Well we certainly didn't. The only thing I will say is that the TS licensing
server was upgraded to 2008 R2 not long after we started building our Xen6
farm (well actually it was the Tech Preview version), but nothing was done
with the CALs as far as I am aware. We are running them in per-user
Good God please don't do that! Password protected Word documents do not
stand up to scrutiny.
I don't work withy HIPAA at all, but I have worked within UK FSA and DPA
guidelines for PII type data. If the patient demands it, you can send
it unencrypted (we did this with voice recordings on CD
We had two customers go down yesterday afternoon from around 4:30 - 5:30 pm
EST.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Thanks Tammy; most of my attempts at remote access were fruitless.
Besides breaking the login process, the code *seems* to have disabled
all access vectors that I know of, with the exception of IPC$ (with null
credentials only) via which I have made a connect/disconnect but nothing
more and was
Thanks. That's right around when it hit our backup connection.
On Fri, May 14, 2010 at 7:51 AM, Chris Hamby tellys...@gmail.com wrote:
We had two customers go down yesterday afternoon from around 4:30 - 5:30 pm
EST.
~ Finally, powerful endpoint security that ISN'T a resource hog!
Any chance they could air-freight you the box and let YOU hack it so you
don't have to get on a plane?
-Original Message-
From: Peter van Houten [mailto:peter...@gmail.com]
Sent: Friday, May 14, 2010 8:14 AM
To: NT System Admin Issues
Subject: Re: XP Box inaccessible
Thanks Tammy;
Heh ~ Ben already suggested that but unfortunately, no. But, I will
surely be cloning that disk before laying a dban beating on it and
poking and prodding the clone back in the workshop.
--
Peter van Houten
On the 14 May, 2010 14:34, John Aldrich wrote the following:
Any chance they could
I am designing my SQL server for a SharePoint farm. I have an iSCSI array with
15 - 420GB SAS drives. I want to use the array to house the transaction logs,
database and backups.
My thought is to use two drives in a RAID1 for the transaction logs (420GB),
Three drives in a RAID5 for the DB
Not a SQL GURU, but a SharePoint installation has like a dozen DB's
under the covers. Depending on usage, you MAY see some value in storing
a couple of them (indexing, and I forgettheotherone), on a separate
mirror.
If I can find the doc we generated here 18 months or so ago, I'll pass
more
We've seen a number of machines with McAfee on them where the update killed
them and that was not the only issue, it was the userint.exe (as Tammy
suggested). Our solution was to use Autoruns on a WinPE disk and remove the
virus entries sitting in the key.
If you could get someone else
We have a consent form they must sign for us to send a fax or mailing so we
could use that for emailing also. We can still send the data encrypted and give
them the password over the phone.
James
- Original Message -
From: paul d
To: NT System Admin Issues
Sent: Friday, May
Our phones didnt go down yesterday, I know that much, they dont handle our data
though.
- Original Message -
From: Chris Hamby
To: NT System Admin Issues
Sent: Friday, May 14, 2010 7:51 AM
Subject: Re: Paetec outage?
We had two customers go down yesterday afternoon from
Bob,
Given the number of disks you have to work with - that is probably the
config I would use.
My only 'concern' would be performance of the RAID5 for backups - RAID5
isn't optimal for write-intensive applications.
But...unless you can scare up another disk so you can go 0+1 for the
I can do basically anything with the disks... For the backups I was looking
for redundancy with less disks, rather than speed, but I can use any
combination.
From: Jim Holmgren [mailto:jholmg...@xlhealth.com]
Sent: Friday, May 14, 2010 9:21 AM
To: NT System Admin Issues
Subject: RE: SharePoint
Agree, maybe just mirror the backup volume, and the extra drive can be a hot
spare if your raid/cabinet support that feature ?
Erik Goldoff
IT Consultant
Systems, Networks, Security
' Security is an ongoing process, not a one time event ! '
From: Jim Holmgren
Given the number of disks... Do you think I don't have enough? I can chain
another array with same number of disks and space. (I have the equipment)
BF
From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Friday, May 14, 2010 9:29 AM
To: NT System Admin Issues
Subject: RE: SharePoint - SQL
Does local include Winnipeg?
