable PST" GPO. Sent from my Windows Phone From: Kurt Buff Sent: 2/14/2012 5:04 PM To: NT System Admin Issues Subject: Re: Picking up file server tuning again I've been beating on my users for years not to use PST files - they don't listen. I think it's

RE: Picking up file server tuning again

Works great for us Sent from my Windows Phone From: Kurt Buff Sent: 2/14/2012 7:48 PM To: NT System Admin Issues Subject: Re: Picking up file server tuning again I will be looking at that, for sure. On Tue, Feb 14, 2012 at 16:26, Crawford, Scott wrote: > Or

RE: Moxie Marlinspike's CloudCracker Aims For Speedier, Cheaper Password Cracking

Yup. scary attack against weak passwords. Against decent passwords - yawn. From: Manuel Santos [mailto:nel...@gmail.com] Sent: Monday, February 20, 2012 11:22 AM To: NT System Admin Issues Subject: Re: Moxie Marlinspike's CloudCracker Aims For Speedier, Cheaper Password Cracking I am not sure o

RE: Orphaned SIDs

No, sids never get reused. From: Rankin, James R [mailto:kz2...@googlemail.com] Sent: Tuesday, February 21, 2012 11:33 AM To: NT System Admin Issues Subject: Re: Orphaned SIDs Its probably a good idea. Could they technically be reused and therefore cause an access issue, or does Windows/AD never

RE: Limiting DHCP

How effective do you find this to be given the relative simplicity of spoofing a MAC. I understand most users won't know how, but most bad guys will and they're the ones to be worried about. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, February 21, 2012 12:27 PM To: NT Sy

RE: Limiting DHCP

I'd also look into domain isolation: http://technet.microsoft.com/en-us/network/bb545651 As explained by Steve Rilley and Jesper Johansen, it prevents a flaw in 802.11x on wired networks. -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Tuesday, February

RE: Limiting DHCP

able to plug into an arbitrary wall jack. I would consider the risk acceptable for most office environments. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Tuesday, February 21, 2012 2:11 PM To: NT System Admin Issues Subject: RE: Limiting DHCP How effective do you find this to be gi

RE: Interesting change password failure

Try not to underestimate McAfee's ability to screw up. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, February 23, 2012 11:51 AM To: NT System Admin Issues Subject: Re: Interesting change password failure In fairness, though, it would seem more logical if the answer were some so

RE: Log on to DC directly

Unfortunately, doing this violates "shouldn't log into a workstation with your DA account." Granted, it's better than logging in interactively. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, February 24, 2012 1:56 PM To: NT System Admin Issues Subject: Re:

RE: Log on to DC directly

RSAT tools in a non-interactive fashion with your DA account (that is, so that it doesn't create a local DA account profile), and you can't login interactively into your workstation with your DA account, what are you left with? Kurt On Fri, Feb 24, 2012 at 14:16, Crawford, Scott wrot

RE: Log on to DC directly

we're doing fairly well. It's a struggle to get my infrastructure team to understand some of the security details, but they're slowing getting there. Kurt On Fri, Feb 24, 2012 at 19:40, Crawford, Scott wrote: > The bottom line rule should be only enter DA credentials into truste

RE: Log on to DC directly

avoid that. Quitting the apps running under those incantations when not actively being used certainly helps, but the major thing is to not leave those credentials on disk, in whatever form, to be attacked by malefactors. Kurt On Fri, Feb 24, 2012 at 23:13, Crawford, Scott wrote: > Sounds like

RE: Log on to DC directly

logging in *anywhere* with elevated credentials, even a DC. By your logic, I can't actually use a DA account anywhere. On Sat, Feb 25, 2012 at 06:03, Crawford, Scott wrote: > I can see that there is a difference between there, but the bottom line is > that malware can doesn'

RE: Do any of you auto-cleanup AD?

