Eliminating Domain Browsing Errors

December 31, 2003

0 comments  

Eliminating Domain Browsing Errors
- UltraTech® Knowledgebase - See any errors like this on you W2K AD network?: The master browser has received a server announcement from the computer
SMITH that believes that it is the master browser for the domain on
transport NetBT_Tcpip_{00E6B950-C066-4E9E-9EA. The master browser is
stopping or an election is being forced.

This is the result of the (unneeded) Computer Browser service. ASB has a great little article on the UltraTech KB about how to disable this and other unnecessary services, which can result in lower network traffic, more cpu and memory free on the computers, and less headaches in the Event Logs when something goes wrong.

More Disaster Recovery Planning

December 29, 2003

0 comments  

Tips for Preparing Your Disaster or Business Continuity Plan

DISASTER RECOVERY AND PREVENTION
FOR RECORDED INFORMATION
- A GUIDE FOR DEVELOPING A DISASTER PLAN - nice quick DR Plan overview by the State of Missouri.

Designing A Disaster Recovery Strategy (PDF)

SunGard’s Crisis Management Checklists

Playstation 2 Parental Control Bypass

December 28, 2003

0 comments  

Ok, ok, so this has NOTHING to do with Sysadmin issues.. but this is cool anyways. I got this PS2 for my birthday last summer from a pawn shop. My dvd player crapped out this month so I've decided to use the ps2 instead of buying a new one. What's this? Parental lock code? Now I can't watch all of those R-rated movies I've invested so much in. If you ever run into this problem, put in the dvd, reboot the ps2, and at the parental lock password screen press the select button and type in the code 7444 (this is the master code). Now enter your own code. Once the dvd starts, press the select button and choose setup. Press right to go to the "region" menu and change "level" to off. Parental lock bypassed.

Linux for PS2 - for those of you who just need a little more to the sysadmin side, this site helps you run linux on the ps2.

Router Expert: Cool IOS commands

December 18, 2003

0 comments  

Tips & Newsletters-SearchNetworking.com: Router Expert: Cool IOS commands: "This article focuses on working with the IOS image and router configuration files, reviewing the router's default bootstrap behavior, and looks at implementing alternative IOS loading and configuration loading options. We also include an overview of Internetworking File System (IFS) file management tools. "

Create A Personalized Boot Logo Screen

December 11, 2003

0 comments  

Quick link: Create A Personalized Boot Logo Screen:

No Christmas patches from Microsoft

0 comments  

No Christmas patches from Microsoft - Computerworld: "Microsoft Corp. has an early holiday gift for systems administrators: no monthly security patch release this month. "

Security Experts Warn of New Way to Attack Windows

December 10, 2003

0 comments  

More proof that firewalls aren't always the only answer:

Security Experts Warn of New Way to Attack Windows - Microsoft Corp. issued a patch for the vulnerability in November, but the security bulletin also listed several workarounds for the flaw, including disabling the Workstation Service and using a firewall to block specific UDP and TCP ports. But penetration testers at Core Security Technologies, a Boston-based security company, discovered a new attack vector that uses a different UDP port. This attack still allows the malicious packets to reach the vulnerable Workstation Service.

The Second Coming of Slammer?

0 comments  

Techweb > News > Windows Messenger Service security woes > Big New Chink Found In Windows Messenger Service > December 9, 2003 - According to analysis done by Symantec's DeepSight Threat Analyst Team, the Windows Messenger Service vulnerability can be exploited by a single UDP broadcast, allowing a wholesale compromise of all vulnerable systems on the targeted network.

“If I can exploit one single box on your network, I can exploit all of them,” Huger added.

“An application doesn't care about UDP,” said Huger. “It takes the packet, period, with no authentication.”

A worm just 2.7K in size would be enough to simultaneously infect up to 254 machines. Although that's larger than the minute 376 bytes used by SQLSlammer, “the difference is really trivial,” Huger said.

Not only might such a worm spread faster than Slammer, its damage could significantly outweigh Slammer's damage, for it would have a much greater number of potential targets. The Windows Messenger Service vulnerability exists not just in enterprise machines -- as with Slammer -- but also countless home computers running Windows.

20 Great Google Secrets

December 09, 2003

0 comments  

20 Great Google Secrets

Secunia - Advisories - Yahoo! Messenger "yauto.dll" Buffer Overflow Vulnerability

December 03, 2003

0 comments  

Secunia - Advisories - Yahoo! Messenger "yauto.dll" Buffer Overflow Vulnerability: "A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the ActiveX component 'yauto.dll' in the 'Open()' function. This can be exploited to cause a buffer overflow by supplying an overly long argument to the vulnerable function via a malicious web page."

Script Center email list: Scripting Newswire

0 comments  

From the MSDN scripting.vbscript newsgroup:

"If you would like to keep informed of the latest additions to the Script
Center, receive beta copies of scripting utilities, and otherwise keep
up-to-date on what's going on in the world of scripting, subscribe to the
Scripting Newswire. To subscribe to this free service (which is nothing more
than periodic emails sent by the Scripitng Guys), send mail to
scripter@microsoft.com, with the subject line Subscribe.
"

Help Net Security - Scripting flaws pose severe risk for IE users

December 02, 2003

0 comments  

Help Net Security - Scripting flaws pose severe risk for IE users: "A set of five unpatched scripting vulnerabilities in Internet Explorer creates a mechanism for hackers to compromise targeted PCs."