On Thu, May 13, 2010 at 10:27 PM, greg.swe...@actsconsulting.net wrote:
I need to talk to 4 or 5 local admins in the Tampa/Clearwater area. PST
me off list. Very cool..
Thx
Greg Sweers
~ Finally, powerful endpoint security that ISN'T a resource
A course of action that is reasonable and doable. Most of the responses in this
thread are knee jerk over thinking of the issue. The sheer fact that you can
fax a piece of PHI (fax transmissions aren't encrypted last time I checked) to
a secure location should give you some idea of what's
That's pretty hard to say without knowing the expected load on the system, as
well as the expectations of the business with regards to performance and
availability.
If you want to go all-out, connect up that other array and split everything out
per the link I sent in my previous message.
Well, my initial reasoning was that if it was Virut, it would have taken
up residence in winlogon.exe and compromised the normal login function.
Why and how the a/v (Comodo /w sandbox) missed the initial appearance
needs to be investigated but it could also have been the a/v itself,
deleting
On Thu, May 13, 2010 at 8:25 PM, Peter van Houten peter...@gmail.com wrote:
Good idea (KVM) but even that would floor them technically!
Going forward, then, you may want to equip the system with one when
you get hands-on to fix the current problem. That will at least make
things easier in the
I keep getting notices from Vipre that one or another machine has cleaned an
email of a known bad URL, but it never really gives me any more info. Should
I be worried that this stuff is getting past our spam/virus filters? Also,
is this *really* cleaning a bad URL or is Vipre overreacting?
Classification: UNCLASSIFIED
Caveats: FOUO
+1 on that answer. I had that happen to my daughter's laptop. Between the
infection and cleaning up the infection with Vipre Rescue that value had gotten
blown away. I put that value back I and I was back in business.
-Original Message-
From:
All too true, John.
And not just small offices either. CMS has a page that links breaches
involving more than 500 people. I'm amazed at the number of incidents
involving laptops that were stolen whose data was unencrypted.
From: john.c...@pfsf.org
To: ntsysadmin@lyris.sunbelt-software.com
If VIPRE removed a URL from an email that means it was in our bad list from
Threat Track. VIPRE was most likely not over-reacting. Which spam filter do you
use?
Thanks,
Jeff Cain
Technical Support Analyst
Sunbelt Software
Email: supp...@sunbeltsoftware.commailto:supp...@sunbeltsoftware.com
Running behind on my ntsysadmin reading, but we use sign it from
www.cic.com to sign PDF contract docs. They might have something for ms
word.
hth, Devin
On Wed, Apr 28, 2010 at 1:46 PM, James Kerr cluster...@gmail.com wrote:
Can anyone recommened a inexpensive USB signature pad for signing
Our ISP has a RedCondor appliance that they run our email through. Guess I
ought to advise them that we're getting bad URLs through the filter. Also,
I'm getting more notifications of bad scripts blocked on previously good
sites. Would that mean that the site was likely hacked and a bad applet
Your ISP may not use the same bad-URL lists that Threat Track does. The bad
scripts could certainly be a hijacked website. I've seen many more of these
lately. Those iFrame droppers can be nasty.
Thanks,
Jeff Cain
Technical Support Analyst
Sunbelt Software
Email:
Honestly, I am not amazed that the laptops was stolen and there was PHI/PII on
them unencrypted. This along with unencrypted memory sticks are two of the
biggest culprits and now would follow under the breach notifications, along
with HITECH ACT, and the teeth it gave to HIPAA, it will probably
Yeah. I was reading something about that the other day, how the malware
operators would hijack an innocent website and inject a hostile applet. What
can you do about that, other than notifying the website operator?
John-AldrichTile-Tools
From: Jeff Cain [mailto:je...@sunbelt-software.com]
That really is about it. Those droppers are usually drive by sometimes you
never even know until VIPRE says Oh hi. I found this bad thing trying to run
(paraphrased). :)
Incidentally most of the droppers I've run into have been that fake AV scan (an
image of My Computer faked to look like
They do have Sign it for word.