Oldcmp is custom made for this. http://www.joeware.net/freetools/tools/oldcmp/index.htm From: David Lum [mailto:david@nwea.org] Sent: Monday, February 27, 2012 1:24 PM To: NT System Admin Issues Subject: Do any of you auto-cleanup AD? ADFIND.EXE is a neat little tool, I'm wondering if any of

RE: Log on to DC directly

Thanks for this. I'm only a few paragraphs in, but this is great stuff. -Original Message- From: Free, Bob [mailto:r...@pge.com] Sent: Tuesday, February 28, 2012 12:13 PM To: NT System Admin Issues Subject: RE: Log on to DC directly If you want to look at really tightening things up sea

RE: Log on to DC directly

42 sounds like the perfect number :) Agreed, but I'd suspect 3 would be a pretty beneficial place to start: 1) Unprivileged standard user 2) Local administrator 3) Domain administrator -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, February 28, 2012 5:26

RE: VMWare tools

That works. At least it does on ESX 3.5. It's also an MSI file so it can be deployed with group policy, which is very helpful. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Friday, March 02, 2012 2:52 PM To: NT System Admin Issues Subject: Re: VMWare tools Here's an idea... No idea

RE: Security questions to reset passwords, locked accounts, etc.

RE: "a simple identifier (unique to each user)" Here, we call those passwords. ;) What happens if someone forgets their simple identifier? What happens if someone over hears them giving it on the phone to reset a password? Can they get it changed? How is this any different than an extra passw

RE: Worth some consideration...

I'd rather have "good" passwords written down on a sticky note accessible only to a limited number of coworkers than "bad" passwords that can be exploited by any black-hat on the internet. Sent from my Windows Phone From: Heaton, Joseph@DFG Sent: 3/15/2012 11:07

RE: Worth some consideration...

t… On Thu, Mar 15, 2012 at 2:49 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: I'd rather have "good" passwords written down on a sticky note accessible only to a limited number of coworkers than "bad" passwords that can be exploited by any black-h

RE: Worth some consideration...

ontents of your work area. Do you have external cleaning staff? Or heck, even internal after hours cleaning staff? How can you be sure that the password hasn't been used by them? On Fri, Mar 16, 2012 at 11:58 AM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: Agreed. Just

RE: Request for thread-kill on NTSYSADMIN

Aside from not liking to see people fighting, I don't personally mind the OT stuff since it is easy to ignore. However, the listserv is already overloaded and every off-topic post contributes to the delay of on-topic posts. -Original Message- From: MMF [mailto:mmfree...@ameritech.net] S

RE: OT? usb to scsi adaptor

The question is: Will it blend? From: Jeff Brown [mailto:jbr...@webcoindustries.com] Sent: Tuesday, March 27, 2012 1:48 PM To: NT System Admin Issues Subject: RE: OT? usb to scsi adaptor RECOVER THAT! From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent:

RE: A moment of silence for the passing of another giant

I've got some promotional VHS tapes of Amiga's in action. My favorite part is a demonstration of some graphic effect and the narrator says: "But, be warned. Complex animations like these require lots of memory - often more than a megabyte." Just makes me smile :) -Original Message- Fro

RE: Blast From The Antivirus Past - You may have seen this classic:

Love it. But, if I'm reading correctly, the signatures were free, but they only detected and you'd need to update the AV program to clean them. If so, it amounts to 10 bux to clean to infections. Either way, it's a fun find. "series of hexadecimal codes" :) -Original Message- From: Stu

RE: Whitelisting

A combination is needed. Whitelisting for traditional executable code and blacklisting for data files that exploit vulnerable white listed applications. -Original Message- From: Alex Eckelberry [mailto:a...@eckelberry.com] Sent: Saturday, April 14, 2012 10:10 AM To: NT System Admin Issue

RE: Whitelisting

ssues Subject: Re: Whitelisting How do you blacklist all possible bad data files? --Original Message-- From: Crawford, Scott To: NT System Admin Issues ReplyTo: NT System Admin Issues Subject: RE: Whitelisting Sent: 14 Apr 2012 18:02 A combination is needed. Whitelisting for tradit

RE: Whitelisting

essing the Advantages of Technology for the SMB market… On Sat, Apr 14, 2012 at 1:24 PM, Rankin, James R mailto:kz2...@googlemail.com>> wrote: How do you blacklist all possible bad data files? --Original Message-- From: Crawford, Scott To: NT System Admin Issues ReplyTo: NT System Admi

RE: Whitelisting

n't understand how you can have an exploit in a data file resulting in anything else but code execution. Data itself is harmless; it's the executables that cause harm. There will always be code executed, in some form or another (unless I'm misunderstanding your point). Alex Fro

RE: Whitelisting

t's the executables that cause harm. There will always be code executed, in some form or another (unless I'm misunderstanding your point). Alex From: Crawford, Scott [mailto:crawfo...@evangel.edu<mailto:crawfo...@evangel.edu>] Sent: Monday, April 16, 2012 12:25 AM To

RE: Hooray, I'm moving to VMware!

