Re: [NTSysADM] Welcome a brand new CTP to the family

[Erik Goldoff]

Kudos!

On Thu, Feb 1, 2018 at 9:07 AM, Webster  wrote:

> Our very own James Rankin is a brand-new CTP. Welcome to the family James.
>
>
>
> https://www.citrix.com/blogs/2018/02/01/welcome-ctp-class-of-2018/
>
> https://www.citrix.com/community/ctp/awardees.html
>
>
>
> Thanks
>
>
>
>
>
> Carl Webster
>
> Citrix Technology Professional Fellow | iGel Tech Community Insider |
> Parallels VIPP
>
> http://www.CarlWebster.com
> 
>
> The Accidental Citrix Admin
>
>
>

Re: [NTSysADM] Sys Log Servers

[Erik Goldoff]

you could throw a free (kiwi?) syslog at each site to benchmark log data
size, and that could help you determine if it's ok to cross the WAN or not.

On Thu, Dec 21, 2017 at 9:03 AM, CSSU NetAdmin 
wrote:

> I am looking for suggestions for sys log servers. Are any able to work
> across a WAN or do we need one for each of our LAN's?
>
> Thank you for any ideas.
>

Re: [NTSysADM] VDI options

[Erik Goldoff]

in the last few years, I've seen an almost equal mix of VMware Horizon and
Citrix (Xen ?) and have not run across Jentu at all.  My customers range
from local government to major private enterprise, from 5,000 desktops to
over 150,000 desktops.  Doesn't answer your request for info directly, but
might tangentially help.
Erik

On Thu, Dec 14, 2017 at 11:21 AM, Heaton, Joseph@Wildlife <
joseph.hea...@wildlife.ca.gov> wrote:

> I know there are tons of options for VDI out there today.  I’m asking what
> you guys are using, and why.
>
>
>
> We are a VMWare shop, running ESXi 5.5, but don’t own licensing for
> Horizon.  That is currently the front-runner for the VDI project.
>
>
>
> I have looked at Jentu, very briefly, and while it sounds awesome, there’s
> not a whole lot of info on how it does what it claims to do.
>
>
>
> I think Citrix would be a non-starter, due to licensing, but I haven’t
> looked at Citrix in over 10 years, so if something has changed, I’d love to
> be enlightened.
>
>
>
> Thanks for any and all input,
>
>
>
> Joe Heaton
>
> Information Technology Operations Branch
>
> Data and Technology Division
>
> CA Department of Fish and Wildlife
>
> 1700 9th Street, 3rd Floor
>
> Sacramento, CA  95811
>
> Desk:  916-323-1284 <(916)%20323-1284>
>
>
>

Re: [NTSysADM] SQL Server 2012 R2 ISO download

[Erik Goldoff]

Tech Net was pretty much phased out as it used to be, about 5 years or more
ago.  Software ISOs now should be available via MSDN.  But those as were
Technet's only for non-production use.  You should contact Microsoft if you
simply need the install 'media' for an existing license.

On Tue, Dec 12, 2017 at 3:42 PM, Michael Leone  wrote:

> I apologize for the stupid question. I'm looking to download an ISO of
> SQL Server 2012 R2 (STD and ENT), preferably with SP3 pre-installed.
> The ISOs I currently have already have a license key (it's pre-filled
> in, when I execute the installer).
>
> I've never downloaded a SQL ISO like that, my old boss used to do it.
> Where does one download something like that? I've signed into Tech
> Net, but all I see are evaluation versions. Do I need to download one
> of these, and then just apply my license, and - later - the SP I want?
>
> Thanks
>
>
>

Re: [NTSysADM] DBA question

[Erik Goldoff]

this sounds more like
a)  I don't want to
  or
b)  I don't want to pay for this
   instead of
c) it cannot be done

Best Practice for Security and Auditing should be a topic for discussion,
especially considering your statement of dealing with 'highly sensitive
data".  Also should be raised through the chain of command, for support or
risk acceptance by high level management, IMNSHO

Erik

On Tue, Dec 5, 2017 at 12:10 PM, Tom Miller  wrote:

> Hi All,
>
> I have a question regarding Oracle DBA database level access.
>
> The DBA lead where I work states that it is nonsensical for individual
> DBAs to use a name DBA-admin account for them.  This is a potential issue:
> we are dealing with highly sensitive data and even within the DBA staff
> group, we want to restrict access, if possible.  We use logging, but
> triggering an access to particular tables would not be too helpful, as it
> would only tell us that the DBA account access them.
>
> Anyone have any thoughts or suggestions?
>
> Thanks,
> Tom
>

Re: [NTSysADM] OS in the CPU

[Erik Goldoff]

I'm up in Gwinnett (Duluth), what part of town are you in ?

On Mon, Nov 27, 2017 at 1:20 PM, Melvin Backus <melvin.bac...@byers.com>
wrote:

> The offer’s good to you as well, or anyone else on the list for that
> matter. If you’re in or passing through, any excuse for a brew is a good
> excuse. J  (As if there’s ever really a need for one)
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Erik Goldoff
> *Sent:* Monday, November 27, 2017 12:28 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* Re: [NTSysADM] OS in the CPU
>
>
>
> cool, another in the ATL :D
>
>
>
> On Mon, Nov 27, 2017 at 11:34 AM, Melvin Backus <melvin.bac...@byers.com>
> wrote:
>
> My condolences on your current position. I highly recommend you find other
> employment, unless of course you enjoy that level of abuse, in which case,
> you’ve obviously found exactly the right place.  I realized there are
> places that operate in the mode you’ve described. I’m also aware there are
> many more that do not. Usually the ones that do tend to have an extremely
> high turnover rate because of it.  Of course that’s all just my experience,
> your mileage may vary.
>
>
>
> Feel free stop by if you’re in the Atlanta area and we can have a brew and
> discuss the matter to no end if you like. J
>
>
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *john.matte...@gmail.com
> *Sent:* Monday, November 27, 2017 11:18 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> And ten minutes after you’ve given your notice, you’re marched out of the
> building by two security goons, or the local constabulary with the comment
> from management, “We’ll pack your things and ship them to you.”
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Kennedy,
> Jim
> *Sent:* Monday, November 27, 2017 8:56 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> It matters to management when you give your 2 week notice, which is
> exactly what I would do if they treated me as you described. Any of us that
> are half way decent can find a new better higher paying gig just by picking
> up the phone on the drive home.
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *
> john.matte...@gmail.com
> *Sent:* Saturday, November 25, 2017 5:23 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> Since when does that matter to management? We’re all barely evolved pond
> scum as far as management goes when things are going right. When the
> environment blows up due to a zero day, or an undiscovered vulnerability
> and management is looking for retribution, IT people are the first to feel
> the axe on their necks.
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Melvin
> Backus
> *Sent:* Tuesday, November 21, 2017 1:01 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> And if the current stats are even close to accurate there are something
> like 20 unfilled cybersecurity jobs at the moment with only about 2
> qualified people to fill them, and the unfilled numbers are growing faster
> than the qualified people.  That would lead me to think that the ‘career
> ending event’ would actually be a gateway to a new job where they probably
> understand that you can’t possibly catch everything, particularly
> heretofore unknown things.
>
>
>
> How’s that saying go?  You can’t know what you don’t know.
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Andrew S.
> Baker
> *Sent:* Tuesday, November 21, 2017 11:43 AM
> *To:* ntsysadm <ntsysadm@lists.myitforum.com>
> *Subject:* Re: [NTSysADM] OS in the CPU
>
>
>
> Sur

Re: [NTSysADM] OS in the CPU

[Erik Goldoff]

cool, another in the ATL :D

On Mon, Nov 27, 2017 at 11:34 AM, Melvin Backus 
wrote:

> My condolences on your current position. I highly recommend you find other
> employment, unless of course you enjoy that level of abuse, in which case,
> you’ve obviously found exactly the right place.  I realized there are
> places that operate in the mode you’ve described. I’m also aware there are
> many more that do not. Usually the ones that do tend to have an extremely
> high turnover rate because of it.  Of course that’s all just my
> experience, your mileage may vary.
>
>
>
> Feel free stop by if you’re in the Atlanta area and we can have a brew and
> discuss the matter to no end if you like. J
>
>
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *john.matte...@gmail.com
> *Sent:* Monday, November 27, 2017 11:18 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> And ten minutes after you’ve given your notice, you’re marched out of the
> building by two security goons, or the local constabulary with the comment
> from management, “We’ll pack your things and ship them to you.”
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com ] *On Behalf Of *Kennedy,
> Jim
> *Sent:* Monday, November 27, 2017 8:56 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> It matters to management when you give your 2 week notice, which is
> exactly what I would do if they treated me as you described. Any of us that
> are half way decent can find a new better higher paying gig just by picking
> up the phone on the drive home.
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com ] *On Behalf Of *
> john.matte...@gmail.com
> *Sent:* Saturday, November 25, 2017 5:23 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> Since when does that matter to management? We’re all barely evolved pond
> scum as far as management goes when things are going right. When the
> environment blows up due to a zero day, or an undiscovered vulnerability
> and management is looking for retribution, IT people are the first to feel
> the axe on their necks.
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com ] *On Behalf Of *Melvin
> Backus
> *Sent:* Tuesday, November 21, 2017 1:01 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] OS in the CPU
>
>
>
> And if the current stats are even close to accurate there are something
> like 20 unfilled cybersecurity jobs at the moment with only about 2
> qualified people to fill them, and the unfilled numbers are growing faster
> than the qualified people.  That would lead me to think that the ‘career
> ending event’ would actually be a gateway to a new job where they probably
> understand that you can’t possibly catch everything, particularly
> heretofore unknown things.
>
>
>
> How’s that saying go?  You can’t know what you don’t know.
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com ] *On Behalf Of *Andrew S.
> Baker
> *Sent:* Tuesday, November 21, 2017 11:43 AM
> *To:* ntsysadm 
> *Subject:* Re: [NTSysADM] OS in the CPU
>
>
>
> Sure, but there are lots of ways to lose jobs -- many of which have
> nothing to do with your own personal actions.
>
>
>
> InfoSec currently lends itself more to employment than unemployment.
>
>
> Regards,
>
>  *ASB*
>
>
>
>
>
> On Mon, Nov 20, 2017 at 12:05 PM, Jonathan Link 
> wrote:
>
> More like job insecurity. Missing an exploit might be a career ending
> event, even if it is heretofore an unknown exploit.
>
>
>
> On Mon, Nov 20, 2017 at 11:54 AM Melvin Backus 
> wrote:
>
> Some call them opportunities, we in IT call them job security. J
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> ¯\_(ツ)_/¯
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kurt Buff
> *Sent:* Monday, November 20, 2017 11:34 AM
> *To:* ntsysadm 
> *Subject:* Re: [NTSysADM] OS in the CPU
>
>
>
> There are always more problems:
>
> https://www.thezdi.com/blog/2017/10/04/vmware-escapology-
> how-to-houdini-the-hypervisor
>
> https://www.youtube.com/watch?v=uRemWLNBSZg
>
>
>
> On Mon, Nov 20, 2017 at 8:05 AM, Andrew S. Baker 

Re: [NTSysADM] WOW!!! I had no idea I was going to be honored

[Erik Goldoff]

nice to be recognized, congrats!

Erik

On Tue, Oct 24, 2017 at 12:17 PM, Webster  wrote:

> https://www.citrix.com/blogs/2017/10/24/announcing-ctp-fellow-award-a-new-
> classification/
>
>
>
> Deeply, deeply humbled and honored
>
>
>
> Thanks
>
>
>
>
>
> Carl Webster
>
> Citrix Technology Professional | iGel Tech Community Insider | Parallels
> VIPP
>
> http://www.CarlWebster.com
> 
>
> The Accidental Citrix Admin
>
>
>
>
>

Re: [NTSysADM] This pleases me...

[Erik Goldoff]

thanks... and no, I did not pass exam.
and yes, INDEX was stressed for GCIH.
I've got a spreadsheet with index about 90% complete already based on the
books from my class.

On Wed, Oct 11, 2017 at 8:05 PM, Richard Stovall <rich...@gmail.com> wrote:

> I think, and I could be wrong, but I think that if you pass a GIAC exam
> and stay current, you are entitled to updated books.  In your case with
> GCIH, you'd have to pay for the cert attempt and use the books you've got.
> I don't have the GCIH yet, but for GIAC the index is everything.
> EVERYTHING.  (Did I mention that the index is everything?)
>
>
>
> On Sat, Oct 7, 2017 at 11:48 AM, Erik Goldoff <egold...@gmail.com> wrote:
>
>> yeah, I took SANS SEC504 a couple years ago, prep for GCIH, but never got
>> around to testing.  Wonder if my materials are still valid for the exam.
>>
>> maybe I should start with this one you did, and leverage back to GCIH?
>> FWIW, the SEC504 class was fun, if not a bit brain melting at times (I'm
>> weaker on the Linux side) and our team won the challenge coin on the
>> capture the flag even the last day.
>> I don't think any single one of us could have completed the entire
>> challenge, took the combined knowledge and skills of all four of us.
>>
>> Thanks, and congrats
>>
>>
>> On Sat, Oct 7, 2017 at 10:58 AM, Kurt Buff <kurt.b...@gmail.com> wrote:
>>
>>> That should be GCIH, not GHIH.
>>>
>>> Kurt
>>>
>>> On Sat, Oct 7, 2017 at 7:55 AM, Kurt Buff <kurt.b...@gmail.com> wrote:
>>> > I took a SANS course (SEC401), but frankly could have taught most of
>>> > the course myself.
>>> >
>>> > I've been doing this a very long time, and have read everything
>>> > security-related I could get my hands on for years.
>>> >
>>> > The course and testing did highlight a few areas where I my knowledge
>>> is weak.
>>> >
>>> > I expect that the next cert I go for will be significantly harder for
>>> > me, as whatever it might be (no sure which - GCED/GCWIN/GHIH) will
>>> > require much more in-depth knowledge in a specific domain.
>>> >
>>> > Kurt
>>> >
>>> > On Sat, Oct 7, 2017 at 6:10 AM, Erik Goldoff <egold...@gmail.com>
>>> wrote:
>>> >> Nice :D
>>> >> What was your preparation for the exam?  In person classroom, web
>>> based,
>>> >> book based, etc. ?
>>> >>
>>> >> Erik
>>> >>
>>> >> On Fri, Oct 6, 2017 at 9:24 PM, Kurt Buff <kurt.b...@gmail.com>
>>> wrote:
>>> >>>
>>> >>> It's a good start
>>> >>> https://www.giac.org/certified-professional/kurt-buff/162966
>>> >>>
>>> >>> Passed with 85%, in 1h 12m.
>>> >>>
>>> >>>
>>> >>
>>>
>>>
>>>
>>
>

Re: [NTSysADM] This pleases me...

[Erik Goldoff]

yeah, I took SANS SEC504 a couple years ago, prep for GCIH, but never got
around to testing.  Wonder if my materials are still valid for the exam.

maybe I should start with this one you did, and leverage back to GCIH?
FWIW, the SEC504 class was fun, if not a bit brain melting at times (I'm
weaker on the Linux side) and our team won the challenge coin on the
capture the flag even the last day.
I don't think any single one of us could have completed the entire
challenge, took the combined knowledge and skills of all four of us.

