TweakXP.com - Remove Windows Messenger

April 28, 2004

0 comments  

TweakXP.com - Remove Windows Messenger: Start - Run - then type: RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

Yeah you're supposed to be able to remove Messenger via Add/Remove Windows Components, but it never worked for me. THE DAMN THING WOULDN'T GO AWAY!!

SQL Server Resources

0 comments  

Download details: SQL Server 2000 Books Online (Updated) - Download the updated documentation for Microsoft SQL Server 2000. SQL Server Books Online January 2004 Update includes the complete documentation that shipped with SQL Server 2000 plus revisions.

SQL Server Administration Articles

Microsoft SQL Server: 10 Steps to Help Secure SQL Server 2000

Microsoft SQL Server: Setup and Administration - Tek-Tips Forums: "Microsoft SQL Server: Setup and Administration Forum"

SQL Server Administration FAQ

SQL Server 2000 Webcasts

0 comments  

JSI Tip 3079. SQL Server 2000 Database Recovery: Backup and Restore - Webcast. - "In this session, we will discuss the new SQL Server recovery models, as well as the enhancements made to backup and restore on the newly redesigned SQL Server 2000. We will also talk about the enhancements and challenges you may encounter while deploying log shipping on SQL Server Enterprise Edition. We will also talk about the directions you can use to deal with, and be prepared for, disaster recovery and compare those with previous versions."

JSI Tip 6662. Support WebCast: Microsoft SQL Server 2000 Service Pack 3. - Microsoft SQL Server 2000 Service Pack 3 is the latest and most comprehensive update to SQL Server 2000. This WebCast will feature the changes throughout the product that you must know about, including the addition of Watson to SQL Server.

More attack code surfaces for recent MS security holes - Computerworld

April 27, 2004

0 comments  

More attack code surfaces for recent MS security holes - Computerworld: "Just days after Microsoft Corp. warned its customers about the release of code that can exploit a hole in its Secure Sockets Layer (SSL) library, new code that claims to exploit another recently disclosed hole surfaced on a French-language Web site.
The computer code can be used by a remote attacker to trigger a buffer overrun vulnerability in the Local Security Authority Subsystem (LSASS), according to a message posted to www.k-otik.com. Microsoft released a patch for the LSASS vulnerability, MS04-011, on April 13, along with fixes for the SSL problem and a number of other vulnerabilities (see story). "

Microsoft has RSS feed for Security Bulletins

April 26, 2004

0 comments  

Geek News Central - Microsoft has RSS feed for Security Bulletins - here's the rss link: http://www.microsoft.com/technet/security/bulletin/secrss.aspx

Office 2003 Editions Resource Kit Administrative Updates

0 comments  

Office 2003 Editions Resource Kit Administrative Updates - The Office Resource Kit offers the latest information about deploying administrative updates for Microsoft Office 2003 in your organization. Included here is a comprehensive list of updates released for Office 2003 Editions.

Microsoft Office 2000 to Microsoft Office 2003 Migration Issues

0 comments  

Download details: Microsoft Office 2000 to Microsoft Office 2003 Migration Issues: "This paper explains the basic differences between Microsoft Office 2000 and Microsoft Office 2003 at a cursory level. It describes the obvious changes a user might see in the menu bar user interface and what a user might perceive as a bug, depending on his or her advanced usage of the various Office applications. This paper also provides a summary of the most likely issues an administrator might encounter during and after a migration of Office 2000 to Office 2003. Included is information about several design changes that affect programmatic access to Office application objects, which may also affect custom applications."

Potential Microsoft PCT worm (MS04-011)

April 23, 2004

0 comments  

SecurityFocus HOME Mailing List: BugTraq: "Potential Microsoft PCT worm (MS04-011) - A revised exploit has been released for the PCT flaw in the last 24-hrs by
THC (THCIISSLame.c). For the last few hours we have also been receiving
uncorroborated anecdotal evidence from reliable sources that a working worm
is being trialled on the Internet, in preparation for imminent release. The
primary concern is that this flaw affects unpatched SSL enabled IIS servers,
which could potentially be thousands of hosts."

Active Directory Operations Guide: Appendix B - Procedures Reference

April 20, 2004

0 comments  

Active Directory Operations Guide: Appendix B - Procedures Reference - Awsome reference for various Active Directory Procedures.

Intel(R) IT Manager Game

April 19, 2004

0 comments  

Intel(R) IT Manager Game - A flash game by Intel. You're an IT Manager with a bunch of whiney end-users who all want upgrades. Gain extra budget points by answering trick questions thrown at you by the CEO. It looks fun, but only if it would let me log in (just sits there trying to save my details). I wanna manage the Mickey Mouse Club!!

**Patch Now**

April 16, 2004

0 comments  

Exploits Available For MS04-11 Vulns � **PATCH NOW** :: Internet Security Information & Tools :: All Security, all the time - latest news, tips, and tools and Ask an expert your security question.: "Dave Aitel of Immunity Security has stated publicly that they have released working exploits of two vulnerabilities patched by MS04-011 to their CANVAS customers:"

[Dailydave] wormsSo Immunity released our lsass exploit to CANVAS today, as well as a working ASN.1 exploit (with much credit to Solar Eclipse). One of the great things about the lsass exploit is that not only is it perfectly reliable on all service packs, but it can also not kill the service if it doesn't want to!