> You don't need any physical boxes at all. Period. I'd at least want some hosts :) From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Monday, April 16, 2012 11:30 AM To: NT System Admin Issues Subject: RE: Hooray, I'm moving to VMware! Speaking of domain controllers, I a

RE: Whitelisting

on, Apr 16, 2012 at 12:25 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: Why does the code that is spawned need to download some payload or use existing files? Why can't it make its own win32 calls? From: Andrew S. Baker [mailto:asbz...@gmail.com<mailto:asbz...@gmail.com&

RE: Whitelisting

les/analysis_of_buffer_overflow_attacks.html * http://searchsecurity.techtarget.com/news/1048483/Buffer-overflow-attacks-How-do-they-work ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Mon, Apr 16, 2012 at 12:54 PM, Crawford, Scott mailto:c

RE: Whitelisting

Yup. The EICAR[1] string as a good example as well. In notepad, it's 68 ASCII characters. In DOS, it's an executable. So is it code or is it text? [1] http://eicar.org/85-0-Download.html From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, April 18, 2012 12:31 AM To: NT System Ad

RE: GPO Question

One advantage to using group policy to install MSI based applications is the ability to automatically uninstall when the GPO no longer applies. However, your installing via a script, so the install is only tangentially related to group policy. At this point, if you want to uninstall the app, yo

RE: Copying a Windows partition made difficult

No real answer for you, but we saw similar symptoms after Ghosting a drive from a ThinkPad. Turns out Ghost expects a single-sector MBR, but the Lenovo was using 4 sectors. It's been long enough that I don't remember how or if we fixed it, but it might be something to look at. There's quite a

RE: Copying a Windows partition made difficult

Might be worth the time to just install xp natively on that drive to be sure that it works. While there, compare the MBR to your clone attempt. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, May 01, 2012 11:20 AM To: NT System Admin Issues Subject: Re: Co

RE: UAC and local admin rights

Preach it brotha -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, May 01, 2012 3:58 PM To: NT System Admin Issues Subject: Re: UAC and local admin rights Short version of the below: There's a ton of crap software out there, and the amount of crap usually

RE: SUBINACL question - setting inheritance

+1 for fileacl Don't forget /FORCE for the times the user has changed the perms and locked you out. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, May 03, 2012 1:46 PM To: NT System Admin Issues Subject: Re: SUBINACL question - setting inheritance On T

RE: Copying a Windows partition made difficult

> A2. Volume serial number > A2 being different also makes sense, as that's supposed to be unique per > filesystem. I think I'd investigate making these match. There are references in the registry to these so I could conceive of this being a problem. It does sound like you're failing too early

RE: Copying a Windows partition made difficult

Cool. Well done. I look forward to the write up. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, May 08, 2012 12:00 AM To: NT System Admin Issues Subject: Re: Copying a Windows partition made difficult Success! I'll write the details up in full late

RE: Time for new core switches

Big fan of exchange here as well. We're looking to upgrade, so we might have a BlackDiamond 8810 for sale soon :) From: Kat Aylward Langan [mailto:messagel...@gmail.com] Sent: Thursday, May 17, 2012 3:07 PM To: NT System Admin Issues Subject: Re: Time for new core switches Have you checked ou

RE: Outlook multi-accounts

This is now configurable with a reg tweak in exchange 2010 http://www.windowsitpro.com/content1/topic/shared-mailboxes-office-365-142386/catpath/office-365/page/2 From: Robert Peterson [mailto:robert.peter...@prin.edu] Sent: Tuesday, May 22, 2012 2:33 PM To: NT System Admin Issues Subject: RE: O

RE: Passphrases vs. password

I've not seen rainbow tables that work for passwords longer than 14 characters, and even that excludes a large chunk of the ASCII set. From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, May 24, 2012 7:53 AM To: NT System Admin Issues Subject: RE: Passphrases vs. password Might be a

RE: Passphrases vs. password

t they are available for purchase (or you can generate them yourself - that's not as ridiculously expensive in compute-time as it was even 5 years ago). From: Crawford, Scott [mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]> Sent: Thursday, May 24, 2012 2:17 PM To:

RE: Is there a way...

