As a software engineer I would feel rather guilty to develop a system that was
that poor. I used to have a Citi credit card. I had better check it is no
long active.
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: 15 June 2011 04:36
To: NT System Admin Issues
No that's right, I really need to have access to the snapshots...so I do
not wish to remove them.
-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com]
Sent: 15 June 2011 03:54
To: NT System Admin Issues
Subject: Re: Move virtual machines to a new physical host - VMWare
What floors me is how sophisticated they are saying the attack is!
Honestly, this article makes me so angry!
http://www.nytimes.com/2011/06/14/technology/14security.html?_r=3
This is basic s**t! It's not APT. It's not sophisticated. It's
complete lack of good governance and due diligence.
I work with a guy who just suddenly upped and went home without a word about
half an hour ago. He has just telephoned me to let me know he has
successfully verified our secure email delivery procedure, by riding all the
way home on his bike, and confirming receipt of the email on his home PC.
Quote from that article:
The method is seemingly simple, but the fact that the thieves knew to focus on
this particular vulnerability marks the Citigroup attack as especially
ingenious, security experts said.
One security expert familiar with the investigation wondered how the hackers
could
Depends if he then submits a mileage claim or not :)
Bike = motorbike, or pedal? If the latter then double points to be awarded for
getting exercise while on company time.
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: 15 June 2011 11:17
To: NT System Admin Issues
Subject: OT:
Pedal bike. I wouldn't mind the chance to get away for a bit of exercise
during work time as well!
On 15 June 2011 11:27, Matthew B Ames matthew.a...@qinetiq.com wrote:
Depends if he then submits a mileage claim or not…. J
Bike = motorbike, or pedal? If the latter then double points to be
I noticed that where I work we can claim money for mile for cycling - trouble
is the 120 mile round trip to get to work by bike makes for rather a long day!
I have to make do with a lunchtime run when I am onsite, or a 20 mile mountain
bike when working from home in my lunch break.
Maybe he
That would be a great excuse...
2011/6/15 Matthew B Ames matthew.a...@qinetiq.com
I noticed that where I work we can claim money for mile for cycling –
trouble is the 120 mile round trip to get to work by bike makes for rather a
long day! I have to make do with a lunchtime run when I am
*As with Sony, one has to wonder where their priorities are with
data protection ..*
It's all about shareholder value, and the shareholders value profits
and dividends...
Plus, no one expects to be caught, or exposed, so it's not a problem
until it's a problem.
Until they suffer some real
Hmm - at the individual application development level, in a large org, no one
cares about shareholder value. The problem with large organisations is the huge
amount of effort required to get anything implemented. The application
development was probably outsourced, the infrastructure is handled
On Wed, Jun 15, 2011 at 12:19 AM, Ken Schaefer k...@adopenstatic.com wrote:
I doubt any fat cat bankers signed off, knowingly, on an insecure site.
I don't think they said make the site insecure, but they're the
ones responsible[1] for the security of their systems, and they're the
ones that
On Wed, Jun 15, 2011 at 7:39 AM, Ken Schaefer k...@adopenstatic.com wrote:
Hmm – at the individual application development level, in a large org, no
one cares about shareholder value.
That's why the people at the top need to be the ones pushing for
security. It can't be driven from the
On Wed, Jun 15, 2011 at 6:16 AM, James Rankin kz2...@googlemail.com wrote:
went home without a word about half an hour ago. He has just telephoned
me to let me know he has successfully verified our secure email delivery
procedure, by riding all the way home on his bike, and confirming receipt
You can push all you like. But it's not your area of expertise. So you rely on
other people to tell you that the app works well. Things will always still slip
through the cracks.
I'm not trying to excuse this - it looks pretty amateurish. But things always
go wrong in large IT shops.
Whether someone goes to Jail or not is up to the courts to decide, and
who is legally liable.
I agree most don't know the in's and outs of every site and system they
are supposed to be responsible for.
As for the web application attack, it was a trivial input validation
issue, which is covered
Sometimes these alerts just make me chuckle. Apparently I have a file server
that is 8171 years behind on logging events.