Thanks, and congrats


On Sat, Oct 7, 2017 at 10:58 AM, Kurt Buff <kurt.b...@gmail.com> wrote:

> That should be GCIH, not GHIH.
>
> Kurt
>
> On Sat, Oct 7, 2017 at 7:55 AM, Kurt Buff <kurt.b...@gmail.com> wrote:
> > I took a SANS course (SEC401), but frankly could have taught most of
> > the course myself.
> >
> > I've been doing this a very long time, and have read everything
> > security-related I could get my hands on for years.
> >
> > The course and testing did highlight a few areas where I my knowledge is
> weak.
> >
> > I expect that the next cert I go for will be significantly harder for
> > me, as whatever it might be (no sure which - GCED/GCWIN/GHIH) will
> > require much more in-depth knowledge in a specific domain.
> >
> > Kurt
> >
> > On Sat, Oct 7, 2017 at 6:10 AM, Erik Goldoff <egold...@gmail.com> wrote:
> >> Nice :D
> >> What was your preparation for the exam?  In person classroom, web based,
> >> book based, etc. ?
> >>
> >> Erik
> >>
> >> On Fri, Oct 6, 2017 at 9:24 PM, Kurt Buff <kurt.b...@gmail.com> wrote:
> >>>
> >>> It's a good start
> >>> https://www.giac.org/certified-professional/kurt-buff/162966
> >>>
> >>> Passed with 85%, in 1h 12m.
> >>>
> >>>
> >>
>
>
>

Re: [NTSysADM] This pleases me...

[Erik Goldoff]

Nice :D
What was your preparation for the exam?  In person classroom, web based,
book based, etc. ?

Erik

On Fri, Oct 6, 2017 at 9:24 PM, Kurt Buff  wrote:

> It's a good start
> https://www.giac.org/certified-professional/kurt-buff/162966
>
> Passed with 85%, in 1h 12m.
>
>
>

Re: [NTSysADM] Is there a reason not to have file shares in a drives root folder

[Erik Goldoff]

may also be related to carry over experience from FAT drives, had a
limitation in number of files in the root (and directories/folders count as
files) so too many files in the root would limit the use of the entire
drive capacity.


On Thu, Sep 14, 2017 at 4:03 AM, Graeme Carstairs 
wrote:

> Thanks guys makes sense
>
> Cheers
>
> Graeme
>
> On Wed, 13 Sep 2017 at 00:23, Kurt Buff  wrote:
>
>> +1
>> - create a directory at the root, and share that, not the root.
>> - Remove the NTFS permissions for Users from the root, and assign it to
>> the directory, with Read-Only (this folder only)
>>
>> It solves a lot of problems.
>>
>> Kurt
>>
>>
>>
>> On Tue, Sep 12, 2017 at 3:10 AM, Melvin Backus 
>> wrote:
>>
>>> Not putting them in the root avoids the need to modify the base NTFS
>>> permissions on every new share you create.  While defaults used to
>>> allow r/w access for everyone, now the default is r/o for everyone. By
>>> pushing down a level you can change it once and all new shares can inherit
>>> the new setting.  I create a Shares folder for that purpose. No clue
>>> why going down 2 levels though. I get the path length part, but our users
>>> wind up exceeding that so often I’ve just come to accept it.  Move a
>>> 200 character path down the tree 8 levels to another 200 character path and
>>> what do you get?  A mess. J
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> There are 10 kinds of people in the world...
>>>  those who understand binary and those who don't.
>>>
>>>
>>>
>>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
>>> myitforum.com] *On Behalf Of *Graeme Carstairs
>>> *Sent:* Tuesday, September 12, 2017 5:10 AM
>>> *To:* ntsysadm@lists.myitforum.com
>>> *Subject:* [NTSysADM] Is there a reason not to have file shares in a
>>> drives root folder
>>>
>>>
>>>
>>> Recently came across some filservers that were setup as
>>>
>>>
>>>
>>> F:\1\2\fileshares
>>>
>>>
>>>
>>> When asked why they relied that they had an ms consultant who
>>> recommended this as file share share should not be in the root folder and
>>> that 3rd level folder was the reccomended place for them
>>>
>>>
>>>
>>> They can't remember his reasoning
>>>
>>>
>>>
>>> But the 1 and 2 was to keep the path small so not to run into path
>>> length issues
>>>
>>>
>>>
>>> Does anyone know why this would be recommended ?
>>>
>>>
>>>
>>> Tia
>>>
>>> Graeme
>>>
>>> --
>>>
>>> Graeme Carstairs
>>>
>>>
>>>
>>> e-mail :- loonyto...@gmail.com
>>>
>>
>> --
> Graeme Carstairs
>
> e-mail :- loonyto...@gmail.com
>

Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

[Erik Goldoff]

Disclaimer, I'm biased because I work for Symantec now (NOT in sales), and
know many of you love to hate  but

I was not a fan of early Symantec AV, and would not have come to work for
them in the SAV days.
I'd give SEP 14 another look, many advanced features, including some
exploit protection.

Couldn't hurt to download a trialware and test for yourself, and if you
still don't like it, you'll have fact based decisions and not opinions and
emotions

On Fri, Sep 15, 2017 at 10:34 AM, Michael Leone  wrote:

> On Thu, Sep 14, 2017 at 2:33 PM, Kurt Buff  wrote:
> > On Thu, Sep 14, 2017 at 9:31 AM, Michael Leone 
> wrote:
> >>
> >> We use Kaspersky for our AV needs, and to be honest, it's worked out
> >> well for us. It's certainly caught things that McAfee, our previous AV
> >> solution, didn't. However, they have this slight problem with being a
> >> covert arm of the Russian government, apparently ..
> >
> > Citation needed. I have not seen anything that supports the idea that
> > Kaspersky is an arm of the Russian government.
>
> Tell that to the US government .. LOL
>
> >> So we need to drop them, as the federal agencies are doing.
> >
> > Is this a requirement by law/regulation for your departement? If not,
> > don't drop them, at least not for the reason stated above.
>
> My boss says it's not meeting our needs, and it will be replaced, so
> the requirement is for me to obey orders and keep my job. LOL
>
> Listen, I'm happy with Kaspersky, and I would recommend keeping it.
> But I have an idea that this is a mandate from farther high up.
> Especially seeing as to how we are a state agency, I guess my CIO
> doesn't want to spend time explaining to our board of commissioners
> why the feds are wrong, and we're keeping Kaspersky when they aren't
> ...
>
> > We have Eset, and I'd drop them in a heartbeat, if I could. Not
> > because it's a bad product of its kind - far from it. It's been fairly
> > good.
> >
> > Instead, I'd go with Applocker, and removing admin privileges - we
> > already do patching fairly well.
>
> The order was for AV, since we need to do local workstations and
> remote devices. So we will.
>
> Also, no one here (including me) knows Applocker, and there's not a
> lot of support here, besides me, for anything OS or AD related ..
>
>
>

Re: [NTSysADM] Disabling a web site in IIS

[Erik Goldoff]

you could always change the default page to a 404 Not Found error in a
different folder.

On Mon, Sep 11, 2017 at 2:38 PM, Michael Leone  wrote:

> I know very little about IIS. I have a Win2008 R2 server, and IIS
> Manager shows 3 sites under the web server. I want to disable 2 of
> them (one is the default web site), leaving only the 3rd running and
> accessible.
>
> I stopped them, and set them to not automatically start. What I'd like
> to do is ensure that they are disabled, and can't start. I keep
> finding search results that indicate making changes to the Directory
> Security, which will do that. And I don't see any icon that says
> Directory Security, nor on any right click of a site, etc.
>
> What am I misunderstanding here? How can I disable these 2 sites, so I
> can be sure they don't start? (I don't know if they will be needed
> again, hence why I don't want to delete them)
>
>
>

Re: [EXTERNAL]Re: [NTSysADM] RE: Test

[Erik Goldoff]

sorry, I guess a bit of an inside joke for those that have been on the
lists for more than a decade, my reply was tongue in cheek to
Micheal's "Awww...
I meant the "funny" one from a long time ago on a distribution list far,
far away. "


On Tue, May 30, 2017 at 9:03 PM, Katherine M. Moss <
km...@winterhillsolutions.com> wrote:

> You mean where I saw the signature? It’s Wwindows 10, and right now I’m
> using Windows 10 mail because Outlook won’t behave itself.
>
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for
> Windows 10
>
>
>
> *From: *Erik Goldoff <egold...@gmail.com>
> *Sent: *Tuesday, May 30, 2017 20:51
> *To: *ntsysadm@lists.myitforum.com
> *Subject: *Re: [EXTERNAL]Re: [NTSysADM] RE: Test
>
>
> What OS, what service pack ?  ;)
>
> On Tue, May 30, 2017 at 7:24 PM, Micheal Espinola Jr <
> michealespin...@gmail.com> wrote:
>
>> Awww... I meant the "funny" one from a long time ago on a
>> distribution list far, far away.
>>
>> --
>> Espi
>>
>>
>> On Tue, May 30, 2017 at 3:15 PM, Michael B. Smith <mich...@smithcons.com>
>> wrote:
>>
>>> http://myitforum.com/myitforumwp/newsletter/email-lists-2/
>>>
>>>
>>>
>>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>>> orum.com] *On Behalf Of *Micheal Espinola Jr
>>> *Sent:* Tuesday, May 30, 2017 5:56 PM
>>> *To:* ntsysadm@lists.myitforum.com
>>> *Subject:* Re: [EXTERNAL]Re: [NTSysADM] RE: Test
>>>
>>>
>>>
>>> Someone be sure to supply the proper unsubscribe method.  I can't find
>>> my copy. :-(
>>>
>>>
>>> --
>>> Espi
>>>
>>>
>>>
>>>
>>>
>>> On Tue, May 30, 2017 at 7:01 AM, David McSpadden <dav...@imcu.com>
>>> wrote:
>>>
>>> Oh thank God.
>>>
>>>
>>>
>>>
>>>
>>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>>> orum.com] *On Behalf Of *Erik Goldoff
>>> *Sent:* Tuesday, May 30, 2017 9:27 AM
>>> *To:* ntsysadm@lists.myitforum.com
>>> *Subject:* [EXTERNAL]Re: [NTSysADM] RE: Test
>>>
>>>
>>>
>>> Yes, only a test.  In the event of an actual email event, you will be
>>> notified where to tune for additional details
>>>
>>>
>>>
>>> On Tue, May 30, 2017 at 8:48 AM, David McSpadden <dav...@imcu.com>
>>> wrote:
>>>
>>> Only a test?
>>>
>>>
>>>
>>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>>> orum.com] *On Behalf Of *Katherine M. Moss
>>> *Sent:* Tuesday, May 30, 2017 8:41 AM
>>> *To:* ntsysadm@lists.myitforum.com
>>> *Subject:* [NTSysADM] Test
>>>
>>>
>>>
>>> Notice:  This email is from an outside source.  Please do not open any
>>> attachments, click on any hyperlinks, or respond without first confirming
>>> the authenticity of the email.
>>>
>>> This is a test.
>>>
>>> This e-mail and any files transmitted with it are property of Indiana
>>> Members Credit Union, are confidential, and are intended solely for the use
>>> of the individual or entity to whom this e-mail is addressed. If you are
>>> not one of the named recipient(s) or otherwise have reason to believe that
>>> you have received this message in error, please notify the sender and
>>> delete this message immediately from your computer. Any other use,
>>> retention, dissemination, forwarding, printing, or copying of this email is
>>> strictly prohibited.
>>>
>>>
>>>
>>> Please consider the environment before printing this email.
>>>
>>>
>>>
>>> This e-mail and any files transmitted with it are property of Indiana
>>> Members Credit Union, are confidential, and are intended solely for the use
>>> of the individual or entity to whom this e-mail is addressed. If you are
>>> not one of the named recipient(s) or otherwise have reason to believe that
>>> you have received this message in error, please notify the sender and
>>> delete this message immediately from your computer. Any other use,
>>> retention, dissemination, forwarding, printing, or copying of this email is
>>> strictly prohibited.
>>>
>>>
>>>
>>> Please consider the environment before printing this email.
>>>
>>>
>>>
>>
>>
>

Re: [EXTERNAL]Re: [NTSysADM] RE: Test

[Erik Goldoff]

What OS, what service pack ?  ;)

On Tue, May 30, 2017 at 7:24 PM, Micheal Espinola Jr <
michealespin...@gmail.com> wrote:

> Awww... I meant the "funny" one from a long time ago on a
> distribution list far, far away.
>
> --
> Espi
>
>
> On Tue, May 30, 2017 at 3:15 PM, Michael B. Smith <mich...@smithcons.com>
> wrote:
>
>> http://myitforum.com/myitforumwp/newsletter/email-lists-2/
>>
>>
>>
>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>> orum.com] *On Behalf Of *Micheal Espinola Jr
>> *Sent:* Tuesday, May 30, 2017 5:56 PM
>> *To:* ntsysadm@lists.myitforum.com
>> *Subject:* Re: [EXTERNAL]Re: [NTSysADM] RE: Test
>>
>>
>>
>> Someone be sure to supply the proper unsubscribe method.  I can't find my
>> copy. :-(
>>
>>
>> --
>> Espi
>>
>>
>>
>>
>>
>> On Tue, May 30, 2017 at 7:01 AM, David McSpadden <dav...@imcu.com> wrote:
>>
>> Oh thank God.
>>
>>
>>
>>
>>
>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>> orum.com] *On Behalf Of *Erik Goldoff
>> *Sent:* Tuesday, May 30, 2017 9:27 AM
>> *To:* ntsysadm@lists.myitforum.com
>> *Subject:* [EXTERNAL]Re: [NTSysADM] RE: Test
>>
>>
>>
>> Yes, only a test.  In the event of an actual email event, you will be
>> notified where to tune for additional details
>>
>>
>>
>> On Tue, May 30, 2017 at 8:48 AM, David McSpadden <dav...@imcu.com> wrote:
>>
>> Only a test?
>>
>>
>>
>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf
>> orum.com] *On Behalf Of *Katherine M. Moss
>> *Sent:* Tuesday, May 30, 2017 8:41 AM
>> *To:* ntsysadm@lists.myitforum.com
>> *Subject:* [NTSysADM] Test
>>
>>
>>
>> Notice:  This email is from an outside source.  Please do not open any
>> attachments, click on any hyperlinks, or respond without first confirming
>> the authenticity of the email.
>>
>> This is a test.
>>
>> This e-mail and any files transmitted with it are property of Indiana
>> Members Credit Union, are confidential, and are intended solely for the use
>> of the individual or entity to whom this e-mail is addressed. If you are
>> not one of the named recipient(s) or otherwise have reason to believe that
>> you have received this message in error, please notify the sender and
>> delete this message immediately from your computer. Any other use,
>> retention, dissemination, forwarding, printing, or copying of this email is
>> strictly prohibited.
>>
>>
>>
>> Please consider the environment before printing this email.
>>
>>
>>
>> This e-mail and any files transmitted with it are property of Indiana
>> Members Credit Union, are confidential, and are intended solely for the use
>> of the individual or entity to whom this e-mail is addressed. If you are
>> not one of the named recipient(s) or otherwise have reason to believe that
>> you have received this message in error, please notify the sender and
>> delete this message immediately from your computer. Any other use,
>> retention, dissemination, forwarding, printing, or copying of this email is
>> strictly prohibited.
>>
>>
>>
>> Please consider the environment before printing this email.
>>
>>
>>
>
>

Re: [NTSysADM] RE: Test

[Erik Goldoff]

Yes, only a test.  In the event of an actual email event, you will be
notified where to tune for additional details