Sure snip Echo 11.2.202.235, 24ms > textfile.txt snip But, I imagine that's not exactly what you're looking for. What's generating the input? Is it always in a certain form? Whats the goal? Checking ping time on computers with a certain version of flash? From: David Lum [mai

RE: Is there a way...

Why are you using MAP-WS_Results.txt? Just as a data collection point or do you possibly need more info from it later besides the 4 things you mention? If the only thing you want at the end is your master list in a text file, I would parse the data during each command. Something like this, may

RE: Is there a way...

: Is there a way... The MAP-WS.txt is the data collection point How the heck does that tokens line work? I get that it is stepping through the "Reply from 4.2.2.3: bytes=32 time=24ms TTL=53" line, but how the hell is it picking out the 5th entry and dropping off "time=" p

RE: Windows 2008 won't forget IP

Tried searching for the IP in the registry? Might turn up a clue. From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Friday, June 01, 2012 3:28 PM To: NT System Admin Issues Subject: RE: Windows 2008 won't forget IP No dupe on the other system. It seems to be OK with it up until a reboot,

RE: Redirecting front-to-back airflow in a server rack?

Probably even just switch the leads on the fan. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, June 04, 2012 3:58 PM To: NT System Admin Issues Subject: Re: Redirecting front-to-back airflow in a server rack? On Mon, Jun 4, 2012 at 4:35 PM, Kramer, Jack w

RE: Intel developing security 'game-changer'

Unless you're going to white-list every doc/jpg/pdf/mp3 you're going to open, that's not a panacea either. Documents = 1's and 0's = code. The only difference is what layer its executed at. Assume you white-list AdobeReader.exe. The next time a flaw is found that is exploited through a malfor

RE: Intel developing security 'game-changer'

nty of viable alternatives at the moment... ASB (My Bio via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Wed, Jan 26, 2011 at 2:51 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: Unless you're going to white-

RE: GP software deployment best practices

1. The difference between 32 bit and 64 bit Java correlates to which version your browser supports. Lots of plugins don't have a 64 bit version so we've basically chosen to ignore IE 64 and only push 32 bit plugins to all machines regardless of whether the OS is 32 or 64 bit. You could pus

RE: GP software deployment best practices

: NT System Admin Issues Subject: Re: GP software deployment best practices On Fri, Jan 28, 2011 at 3:53 PM, Crawford, Scott wrote: > How much RAM does a browser need to access anyway? I've had Firefox over 1 GB under "normal" conditions. Granted, I had over 100 tabs op

RE: Copying large file

Any idea how much of the file was copied? You can see the offset that's being read and written with ProcMon. That will let you know how far into the file it is, which might lend a clue. From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Monday, January 31, 2011 8:31 AM To: NT System Admin I

RE: Copying large file

RichCopy's an option too. Is it possible that the drive is damaged? From: itli...@imcu.com [mailto:itli...@imcu.com] Sent: Monday, January 31, 2011 8:52 AM To: NT System Admin Issues Subject: RE: Copying large file Xcopy From: Haritwal, Dhiraj [mailto:dhiraj.harit...@ap.sony.com] Posted At: Mon

RE: Intel developing security 'game-changer'

Bio via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Wed, Jan 26, 2011 at 5:03 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: My point is that neither signatures, nor white-listing are a panacea. The fact that we'

RE: Copying large file

x27;s. Not the same USB drive and not the same file. Just large files? I have read a bunch of KB's and they all go in different directions. ________ From: Crawford, Scott [mailto:crawfo...@evangel.edu] Posted At: Monday, January 31, 2011 11:21 AM Posted To: itli...@i

RE: Intel developing security 'game-changer'

http://www.schneier.com/blog/archives/2011/01/whitelisting_vs.html ASB (Find me online via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Mon, Jan 31, 2011 at 12:48 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: &

RE: Intel developing security 'game-changer'

r methods of tricking an .exe to doing more than displaying data in a data file. ASB (My Bio via About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Mon, Jan 31, 2011 at 2:36 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: &

RE: Intel developing security 'game-changer'

aliciousness that I can remember that did anything like that was the Slammer worm, and all that did was propagate itself. Is it 100%? Nope, and Andrew (nor anyone else taking this position) never said that. Is it easy to set up? Nope, and nobody ever said it was, either. But, if I had