Netsky-V worm can infect computers without e-mail attachment being clicked

0 comments  

Hack In The Box - Keeping Knowledge Free - www.hackinthebox.org: "No need to double-click to be infected by Netsky-V the new Netsky-V worm (W32/Netsky-V) spreads without using email attachments to infect. Other widespread versions of the Netsky worm have infected users by tempting them to double-click on an email attachment, but Netsky-V exploits security loopholes in Microsoft's software that mean users can be hit just by reading an email. "

Exchange FAQs

April 15, 2004

0 comments  

Exchange FAQs - Just as the title says, Exchange FAQs for versions 5.5, 2000, and 2003.

Microsoft's April Security Bulletins

April 13, 2004

0 comments  

Microsoft Security Bulletin MS04-011: Security Update for Microsoft Windows (835732) - Security Update for Microsoft Windows (835732) - Critical - Remote Code Execution (a list of vulnerabilities.

Microsoft Security Bulletin MS04-012: Cumulative Update for Microsoft RPC/DCOM (828741) - Cumulative Update for Microsoft RPC/DCOM (828741) - Critical - Remote Code Execution

Microsoft Security Bulletin MS04-013: Cumulative Security Update for Outlook Express (837009) - Cumulative Security Update for Outlook Express (837009) - Critical - Remote Code Execution

Microsoft Security Bulletin MS04-014: Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001) - Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001) - Important - Remote Code Execution

Cooperative Linux (Linux on Windows)

0 comments  

Cooperative Linux- Cooperative Linux is the first working free and open source method for optimally running Linux on Microsoft Windows natively. More generally, Cooperative Linux (short-named coLinux) is a port of the Linux kernel that allows it to run cooperatively alongside another operating system on a single machine. For instance, it allows one to freely run Linux on Windows 2000/XP, without using a commercial PC virtualization software such as VMware, in a way which is much more optimal than using any general purpose PC virtualization software

Default Background

April 09, 2004

0 comments  

I've run into issues with this in the past: a user thinks they're cute and sets up a background but for some reason it always shows up as the default. Here's the reg entries to remove it:

Here's how to change which bitmap displays on the desktop before Windows NT log in: "With a simple registry change, you can change the default bitmap that displays behind the logon prompt in Windows NT 4.0. You will need to have the bitmap you want to use in the Winnt directory, with an 8.3 naming convention name.
Hive: HKEY_USERS
Key: Default\Control Panel\Desktop
Name: Wallpaper
Data Type: REG_SZ
Value: Full path to the bitmap
There are also other Values that apply:
Name: TileWallpaper
Data Type: REG_SZ
Value: 0 for tiling, 1 for no tiling
Name: WallpaperStyle
Data Type: REG_SZ
Value: 0 for normal, 2 for full-screen"

Local Area Security

0 comments  

Local Area Security: "Local Area Security Linux is a 'Live CD' distribution with a small footprint. Containing over 200 information security and administration related tools. As well as a full desktop environment and office productivity applications."

The Metasploit Project

0 comments  

The Metasploit Project: "The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This release includes 18 exploits and 27 payloads; many of these exploits are either the only ones publicly available or just much more reliable than anything else out there. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment."

asleap

0 comments  

asleap home page - [The author] wrote asleap while researching weaknesses in the Cisco proprietary LEAP protocol after I discovered that LEAP uses a modified MS-CHAPv2 exchange to authenticate users. MS-CHAPv2 is very bad.

Setting Users and Autologon (Automagically)

April 08, 2004

0 comments  

Take a look at "addusers.exe" and "usrtogrp.exe" in the W2K Admin Kit.
Batchfile setusers.bat:
addusers /c c:\apps\addusers.txt /p:ce
usrtogrp c:\apps\usrtogrp.txt
regedit /s autologon.reg
exit

addusers.txt:
[Users]
(username),(full name),(password),

usrtogrp.txt:
DOMAIN:localmachine
LOCALGROUP:Administrators
(username)

autologon.reg:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="(username)"
"DefaultPassword"=""
"AutoAdminLogon"="1"


Resources:
autologon
Batch files - Use REGEDIT to add, read, or delete registry values
Windows 2000 Resource Kit - MS website

Personal Message Store Export Utility

April 05, 2004

0 comments  

Personal Message Store Export Utility: "PMSEU was designed to export Internet messages out of Outlook while preserving the Internet headers during export"
At startup PMSEU attempts to locate all message stores. These are displayed in the first list box. Selecting one of the message stores listed in the 1st list box will fill the 2nd list box with all the root level folders in the message store. Selecting a folder in the 2nd list box fills the 3rd list box with any subfolders found in the folder you selected. The utility does not support folders beyond that level but the source code is included if you need to drill farther down. You can export messages out of items listed in either list box #2 or list box #3. Just select a folder to export from, type a filename to export to into the edit box and press the Export button.

816036 - Windows 2000 Crashes with a "Stop 0x000000d1" Error Message

April 03, 2004

0 comments  

816036 - Windows 2000 Crashes with a "Stop 0x000000d1" Error Message

817789 - Computer Stops Responding with "Stop 0x000000D1 Driver_IRQL_Not_Less_Or_Equal" Error Message

0 comments  

817789 - Computer Stops Responding with "Stop 0x000000D1 Driver_IRQL_Not_Less_Or_Equal" Error Message