+1. Getting a port mirrored in an enterprise network is often a non-trivial exercise. Also consider if you've got servers in Elbonia - what are you going to mirror the port to?
I've been slowly migrating my WireShark preference to NetMon. The upshot there is you can actually get the trace without the tools installed locally on uplevel machines. Thanks, Brian Desmond [email protected] w - 312.625.1438 | c - 312.731.3132 From: Michael B. Smith [mailto:[email protected]] Sent: Sunday, December 11, 2011 8:10 PM To: NT System Admin Issues Subject: RE: things to include in a vm server template? I may have control of the servers. I don't necessarily have control of the network. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Crawford, Scott [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Sunday, December 11, 2011 8:53 PM To: NT System Admin Issues Subject: RE: things to include in a vm server template? I'm curious why you want wireshark on every server? It seems to just increase attack service unnecessarily. Any time I need to see the network traffic, I'd rather mirror the port on the switch or put a sniffer in-line. Not to say I'd *never* want it on the server; it just seems a bit extreme. Unless, of course, I'm unaware of something. Agree with everything else though. Especially the part about being unlikely to be smart than the computer, as well as the related idea on the blog not to just take random suggestions on the internet to move your system into a state of less commonality. From: Brian Desmond [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Saturday, December 10, 2011 4:53 PM To: NT System Admin Issues Subject: RE: things to include in a vm server template? Of all that, the only thing I would add is telnet and that's the one that's bundled with Windows. I do always install Netmon or Wireshark, however. I don't see why you would need any of those other things on a server and I certainly wouldn't load them. >From your guide: * Hust unchecking Ipv6 does little. If you really want to turn it off, you need to set DisabledComponents to 0xFFFFFFFF. * Twiddling with the Taskbar/Start menu preferences to your personal liking doesn't belong in an image. Additionally the settings are profile specific and you're going to get a new profile when you login. * Ditto playing with the notification area/system tray * IE ESC should be left ON for everyone. There's no reason to be surfing the web on a server * Playing with the IE homepage is again profile specific * Disabling indexing may break some applications that depend on it * No need to twiddle with the page file and put it on a separate drive that I can think of. Let the system manage it - you're unlikely to be smarter than the computer here. * SNMP - why not do this with Group Policy? Thanks, Brian Desmond [email protected]<mailto:[email protected]> w - 312.625.1438 | c - 312.731.3132 From: Jonathan [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Thursday, December 08, 2011 4:45 PM To: NT System Admin Issues Subject: things to include in a vm server template? Hi everyone! It has been a while....I've been quite busy and haven't had much time to do anything here other than occasionally lurk.... I'm in the midst of building some Server 2008 R2 and Windows 7 templates for my new vSphere 5 environment. I'm close to being done, but am thinking about tools i should include over and above the stock OS install. I'm interested to hear what you guys install when you build servers... For instance, perhaps things like: primopdf msinfo a telnet client, such as putty adobe reader (I'm torn on this one because of how many security concerns there are with Adobe Reader, historically, but it sure would be handy to be able to view a PDF on the fly) Portscanner, such as SuperScan or AngryIP I'm curious to hear about your add-ons and tweaks. I've already got the builds pretty well tweaked for performance, but if you have any specific tweaks that have been helpful, I'd love to hear those too. I used this as a sort of base guide: http://www.jasonsamuel.com/2010/05/07/how-to-build-a-vmware-vsphere-vm-template-for-windows-server-2008-r2/ I made a few of my own modifications, but didn't stray too far from this one. A lot of the tweaks and settings already in this made sense to me. Thanks, -- Jonathan, A+, MCSA, MCSE ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
