oh, why are you including a telnet client? You can enable the MS telnet client natively in the build.
On Fri, Dec 9, 2011 at 8:49 AM, Steven Peck <[email protected]> wrote: > We put Microsoft Netmon and PowerShell v2 on those that don't have v2 > natively and have a GPO to enable remoting. Netmon updates with > SCCM/Windows Update and the remoting provides access. We actively hunt > down people who put PDF readers on servers and yell at them as it's just > one more darn thing that simply doesn't need to be there. > > Steven Peck > http://www.blkmtn.org > > > > On Fri, Dec 9, 2011 at 8:35 AM, David Lum <[email protected]> wrote: > >> Any app that gets updated regularly for security updates (a PDF reader, >> etc) I wouldn’t have on my template – have a GPO or something push them >> once the server is built and online. The less places you have to keep >> something up to date the better.**** >> >> ** ** >> >> Dave**** >> >> ** ** >> >> *From:* John Cook [mailto:[email protected]] >> *Sent:* Friday, December 09, 2011 7:49 AM >> >> *To:* NT System Admin Issues >> *Subject:* RE: things to include in a vm server template?**** >> >> ** ** >> >> I don’t install anything that isn’t absolutely necessary so I don’t have >> any PDF reader or other third party apps in my template (I don’t put a PDF >> reader on any server for that matter but that’s a personal preference just >> like not browsing the web with a server). I also don’t disable IPV6, it >> breaks a lot of things and it can easily be turned off after the fact if >> there is an issue with it. I go very basic, all Windows updates and AV and >> I convert it to a VM occasionally to run updates and return it to template >> state.**** >> >> ** ** >> >> *John W. Cook***** >> >> *System Administrator***** >> >> *Partnership For Strong Families* >> >> *5950 NW 1st Place* >> >> *Gainesville, Fl 32607* >> >> *Office (352) 244-1610***** >> >> *Cell (352) 215-6944***** >> >> *MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4***** >> >> ** ** >> >> *From:* Jonathan [mailto:[email protected]] >> *Sent:* Friday, December 09, 2011 10:43 AM >> *To:* NT System Admin Issues >> *Subject:* Re: things to include in a vm server template?**** >> >> ** ** >> >> Like I said, I was torn about Adobe Reader, but you're saying PrimoPDF is >> an issue as well? Why? What vulnerability/ies does PrimoPDF expose to your >> environment?**** >> >> ** ** >> >> Jonathan**** >> >> On Thu, Dec 8, 2011 at 6:35 PM, Sam Cayze <[email protected]> wrote:**** >> >> My list:**** >> >> Common scripts folder I use a lot**** >> >> A LogOff icon in the QuickLaunch. **** >> >> Bginfo (Altough I have a GPO doing this now).**** >> >> A DR Tools Folder. (Random tools I have found myself using when doing >> test DR Restores. Great if you restored but are stuck in safe mode or >> something)**** >> >> **** >> >> Everything else is run off a network share so I only have to update one >> location**** >> >> **** >> >> **** >> >> Oh, and seriously get those PDF tools OFF your servers.**** >> >> **** >> >> Sam**** >> >> **** >> >> **** >> >> *From:* Jonathan [mailto:[email protected]] >> *Sent:* Thursday, December 08, 2011 4:45 PM**** >> >> >> *To:* NT System Admin Issues**** >> >> *Subject:* things to include in a vm server template?**** >> >> **** >> >> Hi everyone!**** >> >> **** >> >> It has been a while....I've been quite busy and haven't had much time to >> do anything here other than occasionally lurk....**** >> >> **** >> >> I'm in the midst of building some Server 2008 R2 and Windows 7 templates >> for my new vSphere 5 environment. I'm close to being done, but am thinking >> about tools i should include over and above the stock OS install. I'm >> interested to hear what you guys install when you build servers...**** >> >> **** >> >> For instance, perhaps things like:**** >> >> **** >> >> primopdf**** >> >> msinfo**** >> >> a telnet client, such as putty**** >> >> adobe reader (I'm torn on this one because of how many security concerns >> there are with Adobe Reader, historically, but it sure would be handy to be >> able to view a PDF on the fly)**** >> >> Portscanner, such as SuperScan or AngryIP**** >> >> **** >> >> I'm curious to hear about your add-ons and tweaks. I've already got the >> builds pretty well tweaked for performance, but if you have any specific >> tweaks that have been helpful, I'd love to hear those too. I used this as a >> sort of base guide:**** >> >> **** >> >> >> http://www.jasonsamuel.com/2010/05/07/how-to-build-a-vmware-vsphere-vm-template-for-windows-server-2008-r2/ >> **** >> >> **** >> >> I made a few of my own modifications, but didn't stray too far from this >> one. A lot of the tweaks and settings already in this made sense to me.** >> ** >> >> **** >> >> Thanks,**** >> >> -- >> Jonathan, A+, MCSA, MCSE**** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin**** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin**** >> >> >> >> **** >> >> ** ** >> >> -- >> Jonathan, A+, MCSA, MCSE**** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin**** >> >> ** ** >> ------------------------------ >> >> CONFIDENTIALITY STATEMENT: The information transmitted, or contained or >> attached to or with this Notice is intended only for the person or entity >> to which it is addressed and may contain Protected Health Information >> (PHI), confidential and/or privileged material. Any review, transmission, >> dissemination, or other use of, and taking any action in reliance upon this >> information by persons or entities other than the intended recipient >> without the express written consent of the sender are prohibited. This >> information may be protected by the Health Insurance Portability and >> Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. >> Improper or unauthorized use or disclosure of this information could result >> in civil and/or criminal penalties. >> Consider the environment. Please don't print this e-mail unless you >> really need to. >> >> **** >> >> This email and any attached files are confidential and intended solely >> for the intended recipient(s). If you are not the named recipient you >> should not read, distribute, copy or alter this email. Any views or >> opinions expressed in this email are those of the author and do not >> represent those of the company. Warning: Although precautions have been >> taken to make sure no viruses are present in this email, the company cannot >> accept responsibility for any loss or damage that arise from the use of >> this email or attachments.**** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin**** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