On Tue, May 30, 2017 at 8:48 AM, David McSpadden  wrote:

> Only a test?
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Katherine M. Moss
> *Sent:* Tuesday, May 30, 2017 8:41 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* [NTSysADM] Test
>
>
>
> Notice:  This email is from an outside source.  Please do not open any
> attachments, click on any hyperlinks, or respond without first confirming
> the authenticity of the email.
>
>
>
> This is a test.
>
> This e-mail and any files transmitted with it are property of Indiana
> Members Credit Union, are confidential, and are intended solely for the use
> of the individual or entity to whom this e-mail is addressed. If you are
> not one of the named recipient(s) or otherwise have reason to believe that
> you have received this message in error, please notify the sender and
> delete this message immediately from your computer. Any other use,
> retention, dissemination, forwarding, printing, or copying of this email is
> strictly prohibited.
>
> Please consider the environment before printing this email.
>

Re: [NTSysADM] Running exe from APPDATA..TEMP directory

[Erik Goldoff]

I have a customer that has an F5 client utility that users must be able to
install, and their profile appdata/temp is a location where they have
permissions, unlike the program files folders.  I warned them about malware
using this location as an ingress vector, but they did not want to work out
any more secure solution :(

On Mon, Apr 10, 2017 at 10:25 AM, David McSpadden  wrote:

> Have a vendor that want so run his app from the APPDATA..TEMP directory.
>
> I have a GPO that denied .exe from running there or subfolders of there.
>
> Any reason I should allow this?
>
> I have the exact folder and program name but it’s opening up an exception
> to my rule??
> Any thoughts?
>
>
>
> *David McSpadden*
>
> System Administrator
>
> Indiana Members Credit Union
>
> P: 317.554.8190 <(317)%20554-8190>
>
> [image: Description: Description: imcu email icon]   [image:
> Description: Description: facebook email icon]
>   [image: Description:
> Description: twitter email icon] 
>
>
>
> [image: Description: Description: email logo]
>
> [image: http://www.amuletsolutions.com/images/mcp.gif]
> 
>
>
>
> This e-mail and any files transmitted with it are property of Indiana
> Members Credit Union, are confidential, and are intended solely for the use
> of the individual or entity to whom this e-mail is addressed. If you are
> not one of the named recipient(s) or otherwise have reason to believe that
> you have received this message in error, please notify the sender and
> delete this message immediately from your computer. Any other use,
> retention, dissemination, forwarding, printing, or copying of this email is
> strictly prohibited.
>
> Please consider the environment before printing this email.
>

Re: [NTSysADM] Question about Word

[Erik Goldoff]

simple method, use the text <> in the template throughout the
document, and then perform a Search and Replace ALL for <> with
the actual customer name for each time the template is copied and used.

On Mon, Mar 27, 2017 at 8:19 AM, James Rankin  wrote:

> My Microsoft Office skills are a bit limited and I can’t seem to frame the
> Google query right today…
>
>
>
> I am writing a template document. At the start of this I want to put a
> section for “Customer Name”, the idea being that when a user uses the
> template they can simply put the correct customer name in here, and then it
> is updated in every part of the document where the customer name needs to
> appear.
>
>
>
> What function is it I want to use here? I just can’t seem to frame the
> right query to get Google to tell me the answer, and Alexa is simply
> telling me she doesn’t understand…
>
>
>
> TIA,
>
>
>
>
>
>
>
>
>
> *[image: cid:image001.png@01D21FCA.D5DD9850]*
>
> [image: cid:image002.jpg@01D21FCA.D5DD9850]
>
>
>
>
>
>
>
>
>
>
>
> *James Rankin CTA ACA*
>
> *EUC Solutions Architect*
>
> Howell Technology Group
>
> *Office*: 0191 4813446
>
> *Mobile*: 07809 668579
>
> *Email*: ja...@htguk.com
>
>
>
> www.htguk.com | Twitter  | Linkedin
>  | Facebook
> 
>
>
>
> *COMPANY INFORMATION*
>
> Howell Technology Group Ltd is a limited company registered in England
> with registered number 5520670 and VAT registered number GB 862 666 004.
> Our registered office is at 2.30 One Trinity Green, Eldon Street, South
> Shields, Tyne & Wear, NE33 1SA
>
>
>
> *CONFIDENTIALITY NOTICE*
>
> This message is intended solely for the addressee and may contain
> confidential information. If you have received this message in error,
> please send it back to us, and immediately and permanently delete it. Do
> not use, copy or disclose the information contained in this message or in
> any attachment.
>
>
>
> *PRIVACY POLICY *
>
> For information about how we process data and monitor communications
> please see our Privacy Policy.
>
>
>
> To log a ticket please follow the link. https://htguk.on.spiceworks.
> com/portal
>
>
>

Re: [NTSysADM] %[SYSTEM]% environment variable

[Erik Goldoff]

I do not think %system% is a default Windows environment variable, and the
brackets don't seem to belong to the syntax.  Looks more like something
from an A/V exception for a security product I'm very familiar with, and in
that context, %[system]% is a prefix variable that usually resolves to
c:\windows\system32  (or whatever drive windows is installed to)



On Tue, Mar 21, 2017 at 11:14 AM, Richard Stovall  wrote:

> I have run across this in a path in a config file and I'm wondering
> exactly what it means / points to.
>
> e.g. %[SYSTEM]%\filename
>
> It doesn't seem to work as intended and my Google-fu is weak on this one.
>
> Thanks,
> RS
>

Re: [NTSysADM] Sohpos disables UAC ?

[Erik Goldoff]

absolutely it is, prevents elevated actions without at least user
notification and approval

On Fri, Mar 10, 2017 at 11:41 AM, James M. Pulver 
wrote:

> As far as I know, UAC isn't a security feature.
>
> James Pulver
> CLASSE Computer Group
> Cornell University
>
> On 03/10/2017 11:24 AM, Klaus Hartnegg wrote:
>
>> Has anybody recently seen Sophos Antivirus ("Endpoint Security")
>> disabling User Account control in Windows 7?
>>
>> Many computers here suddenly have UAC off, and my research points to
>> Sophos installer/updater as culprit: UAC stays on when rebooting
>> normally, but reproducably switches to off after a reboot that followed
>> an install, uninstall, or larger update of Sophos. Maybe it only happens
>> if SRP is turned on. I will continue testing on Monday, but maybe others
>> already know more??
>>
>> I had previouosly read complaints that antivirus software sometimes
>> disables certain security features, but UAC!?!
>>
>>
>>
>
>

Re: [EXTERNAL]Re: [NTSysADM] AWS East Outage

[Erik Goldoff]

I was using Chrome when it redirected for me

On Fri, Mar 3, 2017 at 10:30 AM, Kennedy, Jim <kennedy...@elyriaschools.org>
wrote:

> Interesting, it does for me too…in IE.  In Chrome I get nothing.
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Erik Goldoff
> *Sent:* Friday, March 3, 2017 10:29 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* Re: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> Jim, your link redirects to http://goodworks.sprint.
> com/1millionproject/index.cfm when I try.
>
>
>
> On Fri, Mar 3, 2017 at 10:09 AM, Kennedy, Jim <
> kennedy...@elyriaschools.org> wrote:
>
> And FYI, O365 links in emails that are forwarded are being mangled all to
> heck with the safelinks URL:
>
>
>
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fsetda.us1.list-manage.com%2Ftrack%2Fclick%3Fu%
> 3D1f18c643d052d9f509a7060f4%26id%3D4468f8ea88%26e%
> 3Df6ca991d43=01%7C01%7CKirk.Ross%40education.ohio.gov%
> 7C37f0e0e838cb408d4bab08d46238bbff%7C50f8fcc494d84f0784eb36ed57c7
> c8a2%7C0=b9EZV2pC5iDLa9skdivN6PkET49ceN01wFdK6GoB2L8%3D=0
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kennedy, Jim
> *Sent:* Friday, March 3, 2017 10:06 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> What do we call it when URL detonation is detonated?
>
>
>
> https://www.trustedsec.com/blog/office-365-advanced-
> threat-protection-features-shortfalls/
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Micheal
> Espinola Jr
> *Sent:* Friday, March 3, 2017 9:52 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* Re: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> Do you mean like this?
>
>
>
> https://blogs.office.com/2017/01/25/evolving-office-365-
> advanced-threat-protection-with-url-detonation-and-dynamic-delivery/
>
>
> --
> Espi
>
>
>
>
>
> On Thu, Mar 2, 2017 at 2:02 PM, Michael B. Smith <mich...@smithcons.com>
> wrote:
>
> I was in an NDA call last week regarding some upcoming changes to a
> particular vendor's anti-malware product, and was introduced to the term
> "link detonation".
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Calvin McLennan
> Sent: Thursday, March 2, 2017 4:10 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
> I'm much more unnerved by the term 'blast radius'
>
> Cal
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Michael B. Smith
> Sent: March 2, 2017 3:36 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
> OMG.
>
>
>
> “we have not completely restarted the index subsystem or the placement
> subsystem in our larger regions for many years.”
>
>
>
> That sentence scares me. But perhaps it shouldn’t.
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Kennedy, Jim
> Sent: Thursday, March 2, 2017 3:12 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> So the facts are out. Short version, basically someone fat fingered a
> command and deleted a bunch of really important servers.
>
>
>
>
>
> https://aws.amazon.com/message/41926/
>
>
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Melvin Backus
> Sent: Thursday, March 2, 2017 9:47 AM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> That’s probably what caused the problem to being with. All that conversion
> and somebody missed a decimal point.
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of David McSpadden
> Sent: Thursday, March 2, 2017 7:17 AM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> I believe it was an US-Converted-Metric S-ton IMHO.
>
>
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Richard Stovall
> Sent:

Re: [EXTERNAL]Re: [NTSysADM] AWS East Outage

[Erik Goldoff]

Jim, your link redirects to
http://goodworks.sprint.com/1millionproject/index.cfm when I try.

On Fri, Mar 3, 2017 at 10:09 AM, Kennedy, Jim 
wrote:

> And FYI, O365 links in emails that are forwarded are being mangled all to
> heck with the safelinks URL:
>
>
>
> https://na01.safelinks.protection.outlook.com/?url=
> http%3A%2F%2Fsetda.us1.list-manage.com%2Ftrack%2Fclick%3Fu%
> 3D1f18c643d052d9f509a7060f4%26id%3D4468f8ea88%26e%
> 3Df6ca991d43=01%7C01%7CKirk.Ross%40education.ohio.gov%
> 7C37f0e0e838cb408d4bab08d46238bbff%7C50f8fcc494d84f0784eb36ed57c7
> c8a2%7C0=b9EZV2pC5iDLa9skdivN6PkET49ceN01wFdK6GoB2L8%3D=0
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Kennedy, Jim
> *Sent:* Friday, March 3, 2017 10:06 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> What do we call it when URL detonation is detonated?
>
>
>
> https://www.trustedsec.com/blog/office-365-advanced-
> threat-protection-features-shortfalls/
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com ] *On Behalf Of *Micheal
> Espinola Jr
> *Sent:* Friday, March 3, 2017 9:52 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* Re: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> Do you mean like this?
>
>
>
> https://blogs.office.com/2017/01/25/evolving-office-365-
> advanced-threat-protection-with-url-detonation-and-dynamic-delivery/
>
>
> --
> Espi
>
>
>
>
>
> On Thu, Mar 2, 2017 at 2:02 PM, Michael B. Smith 
> wrote:
>
> I was in an NDA call last week regarding some upcoming changes to a
> particular vendor's anti-malware product, and was introduced to the term
> "link detonation".
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Calvin McLennan
> Sent: Thursday, March 2, 2017 4:10 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
> I'm much more unnerved by the term 'blast radius'
>
> Cal
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Michael B. Smith
> Sent: March 2, 2017 3:36 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
> OMG.
>
>
>
> “we have not completely restarted the index subsystem or the placement
> subsystem in our larger regions for many years.”
>
>
>
> That sentence scares me. But perhaps it shouldn’t.
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Kennedy, Jim
> Sent: Thursday, March 2, 2017 3:12 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> So the facts are out. Short version, basically someone fat fingered a
> command and deleted a bunch of really important servers.
>
>
>
>
>
> https://aws.amazon.com/message/41926/
>
>
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Melvin Backus
> Sent: Thursday, March 2, 2017 9:47 AM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> That’s probably what caused the problem to being with. All that conversion
> and somebody missed a decimal point.
>
>
>
> --
> There are 10 kinds of people in the world...
>  those who understand binary and those who don't.
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of David McSpadden
> Sent: Thursday, March 2, 2017 7:17 AM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> I believe it was an US-Converted-Metric S-ton IMHO.
>
>
>
>
>
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Richard Stovall
> Sent: Thursday, March 2, 2017 7:05 AM
> To: ntsysadm@lists.myitforum.com
> Subject: [EXTERNAL]Re: [NTSysADM] AWS East Outage
>
>
>
> Is that a metric S-ton, or the other kind?
>
>
>
> The is a difference.
>
>
>
> On Mar 2, 2017 2:38 AM, "Don Ely"  wrote:
>
> It is pretty trivial if you're setup correctly, but the setup
> takes an S-Ton of work and testing...
>
>
>
> On Wed, Mar 1, 2017 at 3:30 PM Michael B. Smith <
> mich...@smithcons.com> wrote:
>
> I have to say, what surprised me most about this outage
> was the lack of failover to alternate datacenters for some pretty big names.
>
>
>
> I have no idea how this works in AWS, but in Azure it’s
> fairly trivial; I would expect the same of AWS.
>
>
>
> From: listsad...@lists.myitforum.com [mailto:
> listsad...@lists.myitforum.com] On Behalf Of Andrew S. Baker
> Sent: Wednesday, March 1, 2017 12:22 PM
>
>
> To: ntsysadm@lists.myitforum.com 

[NTSysADM] is Bundlehunt legit?

[Erik Goldoff]

Just wondering if anyone on this list has heard of Bundlehunt before, and
if so is it legit?  Pricing seems 'too good to be true' so thought I'd ask
around.

https://bundlehunt.com/

Thanks

Erik

Re: [NTSysADM] Question re job interview

[Erik Goldoff]

Congrats !

On Tue, Feb 21, 2017 at 7:55 AM, Graeme Carstairs 
wrote:

> Just thought I would let you know
>
> I went with Eric's advise and gave my presentation at the interview despit
> timing it at 8 minutes it actually lasted 15 minutes at the interview
>
> They thanked me for a presentation said it showed I understood the topics
> and could communicate effectively
>
> And I got the job
>
> Thanks guys
>
>
> On Thu, 2 Feb 2017 at 19:27, Kurt Buff  wrote:
>
>> Erik has some good advice, but I'd take a close look at the published
>> job description, and cast your discussion in terms that would fit
>> that, as you would to your next two layers of management.
>>
>> For sure, 10 minutes isn't much time, as that's a huge subject, so
>> you'll of necessity need to do a rather broad overview, but take your
>> time and practice speaking/enunciating clearly.
>>
>> I wouldn't make your submission a verbatim transcript of your talk;
>> just give the outline - unless they're specifically looking for that,
>> which seems unlikely.
>>
>> Kurt
>>
>> On Thu, Feb 2, 2017 at 7:09 AM, Graeme Carstairs 
>> wrote:
>> > hi,
>> >
>> > having just been made redundant I have been applying for al sorts of IT
>> > roles, whatI have been doing for the last 15 years (designing,
>> implementing
>> > and supporting windows server based networks for small to large
>> > enterprises).
>> >
>> > I have just received my first interview confirmation, and they have
>> asked
>> > that I submit in advance and give on the day a 10 minute presentation
>> on the
>> > topic "Discuss Data Management, availability and Disaster Recovery"
>> >
>> > Now I have never been asked to do this before well more not on such a
>> wide
>> > topic.
>> >
>> > anyone got any suggestions on what I can base it around, I am not
>> looking
>> > for anyone to do it for me just some topics or ideas on what to do it
>> on?
>> >
>> > TIA
>> >
>> >
>> > --
>> >
>> >
>> > e-mail :- loonyto...@gmail.com
>>
>>
>> --
> Graeme Carstairs
>
> e-mail :- loonyto...@gmail.com
>

Re: [NTSysADM] Some advice needed about allowing local C: drive access

[Erik Goldoff]

use the SUBST command ?