From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Friday, May 14, 2010 10:26 AM
To: NT System Admin Issues
Subject: Re: sig pad for Word
Running behind on my ntsysadmin reading, but we use sign it from
www.cic.comhttp://www.cic.com to sign PDF contract docs.
OK, so I was just reminded how much I really dislike IBM's websiteagain.
I have a list of model types and serial numbers for some xSeries gear and I
need to look up the specs of these boxes. Can someone shoot a link where this
IBM tool is, as my IBM website-foo apparently stinks like hot
This?
http://www-947.ibm.com/systems/support/
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764
From: Andy Shook [mailto:andy.sh...@peak10.com]
Sent: Friday, May 14, 2010 9:12 AM
To: NT System Admin Issues
Subject: IBM server spec lookup
I work for a company and we fall under HIPAA. If my laptop is not
encrypted I am fired. That's a fairly clear and well known fact where
I work. All laptops will absolutly be encrypted. Period. Even the
'loaner' one that is checked out for presentations and has no data on
it ;)
Now as to the
BTDT, that's for software updates n' such...keep trying. :)
Shook
From: David Lum [mailto:david@nwea.org]
Sent: Friday, May 14, 2010 12:25 PM
To: NT System Admin Issues
Subject: RE: IBM server spec lookup
This?
http://www-947.ibm.com/systems/support/
David Lum // SYSTEMS ENGINEER
NORTHWEST
On 14 May 2010 at 15:54, Peter van Houten wrote:
Due to the change of government in the UK, the crisis has been averted and I
have the luxury of inspecting the damage myself next week. I would, however
still like to access the system remotely and since last night have Nessus
trying to find
It is not necessary for a previously good site to have been hacked to
serve up badness, though that's possible.
One other way is that a site might unknowingly sell advertising to
someone operating under a false flag - that is, pretending to be a
legitimate company, but in actuality being a nasty
Are you using DPM to backup SharePoint? In which case the DB backup LUN is not
required. DPM will backup SQL Server DBs and index the content via the
SharePoint WFE.
Cheers
Ken
From: Bob Fronk [mailto:b...@btrfronk.com]
Sent: Friday, 14 May 2010 9:04 PM
To: NT System Admin Issues
Subject:
Yes Using DPM, but I like the extra protection since it is so little disk
cost! Can't have too many backups!
From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Friday, May 14, 2010 2:22 PM
To: NT System Admin Issues
Subject: RE: SharePoint - SQL Backend setup
Are you using DPM to
I once used the mmc console to connect to the computer and turn on telnet.
Another person used the UBCD and had the user copy off the files.
A couple of times I used the UBCD, it automatically picked up the ip
address. If UBCD automatically picks up the ip address, you might be
able to remote
Last time I did this I just googled the model number and specifications.
Some of the hits came from vendors, but they had PDFs from IBM.
Jeff
On Fri, May 14, 2010 at 12:11 PM, Andy Shook andy.sh...@peak10.com wrote:
OK, so I was just reminded how much I really dislike IBM’s
website….again.
I think that may have to do with phishing caught in emails. But I yet to see
the script warning. Does vipre premium notify you when a user goes go to
a malicious site.
On Fri, May 14, 2010 at 1:07 PM, Kurt Buff kurt.b...@gmail.com wrote:
It is not necessary for a previously good site to have
Restoring SharePoint databases unless they are all internally inconsistent
isn't supported (which also applies to the built-in stsadm backup
functionality) - which is why SharePoint specific backup products proliferate.
That said, unless your load is very high, taking a regular SQL Server
I have a problem with the inhibit the users from doing their work
argument. Yes, it sounds all business savvy and whatnot, but it doesn't
always address certain realities. There is a reason that we tell people
not to run with scissors, even though it slows them down and inhibits their
work.
It's amazing what fear will do and allow senior management to make
insane unreasonable policies with stuff that add significantly to the
overhead of doing work.
You can balance reasonableness without going bonkers.
Steven
On Fri, May 14, 2010 at 12:21 PM, Andrew S. Baker asbz...@gmail.com
So a bit of a change in direction - does endpoint security actually watch files
copied to internal network mapped drives and server shares or does it watch
USB, Optical, peer to peer and those types of transfers?