RE: ADMOD question

Set it in Outlook to SecretAttributeNobodyCanFind. Then: adfind -f cn=user,ou=orgunit,dc=domain,dc=org | find /i "SecretAttributeNobodyCanFind" That will show you the attribute name its stored in...assuming its not encoded in some weird format. From: David Lum [mailto:david@nwea.org] Sent:

RE: ADMOD question

physicalDeliveryOfficeName btw, I meant: adfind -f distinguishedname=cn=user,ou=orgunit,dc=domain,dc=org | find /i "SecretAttributeNobodyCanFind" From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, February 03, 2011 2:34 PM To: NT System Admin Issues Subject:

RE: [OT] Job Change

Credit is also due to you for not leaving them high and dry...pun intended...but actually sticking it out and working through what was undoubtedly one of the toughest times there. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, February 03, 2011 4:45 PM To: NT System Admin I

RE: [semi-OT] Last IPv4 address blocks assigned

out of curiosity, how many computers does that serve? From: Kramer, Jack [jack.kra...@ur.msu.edu] Sent: Friday, February 04, 2011 8:13 AM To: NT System Admin Issues Subject: Re: [semi-OT] Last IPv4 address blocks assigned The nice thing about being at a pu

RE: [semi-OT] Last IPv4 address blocks assigned

d to 10Gb for building interconnects with most buildings at 1Gb internal networking and our fibre network extends into some areas of downtown Lansing (the local hospital, for instance) as well as to some of our satellite sites around the state. It's a big network, even if my little departmen

RE: [semi-OT] Last IPv4 address blocks assigned

cture behind the allocations either just that it wasn't as perhaps controlled as it could have been. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Tuesday, 8 February 2011 8:13 AM To: NT System Admin Issues Subject: RE: [semi-OT] Last IPv4 address blocks assigned I only skim the

RE: Windows 2008 Perms Question

1 - Heed Ben's advice about avoiding "Deny" if at all possible. Much chaos can ensue. Yeah, the last thing you want to do is get into a black-list permissions model ;) From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, February 07, 2011 5:14 PM To: NT System Admin Issues Subject: R

RE: Recovering offline files

Your bing string is csc recover. If you have the C:\Windows\CSC folder in tact, you should be able to extract the files using csccmd.exe. From: John Cook [mailto:john.c...@pfsf.org] Sent: Wednesday, February 09, 2011 10:45 AM To: NT System Admin Issues Subject: Recovering offline files Short st

RE: IPhone attack reveals passwords in six minutes

What character set are you looking at here? Assuming the 256 ASCII chars, you're looking at 256^14 or 5.19 x 10^33 passwords. At 14 chars each, it will take, you're looking at 67699845898419233783545856 GB just to store the passwords uncompressed. In order to get the list of passwords to fit in

RE: IPhone attack reveals passwords in six minutes

ord if you want to use those credentials in another scenario. E.g. I have an NTLM hash. But I need to get a Kerberos ticket, or I need to logon interactively, or a I need to logon to a non-Windows system where the credentials are synchronised. Etc. Cheers Ken From: Crawford, Scott

RE: IPhone attack reveals passwords in six minutes

a About.Me<http://about.me/Andrew.S.Baker/bio>) Exploiting Technology for Business Advantage... On Fri, Feb 11, 2011 at 2:57 AM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: What character set are you looking at here? Assuming the 256 ASCII chars, you're lookin

RE: IPhone attack reveals passwords in six minutes

n Scott [mailto:mailvor...@gmail.com] Sent: Friday, February 11, 2011 9:02 AM To: NT System Admin Issues Subject: Re: IPhone attack reveals passwords in six minutes On Fri, Feb 11, 2011 at 2:57 AM, Crawford, Scott wrote: > What character set are you looking at here? Assuming the 256 AS

RE: SQl Injection, Rainbow Tables, Social Engineering, oh my!

Fun and interesting read. Thanks. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, February 17, 2011 10:31 AM To: NT System Admin Issues Subject: SQl Injection, Rainbow Tables, Social Engineering, oh my! Further detail of the HBGary comeuppance, beat down, or substitute your o

RE: How do you deploy AV?

I'm a pretty firm believer in pushing these things through group policy. That way, there isn't a time when the computer is fully booted and logged into that its possibly missing AV. Waiting for Sophos or Vipre to push itself leaves you potentially exposed for the interval between scans. From:

  1   2   3   4   5   6   7   >