SUBST Z: c:\debug

worth testing to see if you have access using Z: or does your GPO quash
this method ?

On Fri, Feb 17, 2017 at 12:34 PM, Michael Leone  wrote:

> I know I've read about this procedure somewhere, but I'm not finding
> it at the moment.
>
> We have this application that writes out it's debug log to c:\debug.
> Now, we hide drive C; from domain users using GPO (User
> Configuration/Policies/Administrative Policies/Windows Components/File
> Explorer/Hide these specific drives ("Restrict A.B.C")).
>
> So what my help desk staff needs to do is to log onto these
> workstations (as a specific domain account), run the software, and
> need to be able to see, read (and optionally write to) this C:\Debug
> location, to identify/fix problems.
> (this is the "Check21" check processing software, if anyone else uses it)
>
> What I don't know is how best to do this.
>
> Oh, sure, I could create a whole new GPO, without that "Hide drives"
> setting, and limit it only to this one domain login. But is there a
> better, more efficient way to do this? I want C: drive hidden from the
> majority of my users, but do need certain logons that aren't limited
> this way.
>
> And I don't want the logon to be local admin, or have any access other
> than just standard domain user (or I could use a Restricted Group).
>
> Thoughts? Advice?
> (Win 2008 R2 domain)
>
>
>

Re: [NTSysADM] Question re job interview

[Erik Goldoff]

also maybe relate to the three facets of Security in IT :  C I A

C = Confidentiality
I  =  Integrity
A = Availability


On Thu, Feb 2, 2017 at 10:25 AM, Erik Goldoff <egold...@gmail.com> wrote:

> I see three discreet sections :
> 1) Data Management - you can discuss identifying and classifying 'data
> assets' with regards to value and necessary security, access rights based
> on 'concept of least privilege', change control/auditing (based on any
> compliance requirements as a plus) de-duplication, etc
> 2) Availability - how you would build your systems, how to classify need
> for load balance, fault tolerance, and high availability.  Load balance
> could lead into monitoring systems for performance degradation that would
> affect productivity
> 3) Disaster Recovery - importance of a business continuity plan, that
> includes Finance, HR, Executives to ensure plan can be effectively executed
> in a timely manner.  Data/asset classification to determine which
> systems/data needs to be restored ASAP, versus secondary needs, and then
> the 'rest' that would have minimum impact on business.  This includes, but
> is not solely your backup/restore process, SAN snapshots, VM
> migration/restoration, hot/warm recovery sites, etc
>
>
> On Thu, Feb 2, 2017 at 10:09 AM, Graeme Carstairs <loonyto...@gmail.com>
> wrote:
>
>> hi,
>>
>> having just been made redundant I have been applying for al sorts of IT
>> roles, whatI have been doing for the last 15 years (designing, implementing
>> and supporting windows server based networks for small to large
>> enterprises).
>>
>> I have just received my first interview confirmation, and they have asked
>> that I submit in advance and give on the day a 10 minute presentation on
>> the topic "Discuss Data Management, availability and Disaster Recovery"
>>
>> Now I have never been asked to do this before well more not on such a
>> wide topic.
>>
>> anyone got any suggestions on what I can base it around, I am not looking
>> for anyone to do it for me just some topics or ideas on what to do it on?
>>
>> TIA
>>
>>
>> --
>>
>>
>> e-mail :- loonyto...@gmail.com
>>
>
>

Re: [NTSysADM] Question re job interview

[Erik Goldoff]

I see three discreet sections :
1) Data Management - you can discuss identifying and classifying 'data
assets' with regards to value and necessary security, access rights based
on 'concept of least privilege', change control/auditing (based on any
compliance requirements as a plus) de-duplication, etc
2) Availability - how you would build your systems, how to classify need
for load balance, fault tolerance, and high availability.  Load balance
could lead into monitoring systems for performance degradation that would
affect productivity
3) Disaster Recovery - importance of a business continuity plan, that
includes Finance, HR, Executives to ensure plan can be effectively executed
in a timely manner.  Data/asset classification to determine which
systems/data needs to be restored ASAP, versus secondary needs, and then
the 'rest' that would have minimum impact on business.  This includes, but
is not solely your backup/restore process, SAN snapshots, VM
migration/restoration, hot/warm recovery sites, etc


On Thu, Feb 2, 2017 at 10:09 AM, Graeme Carstairs 
wrote:

> hi,
>
> having just been made redundant I have been applying for al sorts of IT
> roles, whatI have been doing for the last 15 years (designing, implementing
> and supporting windows server based networks for small to large
> enterprises).
>
> I have just received my first interview confirmation, and they have asked
> that I submit in advance and give on the day a 10 minute presentation on
> the topic "Discuss Data Management, availability and Disaster Recovery"
>
> Now I have never been asked to do this before well more not on such a wide
> topic.
>
> anyone got any suggestions on what I can base it around, I am not looking
> for anyone to do it for me just some topics or ideas on what to do it on?
>
> TIA
>
>
> --
>
>
> e-mail :- loonyto...@gmail.com
>

Re: [NTSysADM] 2012R2 local DNS forward to internet ? Brain hiccup

[Erik Goldoff]

Spot on, thank you Eric ...

On Thu, Jan 12, 2017 at 8:24 AM, Eric Wittersheim <
eric.wittersh...@gmail.com> wrote:

> In the DNS console Right click your server, click properties, then click
> the Forwarders tab.  Add your external servers there, usually your ISP's
> DNS server or you could put in Googles DNS (4.4.4.4 and 8.8.8.8).
>
> Eric
>
> On Thu, Jan 12, 2017 at 6:59 AM, Erik Goldoff <egold...@gmail.com> wrote:
>
>> Been a long time since I've messed with DNS servers.  Set up a 2012R2
>> domain in my VM lab, along with the requisite DNS server for the home.local
>> domain.
>>
>> Question is, how do I configure the DNS server to foward ALL non
>> LOCAL.DOMAIN lookups to another (internet) DNS server, not just domain by
>> domain ?
>>
>> Thanks, and sorry for such a newb question.
>>
>> Erik
>>
>
>

[NTSysADM] 2012R2 local DNS forward to internet ? Brain hiccup

[Erik Goldoff]

Been a long time since I've messed with DNS servers.  Set up a 2012R2
domain in my VM lab, along with the requisite DNS server for the home.local
domain.

Question is, how do I configure the DNS server to foward ALL non
LOCAL.DOMAIN lookups to another (internet) DNS server, not just domain by
domain ?

Thanks, and sorry for such a newb question.

Erik

Re: [NTSysADM] IT Organization Design

[Erik Goldoff]

NEVER share accounts, especially admin.  Everyone should have a regular
user level account, and admins should have a second account for when
privilege escalation is needed.  Many have username and username-adm or
similar to discern between normal and elevated accounts.  Configure your
auditing to flag use of the default 'administrator' and 'guest' accounts.


On Sun, Jan 1, 2017 at 3:01 PM, CSSU NetAdmin  wrote:

> We are looking at re-organizing our IT department for our K-12 school
> district.  Are there examples out there for how work is divided?  Do IT
> staff focus on specific areas or is everyone more of a generalist?  We have
> moved to Chromebooks in a big way and find how we are presently organized-
> school based- really doesn't work anymore.  Finally, who uses the Least
> Privilege Administrative model?  If you do, is there one domain admin
> account shared for people who need admin rights or do each IT staff person
> have two accounts?
>
> Thanks for any ideas.  Happy New Year!
>

Re: [NTSysADM] [Semi-OT] Gotta love vendors

[Erik Goldoff]

one of my mantras :  Convenience comes with a cost !


On Tue, Feb 24, 2015 at 1:45 PM, Melvin Backus melvin.bac...@byers.com
wrote:

 Easy  Secure

 Never any claim that they were the same thing.  It's easier to get into
 your house if all the doors and windows are open, but that doesn't make it
 better.  Unless of course you live on your own private island and no one
 else can get ashore without your assistance to scale the 500 ft cliff.
 Then it's better.  :)

 --
 There are 10 kinds of people in the world...
  those who understand binary and those who don't.

 -Original Message-
 From: listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] On Behalf Of Webster
 Sent: Tuesday, February 24, 2015 2:37 PM
 To: ntsysadm@lists.myitforum.com
 Subject: RE: [NTSysADM] [Semi-OT] Gotta love vendors

 The same thinking from way back in the NetWare days of making everyone
 Supervisor to make things easier.

 Thanks


 Webster

  -Original Message-
  From: listsad...@lists.myitforum.com
  [mailto:listsad...@lists.myitforum.com] On Behalf Of Ben Scott
  Sent: Tuesday, February 24, 2015 12:59 PM
  To: ntsysadm@lists.myitforum.com
  Subject: Re: [NTSysADM] [Semi-OT] Gotta love vendors
 
  On Tue, Feb 24, 2015 at 1:25 PM, Susan Bradley sbrad...@pacbell.net
  wrote:
   By default,SillyAppruns as the/Local System/account. This is
   generally regarded as best practice for services.
  
   Better practice than domain admin, right?
 
I once had a vendor tell me that they recommend all users on the
  network be given domain admin rights.  It just makes things a lot
 easier.
 
This was circa 2002, but still, what kind of thought process reaches
  such a conclusion?
 
  -- Ben
 

Re: [NTSysADM] [Semi-OT] Gotta love vendors

[Erik Goldoff]

or in the *current* day of making everyone local admin on their desktop
 sigh

On Tue, Feb 24, 2015 at 1:36 PM, Webster webs...@carlwebster.com wrote:

 The same thinking from way back in the NetWare days of making everyone
 Supervisor to make things easier.

 Thanks


 Webster

  -Original Message-
  From: listsad...@lists.myitforum.com
  [mailto:listsad...@lists.myitforum.com] On Behalf Of Ben Scott
  Sent: Tuesday, February 24, 2015 12:59 PM
  To: ntsysadm@lists.myitforum.com
  Subject: Re: [NTSysADM] [Semi-OT] Gotta love vendors
 
  On Tue, Feb 24, 2015 at 1:25 PM, Susan Bradley sbrad...@pacbell.net
  wrote:
   By default,SillyAppruns as the/Local System/account. This is
   generally regarded as best practice for services.
  
   Better practice than domain admin, right?
 
I once had a vendor tell me that they recommend all users on the
 network
  be given domain admin rights.  It just makes things a lot easier.
 
This was circa 2002, but still, what kind of thought process reaches
 such a
  conclusion?
 
  -- Ben
 

Re: [NTSysADM] [Semi-OT] Gotta love vendors

[Erik Goldoff]

face-palm !!!

On Tue, Feb 24, 2015 at 12:01 PM, Damien Solodow 
damien.solo...@harrison.edu wrote:

  Saw this tidbit in the docs on an app: (name changed to protect the
 guilty)



 By default, SillyApp runs as the *Local System* account. This is
 generally regarded as best practice for services.



 SMH.



 DAMIEN SOLODOW

 Systems Engineer

 317.447.6033 (office)

 317.447.6014 (fax)

 HARRISON COLLEGE

 500 North Meridian St

 Suite 500

 Indianapolis, IN 46204-1213

 www.harrison.edu

Re: [NTSysADM] OT: portable printer

[Erik Goldoff]

not in my laptop backpack :(

On Thu, Jan 29, 2015 at 4:36 PM, Adm sms...@gmail.com wrote:

 I'm fond of these. Cheap, fast, and wireless.

 http://www.amazon.com/gp/aw/d/B00LZS5EEI/ref=mp_s_a_1_1?qid=1422567292sr=8-1dpPl=1dpID=41UNVMYvaKLref=plSrchpi=AC_SX200_QL40



 On Thursday, January 29, 2015, J- P jnat...@hotmail.com wrote:

 Hi all,

 can anyone recommend a portable printer for travel, this is for use
 during workshops and meetings (figure about 30-50 pages printed per use).

 it will be connected to laptop, wifi/bluetooth is a plus, but NOT
 required.

 trying to stay in the 300 dollar range



 --
 smsadm

Re: [NTSysADM] OT: What do you call a group of IT professionals

[Erik Goldoff]

a gaggle of geeks
On Fri, Nov 21, 2014 at 11:12 AM, Maglinger, Paul pmaglin...@scvl.com
wrote:

 During a discussion today the question was raised,  What do you call a
 group of IT professionals?

 Oxford dictionary came up with:

 a blush of boys
 a drunkship of cobblers
 a hastiness of cooks
 a stalk of foresters
 an observance of hermits
 a bevy of ladies
 a faith of merchants
 a superfluity of nuns
 a malapertness (= impertinence) of pedlars
 a pity of prisoners
 a glozing (= fawning) of taverners

 Nothing for IT.

 The most popular suggestion was a packet.  :-)

 -Paul

Re: [NTSysADM] Has anyone implemented this solution?

[Erik Goldoff]

you could use a program like password safe, keeps the info local, but now
you have to share a password amongst staff to get to passwords you want to
share amongst staff ;P


On Wed, Nov 5, 2014 at 12:13 PM, Matthew W. Ross mr...@ephrataschools.org
wrote:

 Just curious, but what would you use as an alternative?

 ACLs can be ignored if you have physical access to the machine. Online
 syncing solutions (like LastPass) are a little scary for me, if your
 keeping those keys to the kingdom in them. (Not to say LastPass and others
 like it are not great for personal password.)

 The only other option I can think of is a hand-written list, kept on
 something non-digital. Please enlighten me to the (I'm sure glaringly
 obvious) solution I'm not thinking of! Sm:)e.


 --Matt Ross
 Ephrata School District




 Matthew W. Ross mr...@ephrataschools.org , 11/5/2014 9:07 AM:

 Yes, if the file it's in is encrypted.


 --Matt Ross
 Ephrata School District




 Kennedy, Jim kennedy...@elyriaschools.org , 11/5/2014 5:35 AM:

  Are you two ok with storing important passwords in text document on a
 share and using ACL’s to secure that?



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Matthew W. Ross
 *Sent:* Tuesday, November 4, 2014 7:52 PM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* Re: [NTSysADM] Has anyone implemented this solution?



 If you don't trust Windows based ACLs, how do you secure anything in
 Windows?



 --Matt Ross
 Ephrata School District





 Michael B. Smith mich...@smithcons.com , 11/4/2014 4:46 PM:

 Do you trust Windows ACL-based security?

 If not - well, you might have a lot of other concerns as well.

 -Original Message-
 From: listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] On Behalf Of Kurt Buff
 Sent: Tuesday, November 4, 2014 7:41 PM
 To: ntsysadm@lists.myitforum.com
 Subject: Re: [NTSysADM] Has anyone implemented this solution?