Last modified time: 6/15/2011 6:28:35 AM Alert description: The Windows Event
Log Provider monitoring the Application Event Log is 4294967294 minutes behind
in processing
I've had servers with uptimes measured in millennia, from time to time
On 15 June 2011 14:41, Kennedy, Jim kennedy...@elyriaschools.org wrote:
Sometimes these alerts just make me chuckle. Apparently I have a file
server that is 8171 years behind on logging events.
Last modified time:
Thou speakest truth...
My comment about shareholder value is aimed more at the fact that the
people that should be concerned about whether or not these things are
happening properly are not concerned enough to even ask those
questions, relative to any questions that would result in revenue
Probably. But some executive sponsor will ask is it secure? Did it pass the
security review?
Some PM, who knows nothing about IT, will answer yes
Some people, in the security group, who are expected to know everything about
every app (even though they might be experts with FWs and SIEMs and AV,
Well, we (collective we) have to stop giving them easy outs.
They find ways to make sure that they can use hot-off-the-presses
technology to get order entry or other more-direct-to-revenue projects
done, and heads roll appropriately for not getting it done on time.
That same approach can be
Plus, no one expects to be caught, or exposed, so it's not a problem until
it's a problem.
Indeed
Until they suffer some real penalties (huge SEC fine, real government
oversight, significant loss of customers, jail time for someone in senior
management), there will be little change.
Sadly, I concur.
*ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio)
Harnessing the Advantages of Technology for the SMB market...
On Wed, Jun 15, 2011 at 10:55 AM, Free, Bob r...@pge.com wrote:
Plus, no one expects to be caught, or exposed, so it's not a problem until
it's a
If that were the case, I would rather not waste any time riding a bike
home..
Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x
I've just noticed that all of our 2008 R2 servers have a permissions set
applied to users on an NTFS level that, as well as the standard *
Read/Execute*, gives them a couple of Special permissions - *Create
Files/Write Data* and *Create Folders/Append Data*. Is this normal? And if
so what purpose
Yeah. You wouldn't want to spend half an hour on a bike then just get on
another one :-0
On 15 June 2011 16:16, Guyer, Don don.gu...@fiserv.com wrote:
If that were the case, I would rather not waste any “time” riding a bike
home..
*Don Guyer*
Windows Systems Engineer
Not normal, to me.
Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com http://www.fiserv.com/
From: James Rankin
Just to point out the obvious - Citi are FS, ie. they are heavily
regulated. This is not optional or something that an Exec might choose
to bother with. It's absolutely mandatory and explicitly defined and
they would have a large Information Security team, a governance and/or
compliance team and
How's about I answer my own question (again) :-)
*normal users are allowed, by default, to create subfolders and add
content to these folders from the root of the system drive in Windows Server
2008. This functionality was provided to members of the users group on
Windows Server 2008 because
I bow to your greater experience :)
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: 15 June 2011 16:16
To: NT System Admin Issues
Subject: Re: [OT]: I.T. idiots
Yeah. You wouldn't want to spend half an hour on a bike then just get on
another one :-0
On 15 June 2011 16:16, Guyer, Don
May be in scope for PCI
Hell, our company is 100x smaller and we are well in scope.
J
Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax:
Might be default, but shouldn't stay configured that way.
Don Guyer
Windows Systems Engineer
RIM Operations Engineering Distributed - A Team, Tier 2
Enterprise Technology Group
Fiserv
don.gu...@fiserv.com
Office: 1-800-523-7282 x 1673
Fax: 610-233-0404
www.fiserv.com
I agree, particularly in a Terminal Services environment. But I have just
checked a 2003 R2 server and found the same thing. However - we are
currently rolling out an Application whitelisting solution here (which is
moving far slower than I would like) and I think this is the reason why I
have not
Can't you collapse the snapshot chain? Snapshots are not meant to run for an
extended time, but to simply provide a way of backing out of a change in case
it goes horribly wrong.
Mark Robinson mark.robin...@cips.org 6/14/2011 2:50 PM
Thanks Scott. Yes that's what I thought! However I've
Truck Masters I think it is….might need that.
From: Daniel Rodriguez [mailto:drod...@gmail.com]
Sent: Tuesday, June 14, 2011 4:14 PM
To: NT System Admin Issues
Subject: Re: OT: Capturing video from YouTube?
Hey, Mav. Do you still have that business card for that Truck Driving School?
On
Ummm...?