From what I hear about what we use, it mainly watches for usb or those types
of
Good Morning/Afternoon,
I'm looking for a little assistance with automating IP changes on several
hundred servers. The vast majority will be Windows 2003 but there may be
some Windows 2000 boxes mixed in there.
I'm going to need to change the DNS and WINS IP addresses on our servers
with static
Depends on the solution. There are products that will monitor and control
access to any connectivity, including USB and optical...
-ASB: http://XeeSM.com/AndrewBaker
On Fri, May 14, 2010 at 3:40 PM, Don Kuhlman drkuhl...@yahoo.com wrote:
So a bit of a change in direction - does endpoint
Good point,
I also think that technical controls, without the security awareness up
front and continous training of the work force, including the folks that
are responsible for implementing those controls, is one of the main
problems. Senior Management with Knee-Jerk reactions to adverse
Agreed. There needs to be sufficient communication of risk to make good
decisions about risk acceptance and mitigation, but it can't all be scare
tactics. (And the execs in question need to take the time to understand)
-ASB: http://XeeSM.com/AndrewBaker
On Fri, May 14, 2010 at 4:29 PM,
Thus different levels of security awareness and different types of
training, execs need a certain type of training, to address the
realities they are facing, and managers need to see what affects them
day to day, and the users, need to be aware at another level.
Understanding of your business and
I thought the hotmail reference was a total joke. protecting information,
not having ID put together with personal medical information is only part of
the equation. It is a violation to send pki over the internet CLEAR TEXT,
which I believe anything sent to or from a hotmail account would fall
Well what if you encrypted the data? ie: password protected zip file, then I
dont believe you have a violation.
- Original Message -
From: Jeff Brown
To: NT System Admin Issues
Sent: Friday, May 14, 2010 5:30 PM
Subject: Re: HIPAA Question
I thought the hotmail reference
Have you looked on the Microsoft Scripting Guys site yet? I seem to
remember seeing some mention of one there at one point in time.
Jon
On Fri, May 14, 2010 at 3:42 PM, Sean Martin seanmarti...@gmail.com wrote:
Good Morning/Afternoon,
I'm looking for a little assistance with automating IP
It depends if you choose Use enhanced security (SSL) when signing into
Hotmail or not :-)
--
Peter van Houten
On the 14 May, 2010 23:30, Jeff Brown wrote the following:
I thought the hotmail reference was a total joke. protecting
information, not having ID put together with personal medical
I walked by twice on the way to the ball park, does that count? I snuck
up on Brandon Shell Wed night and surprised him pretty good and told him
to say hi to you
From: Webster [mailto:webs...@carlwebster.com]
Sent: Friday, May 07, 2010 8:42 PM
To: NT System Admin Issues
Subject: Citrix
This is fairly easy to do with WMI. You just want to iterate through the
IPEnabled adapters collection and there are methods to stamp WINS and DNS
servers. I'd suggest inspecting the current settings and using that data to
decide whether you stamp or not.
WINS is a simple primary/secondary
What Kaiser does is email you that your test results are ready. You then
have to log into Kaiser's website to view the results.
Would that be acceptable for the patient?
From: James Kerr [mailto:cluster...@gmail.com]
Sent: Thursday, May 13, 2010 12:22 PM
To: NT System Admin Issues
Any reason to have static? Consider DHCP with reservations so this
kind of transition could be managed centrally in the future? As long
as your rolling out the script you could have it switch from static to
dynic and be done. Of course all this is predicated on not having a
major reasons to be
Got a laptop running XP Pro. It's had some malware on it that has been
particularlly difficult to find. The only way I found it was to reboot into
safe mode, command-prompt only and run a scan on it. The malware was My Web
Search and one other (sorry, I don't recall.)
The laptop has one small
What brand is it?
On Fri, May 14, 2010 at 11:15 PM, John Aldrich jaldr...@blueridgecarpet.com
wrote:
Got a laptop running XP Pro. It's had some malware on it that has been
particularlly difficult to find. The only way I found it was to reboot into
safe mode, command-prompt only and run a
62 matches
Mail list logo