 Yes, they are stored in plain text in the AD field. That's something to
 think about, and something to test in the lab.

 Kurt

 On Tue, Nov 4, 2014 at 4:18 PM, Kennedy, Jim kennedy...@elyriaschools.org
 wrote:
  My kid just pointed out that in the fine print it states the passwords
  are stored in plain text. Yea the are restricted access but still.
 
 
  Comments mention you can get then encrypted with Premier.
 
  -- Original message--
 
  From: Kurt Buff
 
  Date: Tue, Nov 4, 2014 3:51 PM
 
  To: ntsysadm@lists.myitforum.com;
 
  Subject:Re: [NTSysADM] Has anyone implemented this solution?
 
  Cool. I'll see if I can lab this up, and if I get it working, I'll
  report back.
 
  Thanks!
 
  Kurt
 
  On Tue, Nov 4, 2014 at 12:35 PM, Kennedy, Jim
  kennedy...@elyriaschools.org wrote:
  Ok, got one confirmation from Twitter that it deployed with no
  problems and works as advertised.
 
  -Original Message-
  From: listsad...@lists.myitforum.com
  [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff
  Sent: Tuesday, November 4, 2014 2:42 PM
  To: NTSysADM@lists.myitforum.com
  Subject: [NTSysADM] Has anyone implemented this solution?
 
  If so, how did it go? Any gotchas?
 
  Blog article on implementation
 
  http://blogs.technet.com/b/askpfeplat/archive/2014/05/19/how-to-autom
  ate-changing-the-local-administrator-password.aspx
 
  Code for the project
  https://code.msdn.microsoft.com/Solution-for-management-of-ae44e789
 
  I might have the chance to implement, but wanted feedback before I
  put it up in a lab.
 
  Thanks,
 
  Kurt
 
 
 
 

Re: [NTSysADM] RE: 0.5 foot Cat5 Cables - Too short - Any potential issues?

[Erik Goldoff]

and buy at least one level better/higher than your current requirement,
plan for the future and ensure you meet current spec needs.
On Tue, Nov 4, 2014 at 3:19 PM, Michael B. Smith mich...@smithcons.com
wrote:

  Cat5 isn’t good enough for Gb. You need at least Cat5e and preferably
 Cat6.



 I’ve personally always used Panduit cabling boxes. Whenever I’ve tried to
 play loose with the Ethernet spec, it’s always come back to bite me,
 eventually.





 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Derrenbacker, L. Jonathan
 *Sent:* Tuesday, November 4, 2014 3:11 PM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] 0.5 foot Cat5 Cables - Too short - Any potential
 issues?



 I’m getting ready to replace some switch stacks. Our current cabling(patch
 to switch) is a mess, so I’m ripping out and starting from scratch.

 I’m looking around at cable design, and I like the short 6’’ cat5 cables,
 like this:

 http://static.spiceworks.com/shared/post/0001/6788/FEX48pt.jpg



 My concern is I think the IEEE minimum CAT5 cable length is 1.5 meters,
 but I’m not sure if that’s only for cables between active devices or not.



 Anyone know for sure and/or have experience using short cables between
 patch and switch? Any issues?

 Not sure if it matters, but it’s gig to the desktop POE.





 Thanks,

 Jon

Re: [NTSysADM] All things pass, but some pass too soon

[Erik Goldoff]

    

On Thu, Oct 16, 2014 at 7:05 AM, Ed Ziots eziot...@gmail.com wrote:

 Wows this is very sad news shon  was an amazing person and her books for
 the CISSP and others wad the defacto  standard for reading.

 Ed
 On Oct 15, 2014 10:23 AM, Kurt Buff kurt.b...@gmail.com wrote:

 Shon Harris - March 27th, 1968 ~ October 8th, 2014

 http://www.affoplano.com/component/obituary/?view=detailid=452

 After a long and devastating illness, Shon passed away on October 8,
 2014. Shon founded and was CEO of Logical Security, an information
 consultant, a former engineer in the Air Force Information Warfare
 unit, instructor and best-selling author of many books on IT Security.
 Shon was recognized as one of the top 25 women in the Information
 Security field.

 [...]

Re: [NTSysADM] Security training

[Erik Goldoff]

Bear in mind the CISSP is a more vendor neutral, less technical
certification that covers a broad scope of security issues (10 domains when
I tested in 2012) to include physical security, business continuity, etc.

Do you want a security certification from the consultant/management
perspective (CISSP) or more from a technical/engineer perspective (SANS) ?
The certification track you choose should depend very much on your career
goals and job requirements.

On Thu, Oct 16, 2014 at 9:53 AM, Heaton, Joseph@Wildlife 
joseph.hea...@wildlife.ca.gov wrote:

  There’s a new position being created in my organization that is
 “supposed” to be an infosec type of position.  My manager had told me to
 look into CISSP training/certification.  I know that’s the pinnacle, and
 beyond the normal day-to-day stuff of being a systems administrator,
 working with a Windows domain, etc, I don’t have a lot of hands-on in the
 trenches type of experience with security like I think they look for at
 that level.  But, I was thinking that the SSCP may be a good way to get my
 feet wet, and start working towards CISSP.  Any thoughts/advice/tips on
 that idea?  I’ve been working with networks since 1999, was CNE for
 Intranetware 4.11, and upgraded that to 5, but haven’t touched Novell
 since.  I was MCSE for NT4, and never upgraded certs after that.  I’ve
 worked with Microsoft products from NT4 and up, we’re currently upgrading
 our servers to 2012R2 now.  I’ve been the one-man shop, doing networking,
 and servers, and I’ve been part of a team doing just servers.  Anyway, I’m
 going to keep digging into requirements, etc, and looking for training
 materials, so if anyone has thoughts on that stuff as well, I’d be very
 appreciative.



 Thanks,



 Joe Heaton

 Enterprise Server Support

 Information Technology Operations Branch

 Data and Technology Division

 CA Department of Fish and Wildlife

 1807 13th Street, Suite 201

 Sacramento, CA  95811

 Desk:  (916) 323-1284

Re: [NTSysADM] Security training

[Erik Goldoff]

Her book (1200 pages ?) is considered the 'bible' and will provide a wealth
of information on the 10 domains of security.  You'll likely find some that
you know like the back of your hand due to work experience, and some that
will hold concepts and details new to you.

On Thu, Oct 16, 2014 at 10:56 AM, Heaton, Joseph@Wildlife 
joseph.hea...@wildlife.ca.gov wrote:

  That’s a good question, Erik.  Certification aside, would Shon Harris’
 book be a good starting point to get the information that is tested
 overall?  I’m reading and hearing that her book(s) are the standard.



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Erik Goldoff
 *Sent:* Thursday, October 16, 2014 7:37 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* Re: [NTSysADM] Security training



 Bear in mind the CISSP is a more vendor neutral, less technical
 certification that covers a broad scope of security issues (10 domains when
 I tested in 2012) to include physical security, business continuity, etc.



 Do you want a security certification from the consultant/management
 perspective (CISSP) or more from a technical/engineer perspective (SANS) ?

 The certification track you choose should depend very much on your career
 goals and job requirements.



 On Thu, Oct 16, 2014 at 9:53 AM, Heaton, Joseph@Wildlife 
 joseph.hea...@wildlife.ca.gov wrote:

 There’s a new position being created in my organization that is “supposed”
 to be an infosec type of position.  My manager had told me to look into
 CISSP training/certification.  I know that’s the pinnacle, and beyond the
 normal day-to-day stuff of being a systems administrator, working with a
 Windows domain, etc, I don’t have a lot of hands-on in the trenches type of
 experience with security like I think they look for at that level.  But, I
 was thinking that the SSCP may be a good way to get my feet wet, and start
 working towards CISSP.  Any thoughts/advice/tips on that idea?  I’ve been
 working with networks since 1999, was CNE for Intranetware 4.11, and
 upgraded that to 5, but haven’t touched Novell since.  I was MCSE for NT4,
 and never upgraded certs after that.  I’ve worked with Microsoft products
 from NT4 and up, we’re currently upgrading our servers to 2012R2 now.  I’ve
 been the one-man shop, doing networking, and servers, and I’ve been part of
 a team doing just servers.  Anyway, I’m going to keep digging into
 requirements, etc, and looking for training materials, so if anyone has
 thoughts on that stuff as well, I’d be very appreciative.



 Thanks,



 Joe Heaton

 Enterprise Server Support

 Information Technology Operations Branch

 Data and Technology Division

 CA Department of Fish and Wildlife

 1807 13th Street, Suite 201

 Sacramento, CA  95811

 Desk:  (916) 323-1284

Re: [NTSysADM] Zero-Day Windows Patch

[Erik Goldoff]

Yep, they waited for the patch to announce the vulnerability to limit the
window of opportunity for the wannabes

On Tue, Oct 14, 2014 at 12:58 PM, Andrew S. Baker asbz...@gmail.com wrote:

 There's a zero-day Windows patch that is part of today's fix.  You'll want
 to prioritize that...


 http://www.isightpartners.com/2014/10/cve-2014-4114/

 https://technet.microsoft.com/library/security/ms14-oct




 *ASB **http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker
 *Providing Virtual CIO Services (IT Operations  Information Security) for
 the SMB market…*

Re: [NTSysADM] Native VNC-like Windows remote control toy?

[Erik Goldoff]

why not have *that* machine with the large display RDP into a terminal
server, and autostart a training video upon login ?


On Fri, Aug 1, 2014 at 7:44 PM, Alex Eckelberry al...@eckelberry.com
wrote:

 Radmin is awesome and while not free, it’s cheap ($50).



 http://www.radmin.com/











 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Kent McKinney
 *Sent:* Friday, August 1, 2014 12:34 PM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* RE: [NTSysADM] Native VNC-like Windows remote control toy?



 One low tech option might be to RDP from the kiosk system to the user's
 machine.

 --- Original Message ---

 From: Danvers, Jim jim.danv...@hphood.com
 Sent: August 1, 2014 10:45 AM
 To: ntsysadm@lists.myitforum.com
 Subject: [NTSysADM] Native VNC-like Windows remote control toy?

 We have a television display (LCD) mounted up on a wall in out truck
 drivers break room that has a networked PC connected to it.  At present all
 it is doing is auto-logging onto the domain using a generic account and
 bringing up a weather web page in kiosk mode.  I’m going to show some
 supervisors how to access it so that they can have it run powerpoint slide
 shows, etc …



 One of the supervisors asked a question about using it as a large display,
 ala a projector, if you will, that he could use to conduct training
 sessions back there with the drivers.  My initial answer was “yeah we can
 do that … “ but then I thought about it for a minute and was like “… oh
 wait …  that won’t work.”  I was just going to have him rdp onto the
 session but ….  as I’m sure most in here know the local display will go
 blank when hijacked in such a manner.  L



 Are there **any** native, and preferably free, windows solutions to get
 remote control of a remote machine AND have that machines screen NOT go
 blank AND not require any user intervention?  ( ie; yeah – let Brian the
 supervisor connect )



 I’ve run the question re: using VNC up to my immediate supervisor (I don’t
 know if it is “illegal” to use here in our company or not …  ).  Hopefully
 they won’t have any issues with it – but if they do – you guys have any
 ideas?



 -=- jd -=-

Re: [NTSysADM] RE: As data loss disasters go...

[Erik Goldoff]

I also was on the list almost from the start.   Very very late 1999 or very
very early 2000 at the latest.  Enough to remember hacks like Chris Peden
posting a firewall config *with* password :)


On Fri, Jun 20, 2014 at 6:29 AM, Rene de Haas rene.deh...@gmail.com wrote:

 I was here allmost from the beginning of the list. Though more lurking. Do
 remember helping Sean Martin once. Then I was still working for Woodward as
 I think Bob was once.


 On Fri, Jun 20, 2014 at 6:22 AM, Michael B. Smith mich...@smithcons.com
 wrote:

  You were here when I got here – late in the last century. You are more
 exempt than I.



 Not many others have been here as long as we have…J



 We post with old bits. J



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Free, Bob
 *Sent:* Thursday, June 19, 2014 7:41 PM

 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 MBS was exempted from the sarcasm tag requirement sometime in the
 previous century….as were a few others…



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 6:23 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 I was in the middle of my first cup of coffee…   I can’t read sarcasm
 till at least 10am.









 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Michael B. Smith
 *Sent:* Thursday, June 19, 2014 9:06 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Sorry, you don’t know me very well. J



 I was being sarcastic.



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 8:28 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Interesting that the article mentions nothing BUT the cloud and they lost
 almost everything.





 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Michael B. Smith
 *Sent:* Thursday, June 19, 2014 8:10 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 The cloud is far more secure.



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 8:03 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Ouch!





 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Gavin Wilby
 *Sent:* Thursday, June 19, 2014 7:08 AM
 *To:* 'ntsysadm@lists.myitforum.com'
 *Subject:* [NTSysADM] As data loss disasters go...



 http://pastebin.com/WvtjMe9T
 https://urldefense.proofpoint.com/v1/url?u=http://pastebin.com/WvtjMe9Tk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=6aff013144ad325a35153e49bf900428a12aca81e38694215bcdfa5099aa178c



 This kinda is at the top of the tree.



 *Gavin Wilby*

 *IT Support Engineer*



 SMP Partners Ltd

 Clinch’s House, Lord Street,

 Douglas, Isle of Man IM99 1RZ

 Tel +44 1624 682214

 Mob +44 7624 480575
 Skype: gavin.wi...@smppartners.com

 *gavin.wi...@smppartners.com gavin.wi...@smppartners.com*
 www.smppartners.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.smppartners.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=5af4575b84be18e1b3915f05313e0b5a629dce9d534be6069dbaffb8cb6efa43



 A member 

Re: [NTSysADM] RE: As data loss disasters go...

[Erik Goldoff]

wasn't there a Precht or something similar on the list back then too ?



On Fri, Jun 20, 2014 at 8:56 AM, Michael B. Smith mich...@smithcons.com
wrote:

  You posted his full name!



 Shame. J



 That was hilarious. Jokes for years!



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Erik Goldoff
 *Sent:* Friday, June 20, 2014 8:53 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* Re: [NTSysADM] RE: As data loss disasters go...



 I also was on the list almost from the start.   Very very late 1999 or
 very very early 2000 at the latest.  Enough to remember hacks like Chris
 Peden posting a firewall config *with* password :)



 On Fri, Jun 20, 2014 at 6:29 AM, Rene de Haas rene.deh...@gmail.com
 wrote:

 I was here allmost from the beginning of the list. Though more lurking. Do
 remember helping Sean Martin once. Then I was still working for Woodward as
 I think Bob was once.



 On Fri, Jun 20, 2014 at 6:22 AM, Michael B. Smith mich...@smithcons.com
 wrote:

 You were here when I got here – late in the last century. You are more
 exempt than I.



 Not many others have been here as long as we have…J



 We post with old bits. J



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Free, Bob
 *Sent:* Thursday, June 19, 2014 7:41 PM


 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 MBS was exempted from the sarcasm tag requirement sometime in the previous
 century….as were a few others…



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 6:23 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 I was in the middle of my first cup of coffee…   I can’t read sarcasm till
 at least 10am.









 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Michael B. Smith
 *Sent:* Thursday, June 19, 2014 9:06 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Sorry, you don’t know me very well. J



 I was being sarcastic.



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 8:28 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Interesting that the article mentions nothing BUT the cloud and they lost
 almost everything.