If you remove them, they get incorporated into the base image. You will
generally need to do this before moving them. Maintaining snapshots for any
length of time in a vmware environment really isn't a good practice.
Steven Peck
http://www.blkmtn.org
On Wed, Jun 15, 2011 at 1:39 AM,
We keep snapshots for as little time as possible. Try restoring an old
snapshot to anything that is AD-integrated, and watch the fun commence.
On 15 June 2011 16:38, Steven Peck sep...@gmail.com wrote:
Ummm...?
If you remove them, they get incorporated into the base image. You will
generally
IIRC I was moving a VM to a different SAN recently and it balked because there
was a snapshot of the server (which I had totally forgotten about) and it took
a very long time to delete it.
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Wednesday, June 15, 2011 11:41 AM
To: NT System
Yep, that's because once you start the snapshot, all changes to the guest go
into the snapshot, which can make them extremely huge. I bet there was a
significant reduction in space used on your SAN when you collapsed the snapshot.
John Cook john.c...@pfsf.org 6/15/2011 9:07 AM
IIRC I was
On 8 Jun 2011 at 9:53, Zvonimir Bilic wrote:
Check out SysAid free edition. Supports up to two administrators, 100
assets, and 100 end users.
http://www.ilient.com/free-edition.htm
I was going to suggest Spiceworks, which but I also believe that the Angryziber
IPSCAN program
Corporation, n. An ingenious device for obtaining individual profit
without individual responsibility. -Ambrose Bierce
On Wed, Jun 15, 2011 at 7:30 AM, Andrew S. Baker asbz...@gmail.com wrote:
*As with Sony, one has to wonder where their priorities are with
data protection ..*
It's all
On 9 Jun 2011 at 18:42, Ben Scott wrote:
If you want to use MS Windows, they sell these devices that plug
between the hard drive and the host adapter, and block all write
commands, making the drive effectively read-only.
I think I would want to use one of these anyway. Got a link or a
If USB drives are all you need to examine, you can do it for free with a
single registry entry.
http://motersho.com/blog/index.php/2010/02/15/howto-set-usb-drive-to-read-only-windows-xpvista7/
On Wed, Jun 15, 2011 at 1:25 PM, Angus Scott-Fleming angu...@geoapps.comwrote:
On 9 Jun 2011 at
Have a VM (ESX3.5) that has begun to BSOD with a PAGE_FAULT_IN_NONPAGED_AREA
that I'm trying to figure out. Every crash has been win32k.sys referencing
memory that doesn't appear to be allocated to a process.
3 out of 4 crashes has been the same address, bda40b20 though the calling
process had
Pool tagging won't help (it's actually enabled by default in 2003+), but, you'd
probably want to have special pool enabled. You can enable it on a per driver
basis, I'd do all 3rd party drivers. There is certainly a perf hit involved to
some extent. If you're not going to do this, your chances
This is true - there is a registry setting that will prevent USB writes from
within Windows, but that CAN be unreliable. Also, it is an all or nothing
setting for USB devices - not ideal. Besides,the OS isn't the only thing
capable of writing to a drive
I've learned a lot in the past week
Just an FYI, the latest Acrobat Standard 9.4.5 update broke the ability to
select multiple pages for Insert/Delete/Extract.
Affected all our users :( We rely on that ability heavily.
FYI if you use these products.
-Sam
~ Finally, powerful endpoint security that ISN'T a resource hog!
Thanks, passed on to the powers that be...
David
On Wed, Jun 15, 2011 at 2:35 PM, Sam Cayze sca...@gmail.com wrote:
Just an FYI, the latest Acrobat Standard 9.4.5 update broke the ability to
select multiple pages for Insert/Delete/Extract.
Affected all our users :( We rely on that ability
I'm planning on being there. Those meetings are usually pretty good.
...Tim
From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, June 15, 2011 7:12 AM
To: NT System Admin Issues
Subject: Pacific NW folks: Office 365 presentation at WNUG meeting in July
Any Seattle-area folks going to
Thanks Brian, that's what I meant to say :-)
I'd done this once before to troubleshoot a misbehaving driver, but forgot
the correct term. Spent some time this afternoon re-reading Mark
Russinovich's blog to refresh my memory on how Windows manages and realized
that was probably the only way to
50 matches
Mail list logo