 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Michael B. Smith
 *Sent:* Thursday, June 19, 2014 8:10 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 The cloud is far more secure.



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Jake Gardner
 *Sent:* Thursday, June 19, 2014 8:03 AM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] RE: As data loss disasters go...



 Ouch!





 Thanks,



 Jake Gardner

 IT Administrator

 267-352-2020 Ext. 246

 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.com/k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=a8dc0897d78e3824b501e2708681724f66892247465b264b2368cb9174d7f639



 *From:* listsad...@lists.myitforum.com [
 mailto:listsad...@lists.myitforum.com listsad...@lists.myitforum.com] *On
 Behalf Of *Gavin Wilby
 *Sent:* Thursday, June 19, 2014 7:08 AM
 *To:* 'ntsysadm@lists.myitforum.com'
 *Subject:* [NTSysADM] As data loss disasters go...



 http://pastebin.com/WvtjMe9T
 https://urldefense.proofpoint.com/v1/url?u=http://pastebin.com/WvtjMe9Tk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=kGaP6%2F7eteVMLkQLzqIvLmGAZ3f7de%2BctUnTOzNYZ%2Bo%3D%0As=6aff013144ad325a35153e49bf900428a12aca81e38694215bcdfa5099aa178c



 This kinda is at the top of the tree.



 *Gavin Wilby*

 *IT Support Engineer*



 SMP Partners Ltd

Re: Re: [NTSysADM] RE: As data loss disasters go...

[Erik Goldoff]

Operating System ?  Service Pack ?


On Fri, Jun 20, 2014 at 1:30 PM, Free, Bob r...@pge.com wrote:

  or what I believe to be the list’s the most-often-recycled bits back
 then that I believe were were the genesis of said link:



 ‘more info please’



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *Andrew S. Baker
 *Sent:* Friday, June 20, 2014 8:45 AM
 *To:* ntsysadm
 *Subject:* Re: [NTSysADM] RE: As data loss disasters go...



 You mean? *http://KB.UltraTech-llc.com/?File=~MoreInfo.TXT
 https://urldefense.proofpoint.com/v1/url?u=http://kb.ultratech-llc.com/?File%3D~MoreInfo.TXTk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=EpJMbaUaXCNV5%2BO235cQ0qLzY0n0DUE9OOsiivZ0Cbk%3D%0As=d897e74a902e9a438df566456c2d14ec88d12e7ce8db82b4e521f24e4a9cae4f*







 *ASB **http://XeeMe.com/AndrewBaker*
 https://urldefense.proofpoint.com/v1/url?u=http://xeeme.com/AndrewBakerk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=EpJMbaUaXCNV5%2BO235cQ0qLzY0n0DUE9OOsiivZ0Cbk%3D%0As=484083cd236c4d22bd2a6cc45713abed2f13f5e0fffc58218c6d460129e62aa3
 *Providing Virtual CIO Services (IT Operations  Information Security) for
 the SMB market…*





 On Fri, Jun 20, 2014 at 10:57 AM, Miller Bonnie L. 
 mille...@mukilteo.wednet.edu
 https://urldefense.proofpoint.com/v1/url?u=http://mailto:millerbl%40mukilteo.wednet.eduk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=EpJMbaUaXCNV5%2BO235cQ0qLzY0n0DUE9OOsiivZ0Cbk%3D%0As=d1e19c05c5bc40eb3c5397705175f500f1fb7eb6ec5644c919557d52bee8170f
 wrote:

 I seem to remember ASB had a great link to his Ultratech site on how to
 provide more information--those were the days... 8)


 -Original Message-
 From: listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith

 Sent: Friday, June 20, 2014 7:29 AM
 To: ntsysadm@lists.myitforum.com

 Subject: RE: [NTSysADM] RE: As data loss disasters go...

 I used to have a canned response about how to ask a question. I wasn't
 the first one that used it, but it was about like using LMGTFY. :)

 (Funny to me, not always so funny to the person it was directed at.)

 -Original Message-

 From: listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] On Behalf Of Jake Gardner

 Sent: Friday, June 20, 2014 9:58 AM
 To: ntsysadm@lists.myitforum.com
 Subject: RE: [NTSysADM] RE: As data loss disasters go...

 The usual answer back then was RTFM not the GTS of today.



 Thanks,

 Jake Gardner
 IT Administrator
 267-352-2020 Ext. 246
 www.ttcdas.com
 https://urldefense.proofpoint.com/v1/url?u=http://www.ttcdas.comk=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0Ar=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0Am=EpJMbaUaXCNV5%2BO235cQ0qLzY0n0DUE9OOsiivZ0Cbk%3D%0As=e7e7cc88da6bb5bbbaca5a228d3ff76e229f94d3db3391acc0caa7c003cb8dbe

   -Original Message-
 From: listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] On Behalf Of kz2...@googlemail.com
 Sent: Friday, June 20, 2014 9:51 AM
 To: ntsysadm@lists.myitforum.com

 Subject: Re: [NTSysADM] RE: As data loss disasters go...

 I think about 2003 for me too.when I was a young(ish) sysadmin looking
 for people to give me the answers I couldn't find via Google.


 Despatched via Blackberry. Mock if you will, but it gets my email without
 a fuss.

 -Original Message-
 From: Dave Lum li...@theitgarage.com
 Sender: listsad...@lists.myitforum.com
 Date: Fri, 20 Jun 2014 06:21:18
 To: ntsysadm@lists.myitforum.com
 Reply-to: ntsysadm@lists.myitforum.com
 Subject: RE: [NTSysADM] RE: As data loss disasters go...

 A quick search puts me here since at least 2003. Dang. It was this list
 where I learned about restricted groups and GPO's (among a million other
 things), I didn't realize I'd been aware of it for so long.

 I've worked with you guys longer than anyone!

  When did the old list start anyway?  I subbed there in ’99 when I
  started here (on recommendation by a co-worker), but don’t think my
  first n00b post came along until aught-aught.
 
  -Bonnie
 

  From: listsad...@lists.myitforum.com

  [mailto:listsad...@lists.myitforum.com] On Behalf Of Rene de Haas
  Sent: Friday, June 20, 2014 3:29 AM
  To: ntsysadm@lists.myitforum.com

  Subject: Re: [NTSysADM] RE: As data loss disasters go...
 

  I was here allmost from the beginning of the list. Though more
  lurking. Do remember helping Sean Martin once. Then I was still
  working for Woodward as I think Bob was once.
 
  On Fri, Jun 20, 2014 at 6:22 AM, Michael B. Smith
  mich...@smithcons.commailto:mich...@smithcons.com wrote:

  You were here when I got here – late in the last century. You are
  more exempt than I.
 

  Not many others have been here as long as we have…☺
 
  We post with old bits. ☺
 
  From:
  listsad...@lists.myitforum.commailto:listsad...@lists.myitforum.com
  [mailto:listsad...@lists.myitforum.commailto:listsadmin@lists.myitfor
  um.com
 

[NTSysADM] recent surge in SPAM

[Erik Goldoff]

Even in my personal GMAIL account, I'm seeing an increase in SPAM, from 2
or 3 per day to 20 to 30 per day ...  the natives must be restless, time to
listen for the drums

Re: [NTSysADM] Do you run Windows firewall on your internal servers?

[Erik Goldoff]

as a rule, I claim that a software firewall should be on every server
unless you have proof of performance degradation or other non-remediated
interference with production operations.  You must remember that not all
threats are external.  Once an internal device is compromised, it can then
be used as a jump point to attack other internal resources.  Hopefully the
firewall logs *also* provide benefit to compliance for audit and forensic
purposes.


On Mon, May 19, 2014 at 11:11 AM, Dave Lum li...@theitgarage.com wrote:

 All y'all leave Windows Firewall on on your servers right? I heard a
 comment recently that Win 2008 R2 and later have so many services off by
 default nowadays, running with it off saves headaches vs. the value it
 adds for servers that are behind our firewall.

 I leave it on and spend the time to make exceptions as necessary -
 sometimes it's frustrating and does take a lot of time, but still it seems
 like the prudent way to go.

 Seems odd to not run it, but I'm willing to change my thinking if I can
 hear reasonable arguments, but they'd have to be pretty convincing...

 Dave

Re: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile security best practices

[Erik Goldoff]

PhD ?  Piled Higher and Deeper ?


On Thu, May 1, 2014 at 8:34 PM, Jon Harris jk.har...@live.com wrote:

 My personal experience working in higher Ed was anyone with a PhD after
 their name always made it hard to take away permissions.  They just felt
 they knew EVERYTHING and anyone without a PhD knew nothing or very little!

 Jon

 --
 From: mich...@smithcons.com
 To: ntsysadm@lists.myitforum.com
 Subject: [NTSysADM] RE: IT sec pros surprisingly cavalier about mobile
 security best practices
 Date: Thu, 1 May 2014 23:52:42 +

  I preach on this to every med-and-large organization I speak with.



 Higher-Ed doesn’t seem to care (mostly), but CSOs and CTOs are very
 interested….



 There are some EXCELLENT solutions for this, for WP7.5+, iOS 6+, BB 10+,
 etc. Android just sucks, but there are some workarounds you can apply to
 get “improved” results (for “secure” Android, you basically have to throw
 away whatever google version you are running, and run one of a couple of
 other Android builds that supports secure containers).



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *David Lum
 *Sent:* Thursday, May 1, 2014 5:37 PM
 *To:* ntsysadm@lists.myitforum.com
 *Subject:* [NTSysADM] IT sec pros surprisingly cavalier about mobile
 security best practices



 http://www.net-security.org/secworld.php?id=16783







 *David Lum*

 *Network System Admin, Information Services*

 *office* 503-265-4728  |  modahealth.com http://www.modahealth.com/

 *I’m excited to announce that ODS Health is now Moda Health. Please make a
 note of my new email address, david@modahealth.com
 david@modahealth.com, so we can stay connected.*

 This message is intended for the sole use of the individual and entity to
 whom it is addressed, and may contain information that is privileged,
 confidential and exempt from disclosure under applicable law. If you are
 not the intended addressee, nor authorized to receive for the intended
 addressee, you are hereby notified that you may not use, copy, disclose or
 distribute to anyone the message or any information contained in the
 message. If you have received this message in error, please immediately
 advise the sender by reply email and delete the message.

Re: [NTSysADM] Start Menu returns

[Erik Goldoff]

Classic Who Moved My Cheese?


On Tue, Apr 8, 2014 at 1:18 AM, Steven Peck sep...@live.com wrote:

 And they have made improvements to it with 8.1 and are making more to it
 with 8.1 update 1.  Evidently they will be making further options available
 later this year.  I will admit, I have a tablet.  Two of them they are slow
 and they are primarily media consumption devices but they give me long
 lasting, light weight, remote access options to my main desktop when on the
 move as both at home and work I use the desktop more (dual monitors too -
 Windows 8.1 at home and 7 at work though soon 8.1 there too ).

 All that said I remember this same venom regarding the now venerated
 'Fisher Price OS' that replaced Windows 2000.  I find it simply tragic that
 people use such violent imaginary about a changed UI and I quote , I
 just hope someone at Microsoft will take the idiotic Metro interface out to
 the back shed and put a bullet in it.  Seriously, it's an OS UI.  One
 that can be overcome with an add on or simply ignored while one clings to
 Windows 7 for 10 more years.

 Half the people on this list were all about Microsoft has to change or
 Android will overcome them and they will die!  SO MS did something new and
 a large vocal part the people in this list got some tar, feathers,
 torches and a mob and started screaming KILL IT, KILL IT.  If I had money I
 would offer to start a fund for these people for some counseling to help
 them calm the heck down and provide measured feedback to Microsoft other
 then put a bullet in it.

 It's evident that MS did a thing in the technology sector that is known as
 'taking a risk'.  This risk has turned out some awesome things like a
 smaller, tighter more secure kernel, separation of the desktop from dotNet
 allowing for Server core deployments which are more useful, the same kernel
 in Windows Phone, desktop, server and Xbox One, better memory management,
 and even a new application system (Modern UI) etc.  Of course taking a risk
 is fraught with ... risk.  In this case angry people who seem to have
 simply lost their minds about adapting or trying to leverage this new
 'thing'.  Also, someone lost his job.  And it seems to perhaps have
 accelerated a leadership change which may be to the better (even though
 most of the stuff talked about at BUILD was obviously in the pipe for a
 while).  And MS is responding to this feedback on the interface.  Later
 this year, some form of the Start Menu appears slated to return so perhaps
 people can slowly start looking at Windows 8 this fall when it has the old
 familiar Mr Fluffy Bear that is the Start Menu (or at least a close cousin
 according to the screen shots).

 End result, I understand some people have issues adapting to it without a
 touch screen.  I haven't and many people I know haven't but there are
 simply some people who seem to have completely lost it and attack any
 mention of it with violent, disturbing imagery and rage that is not
 conducive to constructive conversation.

 Steven



  From: mailvor...@gmail.com
  Date: Mon, 7 Apr 2014 21:30:22 -0400
  Subject: Re: [NTSysADM] Start Menu returns
  To: ntsysadm@lists.myitforum.com
 
  On Mon, Apr 7, 2014 at 6:48 PM, Steven Peck sep...@live.com wrote:
   I just adapted to the new UI design and used it.
 
  The Start page is great on a touchscreen, be it handheld, tablet,
  or touch desk. But it is not well suited to a system without a
  touchscreen. There's plenty of those PCs out there. On a large/multi
  monitor workstation setup, the displays are prolly never going to be
  touch -- they would not be comfortable to reach to if they were. The
  Start page also not great if you have a lot of icons/apps and need a
  hierarchy to organize them. It is certainly still usable in such
  cases, but it's cumbersome and inefficient.
 
  I wouldn't want to use the iOS or Android launchers in such cases,
 either.
 
  -- Ben
 
 

Re: [NTSysADM] wifi network

[Erik Goldoff]

you could use 192.168.0.0/23 which would allow 510 nodes   all depends
on your internal network configuration.  You could also use something
completely different, like a 172.16.0.0 with standard class B mask of
255.255.0.0 , or use 255.255.254.0 for the 510 node limit



On Mon, Apr 7, 2014 at 1:37 PM, J- P jnat...@hotmail.com wrote:

 Hi all,

 I have a job coming up with 500 guests, Obviously our default 192.168.10.x
 will not be adequate to cover the users as it's limited to 253 IP's

 If there are 500 , I'm figuring maybe 350 or so will actually connect,
 what IP/Subnet should I use ?

 (this is only for surfing)

 Thanks.

 J

Re: [NTSysADM] Start Menu returns

[Erik Goldoff]

Start 'menu' or Start 'button'  I saw an update with a Start 'button'
that only jumped to the 'metro' applications



On Thu, Apr 3, 2014 at 8:23 AM, Kennedy, Jim
kennedy...@elyriaschools.orgwrote:

  Could someone point me towards this mythical start menu, because I have
 the update installed and I am not seeing it.



 *From:* listsad...@lists.myitforum.com [mailto:
 listsad...@lists.myitforum.com] *On Behalf Of *James Rankin
 *Sent:* Thursday, April 3, 2014 4:27 AM
 *To:* NTSysADM@lists.myitforum.com
 *Subject:* [NTSysADM] Start Menu returns



 So the Start Menu is coming back to Windows 8!

 Is this a new direction from MS, actually listening to what certain
 subsets of users want? If it is, then I'm impressed.

 I doubt very much they will bring TechNet back to us also thoughI
 think that interferes too much with what they're hoping to do with Cloud OS.

 My 2 cents.



 --

 *James Rankin*
 -
 RCL - Senior Technical Consultant (ACA, CCA, MCTS) | The Virtualization
 Practice Analyst - Desktop Virtualization
 http://appsensebigot.blogspot.co.uk

RE: [NTSysADM] RE: MRTG setup

[Erik Goldoff]

Not sure if you're looking for something specific, but around 2000 or 2002 I
used the MRTG for Dummies documents for a kickstart.

This link *may* help http://www.netmon.org/dummies.htm

Also I seem to remember something called PRTG that did about the same thing
???

Erik

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David McSpadden
Sent: Saturday, January 04, 2014 12:07 PM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: MRTG setup

Thanks.
ASB had me set up nicely with MRTG and Perl on my servers but we have had a
refresh and I did not get the documentation into the server builders so I
have a mix of branch locations reporting MRTG stats on their switches and
some not.
I'll look at some NMS stuff.
Just like the free stuff I can quickly push out and have little expense to
the cost centers.
Thanks again.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Joseph L. Casale
Sent: Saturday, January 04, 2014 11:59 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: MRTG setup

 ASB,
 You have sent me information on setting up MRTG and Perl to get stats from
my switches in the past.
 Can you send me some again?

David,
Are you looking to setup something and forget about it? If not, I can't
stress my own opinion harder than to say Perl is a dead, very ugly language.
I'd do something with Python personally but then again if you plan to do
something at any scale with more than just switches you might look at an NMS
solution.

I use Icinga at a few joints. There, I did my due diligence in attempting to
thwart the proliferation of Perl in lieu of uncountable better languages
that would serve your admin duties way better:)

Good luck,
jlc


This e-mail and any files transmitted with it are property of Indiana
Members Credit Union, are confidential, and are intended solely for the use
of the individual or entity to whom this e-mail is addressed. If you are not
one of the named recipient(s) or otherwise have reason to believe that you
have received this message in error, please notify the sender and delete
this message immediately from your computer. Any other use, retention,
dissemination, forwarding, printing, or copying of this email is strictly
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Happy New Year!

[Erik Goldoff]

Agreed !  Thanks to all and a Happy New Year.
-Erik

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Maglinger, Paul
Sent: Tuesday, December 31, 2013 4:04 PM
To: New NT System Admin List (NTSysADM@lists.myITforum.com)
Subject: [NTSysADM] Happy New Year!

Thanks to everyone for sharing your experience and providing your help over
the past year.
Have a happy and prosperous new year! 
 
-Paul 

RE: [NTSysADM] Free Powershell training videos

[Erik Goldoff]

Nice, thanks !

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Crawford, Scott
Sent: Saturday, December 28, 2013 11:35 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Free Powershell training videos

 

I don't think I've seen this posted yet. These are pretty fantastic.

http://www.sapien.com/blog/2013/12/23/sapiens-full-powershell-video-catalog-
now-on-you-tube/

Sent from my Windows Phone

RE: [NTSysADM] Shrink the size of winsxs other places, new tool avail

[Erik Goldoff]

The Symantec result from VirusTotal was WS.Reputation.1 , that wasn't a
signature match, it was a result of their Insight reputation database.  Just
like when doing manual load point analysis of suspicious files, I would
Google the filename.  Three possible outcomes :

1.   Known file for a reasonably long time, known safe

2.   Known file for a reasonably long time, known malicious

3.   New file not yet known, not enough information to declare safe but
also not enough known to declare as malicious.   

 

Most commercial software will fall under category #1, most known malware
will be category #2.  Category #3 can include both new benign files, but
also newly released malware, so new not in signatures yet.

 

Hence the Reputation flag as potential malware.

It remains to be seen after a reasonable amount of time if it is
declared safe or malicious

 

 

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Arma Rayo
Sent: Thursday, December 05, 2013 8:45 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Shrink the size of winsxs  other places, new tool
avail

 

Hi all, again :)

I have read all that information from MS regarding shrinking WinSxs folder.
While it is true that one cannot just go and delete here and there without
knowing what to delete, because it might hurt the
installer/uninstaller/repair/patch/unpatch functions of the OS, MS has had
to jargon about that do not touch it as a general rule, as otherwise most
people would not know what they're doing.

MS states in the KB discussing the size of WinSxs, that they don't really
recommend deleting stuff there, but also they aren't saying that it would be
the ultimate hazard, no. 

As I wrote before the Windows Update Clean tool is very in the know of what
can be deleted and what cannot. It's careful and precise.  It only deletes
old versions: obsolete and invalid hasbeen Windows files that are replaced
by new ones. The tool also links those deleted item locations to point to
the latest - newest files that are in use.

After scanning, the tool lists the locations that has stuff to remove, but
marks the locations as either Delete or Retain, and the user can opt-in and
opt-out these recommendations. The tool also shows how much it's able the
free up space.

In my previous post I wrote 3GB away, I just want to clarify that the tool
didn't shrank my Winsxs from 11GB to 3GB, no, but it was able to shrink the
size of Winsxs and few other locations all together 3GB, so 3GB of space was
freed up from my precious SSD. (in addition to what CDM Dism or Disk Cleanup
could free up by removing SP1 uninstallability. The same with the tool in
question, after using the tool Windows updates cannot be rolled back(!). But
Office updates can be rolled as the tool always suggests to retain MSOcache.

I understand where you stand and want to get confirmation regarding this
tool. That's good. I want it too. I was very surprised to see that Virus
Total's 40+ engines 2 marked it at least suspicious. Then again it doesn't
surprise that some engines marked it, solely because of behaviour analysis;
after all the tool goes into core Windows folders and deletes stuff there.

I think that the author(s) of the the tool should be informed about Virus
Total results in the hopes of fixing it. But I'm kind of lazy to register
into that Chinese forum.. When I found about this tool I expected some more
fancy website made for it that mixed language forum post. Certainly if the
tool would be malware they haven't thought of marketing strategists as the
forum topic is to raise more questions than a sleek website page would.

After using the tool I have not only done a complete virus scan of my system
with Avast 9, but also I have used 3 different rootkit scanners and all
together not a single issue found. (nor that using the tool has impacted the
performance of my Win 7 pro x64). I used kaspersky, Comodo and Avast rootkit
scanners, no issues found.

How I found the tool? I was looking for 3rd party plugins inorder to make
Windows Explorer tabbed, I came across this: http://ejie.me/ and then this:
http://ejie.me/windows-update-clean-tool/ (don't use DL links there as it
links to older version, latest version here:
http://www.chuyusoft.com/thread-274-1-1.html) Oh yeah, btw, I found that
tabbing Windows Explorer is better not to try as those few plugins out there
seem to mess more than do good. Same with that Clover 3 plugin, it doesn't
even work with x64.

So, here's my story about the tool. Take it or leave it, no one forces to
use the tool. Since it was some 2 weeks i used it I should be seeing some
malware action going on.. if there would be malware? But my very strictly
configured Comodo Firewall (with Defense+) and Avast antivirus haven't
alerted a single thing. Nor did full system scan and nor did using 3
different rootkit scanners. I also use Sysinternal tools and I don't see any
signs of malware.

But as people 

RE: [NTSysADM] I wonder if I should put this up on ebay...

[Erik Goldoff]

Are the disks 5-1/4 or 8 ???

:)

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kurt Buff
Sent: Wednesday, November 13, 2013 3:34 PM
To: NTSysADM@lists.myitforum.com
Subject: [NTSysADM] I wonder if I should put this up on ebay...

I was just handed a box by our Document Control manager, which she found while 
cleaning out an old cabinet.

It's red, and says ELS Netware 286 Level I Kit

It's got all the disks and manuals.

Kinda cool...

Kurt

RE: [NTSysADM] OT-ish: Laptop

[Erik Goldoff]

About half a year ago or so, I bough a Lenovo Twist, it came with Windows 8,
and has a touch screen.  Ultrabook size, but the screen spins to make the
unit basically a heavy tablet.  4GB RAM, i5 CPU, and 320GB hard drive, got
it around $700 U.S. shipped, I think from Staples at the time.

Not the absolute best, but for me was the best for the money, next class up
in laptop added at least $300 to the price.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Rankin, James R
Sent: Friday, October 25, 2013 5:50 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] OT-ish: Laptop

I need a new laptopanyone have any recommendations in this arena?

I like fast, I like nice-lookingbut I also hate spending a lot of money,
maybe about 700 English pounds would be my budget? I don't really do much
besides browse, watch movies and work on documents, although it might be
nice to have decent battery life and maybe be able to run a CPU-intensive
game like Football Manager.

I prefer to run Windows, but I'm open to all options really. Just looking
for some recommendations as to what type/model people find good, rather than
expecting anyone to do the research for me :-)

Cheers,



JR

Sent from my (new!) BlackBerry, which may make me an antiques dealer, but
it's reliable as hell for email delivery :-)

RE: [NTSysADM] OT: naming for service ID's

[Erik Goldoff]

More work for the second, but better with regards to security processes ,
yes, self documenting, and capable of granular permissions to follow concept
of least privilege.

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Christopher Bodnar
Sent: Tuesday, October 08, 2013 10:00 AM
To: NTSysADM@lists.myitforum.com
Subject: [NTSysADM] OT: naming for service ID's

 

Just looking for opinions here: 

Say you have multiple directory repositories across your development
platforms (UAT, SIT, Dev, SIT, Prod, etc ...). Each with it's own directory
(LDAP, AD, etc). 

When you name your service accounts across the environments, do you prefer
to note the environment in the name? For example do you do this for each
service ID for an application: 

Widget_ServiceID1 

So the name would be the same in each directory for that application? 

Or would you do something like this? 

Widget_ServiceID1_Dev 
Widget_ServiceID1_UAT 
Widget_ServiceID1_Prod 

I prefer the latter solution, and a colleague of mine vehemently objects to
this. My reasoning is that when referencing the name of the account in
e-mail, or discussions, it's self documenting. You immediately know what
environment they are talking about. 


Thoughts? 

Thanks 


Christopher Bodnar 
Enterprise Architect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services 


Tel 610-807-6459  
3900 Burgess Place, Bethlehem, PA 18017 
 mailto: christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

 http://www.guardianlife.com/ www.guardianlife.com 




- This message, and any attachments
to it, may contain information that is privileged, confidential, and exempt
from disclosure under applicable law. If the reader of this message is not
the intended recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited. If you have received this message in error, please notify the
sender immediately by return e-mail and delete the message and any
attachments. Thank you. 


image001.jpg

RE: [NTSysADM] Quiet Monday

[Erik Goldoff]

Yep, your message at 7:01pm was the first in my inbox for the list all day.

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Jon Harris
Sent: Monday, September 30, 2013 7:01 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Quiet Monday

 

Today is way too quiet. 

RE: [NTSysADM] OT: A completely modular phone

[Erik Goldoff]

 Another technical issue is that antennas need to be of certain sizes and
shapes to work properly.  You can't just have a tiny block for an antenna
and get good performance

Ah, but that's the beauty that fractal math adds to science.  That's why no
more whip/stick antennas, they're all internal fractal designs


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ben Scott
Sent: Monday, September 23, 2013 8:28 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] OT: A completely modular phone

On Mon, Sep 23, 2013 at 7:56 PM, Michael B. Smith mich...@smithcons.com
wrote:
 However, let us remember, the original IBM PC. IBM published all the 
 info and there were many copies. However, the original BUS design was 
 crap. Eventually, that caused a re-design of the entire PC (leaving 
 out a lot of history there, but true nonetheless).

  Right, but some of the history you leave out is significant.  During the
times of transition, it was common to have more than one interface type in a
system.  ISA and EISA co-existed, ISA and VLB co-existed, ISA and PCI
co-existed, PCI and PCIe co-existed.  One saw PCI, ISA, and VLB on the same
mobo.  Checking now, I find boards with PCIe, PCI, and ISA slots.[1]  At no
point did everything need to be thrown away.
There was no flag day.[3]

  If we want to posit the modular phone, we might posit such an upgrade path
there, too.[4]

  Now, durability of the interconnect, that might be a bigger problem.
 Phones get beat up a lot more than most modular connectors.

  Another technical issue is that antennas need to be of certain sizes and
shapes to work properly.  You can't just have a tiny block for an antenna
and get good performance.

-- Ben

[1] Dang ISA just won't die.[2]

[2] There's a reason for this beyond the usual legacy inertia.  ISA is
basically just most of the 8086 CPU pins brought to a card edge connector,
which makes it cheap and easy to hook into, as long as you can live with the
limitations.

[3] http://www.catb.org/jargon/html/F/flag-day.html

[4] We have to speculate, as absolutely no technical information is provided
on Phonebloks.[5]

[5] I strongly suspect technical detail simply doesn't exist, and the whole
thing was dreamed up by someone as a neat concept, but without much
understanding of the engineering needed.

Re: [NTSysADM] Think strategically, not tactically..

[Erik Goldoff]

I think more of what you want to do, not the details of how to do it.
 On Sep 17, 2013 3:33 PM, David Lum david@nwea.org wrote:

  So….I need to come up with a way to better approach some situations and
 think more strategically and less tactically. When it comes to systems
 management (servers, endpoints, troubleshooting, etc.), what does that look
 like? Can someone shoot some examples out?

 ** **

 Brain cramp. Sure I can Google this, but let’s pretend I work for you and
 am asking for guidance J.

 ** **

 Dave.

RE: [NTSysADM] OT: Speaking in public

[Erik Goldoff]

Just practice the presentation by yourself a few times, with a digital clock
present.  Get a feel for how long each slide/point takes, and form a
comfortable rhythm.

But also, coming in the last spot, be prepared to have your allotted time
shortened if the others go long.  That's happened to me a few times, had to
compress a 30 minute presentation down to 15 minutes more than once.
Practice helps you know the material forwards and backwards, knowing where
you can speed up and where you still want to make a dramatic statement.

And most of all , HAVE FUN 


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of kz2...@googlemail.com
Sent: Wednesday, September 11, 2013 4:17 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] OT: Speaking in public

Next week, against my better judgement, I'm doing my first ever bit of
technical presentation in front of an audience...and because my submission
was apparently different and interesting, I'm going on last out of six
presenters :-(

Just wondering if anyone on the list (particularly the conference veterans)
have any tips or hints to share around this sort of thing (besides having
about five or six beers first)? I'm not a natural public speaker or
limelight-seeker, I write much better than I talk :-(

All input appreciated!


JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

RE: [NTSysADM] OT: Speaking in public

[Erik Goldoff]

Camtasia ?

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of kz2...@googlemail.com
Sent: Wednesday, September 11, 2013 5:07 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] OT: Speaking in public

 

Actually, while I'm on, what's a good piece of software for capturing videos
of my lab screens that I can embed into my presentation?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

  _  

From: Kevin Lundy klu...@gmail.com 

Sender: listsad...@lists.myitforum.com

Date: Wed, 11 Sep 2013 17:02:38 -0400

To: NTSysADM@lists.myITforum.com
mailto:NTSysADM@lists.myITforum.com%3cntsys...@lists.myitforum.com
ntsysadm@lists.myitforum.com

ReplyTo: ntsysadm@lists.myitforum.com 

Subject: Re: [NTSysADM] OT: Speaking in public

 

You don't want to remember lines.  The audience knows when you are reading
to them, even if the reading is memorized.

 

The trick I used for that is never writing full sentences in my notes.  Just
a keyword or two to remind you what the next topic is supposed to be.

 

On Wed, Sep 11, 2013 at 4:54 PM, kz2...@googlemail.com wrote:

Thanks guys for all the input, it is very much appreciated.

I'm only supposed to be on for 15-20 mins.

What bothers me the most is trying to remember my lines (although I guess
the PowerPoint slides will make good prompts) and the possibility of getting
some left-field questions at the end.

All the advice has been excellent so far, plenty of good pointers for me to
go to work on.

Cheers,



JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Kurt Buff kurt.b...@gmail.com
Sender: listsadmin@lists.myitforum.comDate: Wed, 11 Sep 2013 13:45:15
To: ntsysadm@lists.myitforum.com
Reply-to: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] OT: Speaking in public

How long is your presentation supposed to last? If it's relatively
short 10-20 minutes, give your talk to a neighborhood 10 year old - or
your own, if you have one. If you can keep that audience interested,
you a) know your subject and b) know how to work an audience.

Videotaping yourself and critiquing it is decent advice, too.

Webster's advice is pretty good too.

Don't practice in the mirror - it's not worth it.

Do not speak from your notes by rote - they'll know, and be bored.

Kurt

PS You only need one beer, but it should be 24oz of a good Belgian
style quadrupel, roughly 10% by volume. :)



On Wed, Sep 11, 2013 at 1:17 PM,  kz2...@googlemail.com wrote:
 Next week, against my better judgement, I'm doing my first ever bit of
technical presentation in front of an audience...and because my submission
was apparently different and interesting, I'm going on last out of six
presenters :-(

 Just wondering if anyone on the list (particularly the conference
veterans) have any tips or hints to share around this sort of thing (besides
having about five or six beers first)? I'm not a natural public speaker or
limelight-seeker, I write much better than I talk :-(

 All input appreciated!


 JR


 Sent from my Blackberry, which may be an antique but delivers email
RELIABLY





 

RE: [NTSysADM] RE: Looking for Hyper-V server hardware

[Erik Goldoff]

Even with relatively small (160GB), old hard drives a good deal  [ I really
doubt at this price that those are not original/previous owner drives with
years of spin already on them]

 

I might have to pick up one or two , thanks for the link David

 

-EG

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Steven M. Caesare
Sent: Monday, August 26, 2013 9:25 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] RE: Looking for Hyper-V server hardware

 

Wow. $400? That's impressive.

 

-sc

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David Lum
Sent: Monday, August 26, 2013 9:20 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] RE: Looking for Hyper-V server hardware

 

I missed these recommendations (I was on PTO last week) so I ended up paying
$400 for one of these:

http://www.ebay.com/itm/Dell-Poweredge-C1100-1U-2X-XEON-QC-L5520-2-26GHZ-4x1
60GB-HDD-48GB-DDR3-Warranty-/251263380756?pt=COMP_EN_Servers
http://www.ebay.com/itm/Dell-Poweredge-C1100-1U-2X-XEON-QC-L5520-2-26GHZ-4x
160GB-HDD-48GB-DDR3-Warranty-/251263380756?pt=COMP_EN_Servershash=item3a807
6ed14 hash=item3a8076ed14

 

On powering up it turns out I have one of this guys' 72GB RAM offerings, but
it loaded Server 2012 Standard just fine and I was able to move my Hyper-V
guests over no sweat. It doesn't come with a CD-ROM drive and reading forums
it's not really recommended for an SMB solution but for my lab uses it's
perfect.

 

Troubleshooting my PowerEdge 840 (long story on why I didn't do this before
ordering the C1100), turns out the BIOS dropped the settings of two of the
four SATA drives (unknown) and changed the boot order from 0-1-2-3 to
2-1-0-3. Resetting the drive info to what I'd expected brought the server
back to normal operating condition. I will simply turn it into an iSCSI
target.

 

Dave

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ken Schaefer
Sent: Saturday, August 17, 2013 3:20 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] RE: Looking for Hyper-V server hardware

 

For the workload you've mentioned, I'd just get a HP Microserver. Cheap,
quiet, cool.

 

Get 2 x SSDs for whatever needs fast disk, and 2 x WD Blacks or Reds for
anything that needs bulk storage.

 

The latest gen (G8) has iLO, 2 x GB Nics, 4 drive bays, 16GB RAM supported.

 

Cheers

Ken

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David Lum
Sent: Saturday, 17 August 2013 5:00 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] RE: Looking for Hyper-V server hardware

 

I don't need 32GB, but I plan to run Exchange 2013 which would be my main
RAM-eater, the rest don't really need much RAM. I could probably get away
with 16GB if I had to, the Exchange would exist for testing migration from
on-prem to Office365 more than anything.

 

Dave

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Andrew S. Baker
Sent: Friday, August 16, 2013 11:52 AM
To: ntsysadm
Subject: Re: [NTSysADM] RE: Looking for Hyper-V server hardware

 

Why do you need 32GB to manage that?

I have a host managing more VMs (5 currently) with 16GB RAM, and I was doing
some streaming on it for a while.

An i3 would be okay, but an i5 would be excellent.(I'm running two
different Hyper-V boxen with quad-core E3-1235 processors.)




 

 


ASB
 http://xeeme.com/AndrewBaker http://XeeMe.com/AndrewBaker
Providing Virtual CIO Services (IT Operations  Information Security) for
the SMB market.

 

 

On Fri, Aug 16, 2013 at 1:33 PM, David Lum david@nwea.org wrote:

Hmm.maybe I'm thinking too narrow of a box (see what I did there?). Looks
like all i-series CPU's support Hyper-V too.

 

Thinking further..I have a PC that we mainly use to stream
HULU/Netflix..would it be feasible to use a Hyper-V server and one VM be the
entertainment system/HDMI output with other VM's running in the background?
It looks like if I can use SLAT (Intel's I processors do). Anyone doing
this?

 

Hyper-V server with 

1 Media workstation VM leveraging good video card for streaming 1080 video
outputting to TV via HDMI

1 VM that is a server OS

1 VM that is generic workstation client

 

Dave

 

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Ken Cornetet
Sent: Friday, August 16, 2013 7:57 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Looking for Hyper-V server hardware

 

I'd think whiteboxing would not be viable since a Xeon proc and 32GB of RAM
will just about consume your $500 right off the bat.

 

Why does it have to be a Xeon? A quad core i5 whitebox might be doable for
$500.

 

 

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David Lum
Sent: Friday, August 16, 2013 10:19 AM
To: NTSysADM@lists.myITforum.com
Subject: [NTSysADM] 

RE: [NTSysADM] Looking for Hyper-V server hardware

[Erik Goldoff]

For between $500/$600 last weekend, I picked up from Microcenter

New i7 4770 quad core CPU with HT

16GB RAM

700 Watt modular power supply (Corsair)

Large mid tower case (Corsair)

Gigabyte Z87X mobo  with 8 SATA 3 (6mb/s) ports, can do 2 in Raid 0/1, other
6 Raid 0/1/5/10

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David Lum
Sent: Friday, August 16, 2013 10:19 AM
To: NTSysADM@lists.myITforum.com
Subject: [NTSysADM] Looking for Hyper-V server hardware

 

My old home lab PowerEdge 840 server is giving me issues so I'm looking to
upgrade, looking to spend ~500 (can be used, obviously!). Ideally I'd like a
tower server populated with 32GB RAM. I'm not picky on brand (partial to
Dell because that's what my clients run, but not a requirement) but do want
Xeon instead of the AMD equivalent.  The closest I can find is a Dell T300
populated with 24GB RAM for about $500 shipped, which would work (the 840
has only 8GB RAM!).

 

Since this is for my home lab I don't mind building a white box system
either. Suggestions anyone? Dell Outlet prices are out of my price range.

 

. Tower

. Xeon proc

. 24+GB installed

. HDD's / optical drive not necessary, I have my own

David Lum 
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764

 

RE: [NTSysADM] Bandwidth speed test between two LANs

[Erik Goldoff]

Well, you could always do an FTP transfer of a large known file (like an ISO
image) over the link and time it.  Divide the size by the time and you'll
get a real world answer.  

And in this case, yes, FTP will provide a faster throughput than a Windows
SMB file copy (especially before Win8/Server2012).


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David McSpadden
Sent: Friday, August 09, 2013 11:42 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Bandwidth speed test between two LANs

No the communication provider is saying all the Windows based apps are junk
because anything running over Windows depreciates the packets with excess
overhead.
???
But a linux to linux or IOS to IOS test would be sufficient to prove or
disprove  the amount of bandwidth.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Tim Evans
Sent: Friday, August 9, 2013 11:26 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Bandwidth speed test between two LANs

I don't think so (see jperf). I think it's that the people that write these
utilities are command line junkies.

.Tim


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of David McSpadden
Sent: Friday, August 09, 2013 7:48 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Bandwidth speed test between two LANs

Does windows really depreciate the tcp packets so much that gui tools are
useless?


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Tim Evans
Sent: Friday, August 9, 2013 10:33 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Bandwidth speed test between two LANs

As long as we are listing all the options, Sysinternals has psping which can
measure bandwidth too.

.Tim


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Bourque Daniel
Sent: Friday, August 09, 2013 6:37 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Bandwidth speed test between two LANs


There is also TTCP that's allready buildin Cisco router (router to router)
and you can also use PCATTCP for PC to router or pc to pc test

http://www.netcordia.com/resources/network-monitor/network-monitor-3-1.asp#3
http://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a00800
94694.shtml
 


-Message d'origine-
De : listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
De la part de Kurt Buff Envoyé : 9 août 2013 01:33 À :
ntsysadm@lists.myitforum.com Objet : Re: [NTSysADM] Bandwidth speed test
between two LANs

Others have suggested jperf or iperf.

Here's a good link on using it, for starters
http://port135.com/2012/02/16/what-is-iperf-jperf-and-xjperf-how-can-you-use
-them-to-test-network-performance/

On Thu, Aug 8, 2013 at 4:43 AM, David McSpadden dav...@imcu.com wrote:

 I have upgraded my 2 busiest LANs to 100MB.

 Having a hard time testing.

 I have used SpeedTest.net, says only about 45MB to the Internet.  Reading
some articles that are saying past 40 MB SpeedTest.net poops out.

 I have used Qcheck from ixia for point to point between the two sites and
am getting about the same.

 I have tried wireshark between the two sites and I think it is saying I am
getting 111MB average.

 Can you help a stupid admin read this summary?

 (I used this article:

 http://social.technet.microsoft.com/Forums/windowsserver/en-US/a9878fc
 b-adb6-4851-a7c5-c58ad9b591c2/tool-to-measure-the-actual-communication
 -bandwidth-between-two-windows-machine

 )

 I think I am good from the 1st location to the 2nd location.



 Thank you



 David W. McSpadden



 Begin Planning

 Arrange for Reconnaissance and Coordination

 Make Reconnaissance

 Complete Plan

 Issue Order

 Supervise



 This e-mail and any files transmitted with it are property of Indiana
Members Credit Union, are confidential, and are intended solely for the use
of the individual or entity to whom this e-mail is addressed. If you are not
one of the named recipient(s) or otherwise have reason to believe that you
have received this message in error, please notify the sender and delete
this message immediately from your computer. Any other use, retention,
dissemination, forwarding, printing, or copying of this email is strictly
prohibited.


 Please consider the environment before printing this email.



Mise en garde concernant la confidentialité : Le présent message, comprenant
tout fichier qui y est joint, est envoyé à l'intention exclusive de son
destinataire; il est de nature confidentielle et peut constituer une
information protégée par le secret professionnel. Si vous n'êtes pas le
destinataire, nous vous avisons que toute impression, copie, distribution ou
autre utilisation de ce message est strictement interdite. Si vous avez reçu

RE: [NTSysADM] ISO creator software

[Erik Goldoff]

Trying to remember (need to look in archives on my drive to be sure) but
back in the diskette days I used something called MAKEDSKF or similar ,
imaged a floppy , using DSK extension for the image file.  Or maybe it was
two companion executables, SAFEDSKF and MAKEDSKF , worked pretty reliably.

 

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Jon Harris
Sent: Thursday, July 18, 2013 10:28 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] ISO creator software

 

I will check it out but will it make an image of a floppy?
 
Jon
 

 From: mailvor...@gmail.com
 Date: Thu, 18 Jul 2013 22:23:08 -0400
 Subject: Re: [NTSysADM] ISO creator software
 To: ntsysadm@lists.myitforum.com
 
 On Thu, Jul 18, 2013 at 10:19 PM, Jon Harris jk.har...@live.com wrote:
  There are a lot of ISO software out there and I would like to add this
to my
  Win 8 machine. I am looking for something to create ISO's I have happy
with
  the native burner.
 
 I've been quite happy with CDBurnerXP (free). It does the job
 without unnecessary bloat or bling. Although I don't know if it works
 under Win 8.
 
 -- Ben
 
 

Re: [NTSysADM] Trust relationships failing

[Erik Goldoff]

duplicate machine names, duplicate SIDs, DNS db problems, AD db problems ?



On Thu, Jun 20, 2013 at 2:27 PM, Bill Songstad bsongs...@gmail.com wrote:

 I've recently moved from a small (50 node) network to a 3500 node
 network.  In my last gig, I never had a single machine lose its trust
 relationship and have to be rejoined to the domain in 14 years.  In my new
 gig I get 2-3 of these a month.  Is that normal?  Anybody with a large
 domain never seeing this?

 Thanks for any insight,

 Bill

Re: [NTSysADM] OT - tips on job change etiquette

[Erik Goldoff]

and two weeks notice is more than gracious for leaving a job.  Employers
are not obligated to let you work out the entire two weeks, and in cases of
layoffs/RIFs, you would likely not be given two weeks notice either.
Kudos to you for wanting to do right by your current employer considering
projects on the table, but they put themselves in this posistion by not
living up to your original agreement, for whatever reason.


On Wed, Jun 19, 2013 at 9:51 AM, Don Kuhlman drkuhl...@yahoo.com wrote:

 Morning all.  Just curious as to thoughts from some colleagues in the
 field.

 Say you were in a job as a contractor at a smaller firm, and the job was
 supposed to convert to full time in a few months, but that didn't happen.
  However, your contract is extended several times so you are still at the
 position.  it may end in 6 months after being extended 18. The people at
 the place are really great and the environment is laid back and casual with
 very low stress.

 So you keep your options open and along comes what may be a very good
 opportunity with a large well established place that is insourcing and
 building a new team right in your preferred geography.  It is also a 6
 month contract to start out, but the company wants to make it permanent
 based on all information given.

 Do you share with your current gig that you are checking into this?

 Or if you don't share the info, and you get the offer, how do you tell
 your current gig so as not to burn any bridges?

 And if the new gig was a go, they want an immediate start time (within 2
 weeks) because their outsourced people doing the support are going to be
 gone in that time.  However, you are working on finishing up projects for
 the current gig.

 Any thoughts appreciated.

 Thanks

 Don K

RE: [NTSysADM] Remote Control

[Erik Goldoff]

I used to use Crossloop a few years ago, but I suspect it has fallen out of
favor with the plethora of capable alternatives

 

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Curt Finley
Sent: Tuesday, June 11, 2013 7:33 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Remote Control

 

I've been using LogMeIn to remotely assist users.  However the free license
now supports a limited number of computers.  Can you suggest a tool similar
to logmenin to remote control computers?  The system must be able to connect
to systems behind a firewall on a remote LAN.  Free or cheap (but good) is
preferable.  Thanks for your help.

 

Curt