Posts by CimmerianX

Check to make sure you only have 1 vss writer on the server:
"vssadmin list writers"

Multiple writers sometimes cause issues.

You could try a full VSS reset:

net stop "System Event Notification Service"
net stop "Background Intelligent Transfer Service"
net stop "COM+ Event System"
net stop "Microsoft Software Shadow Copy Provider"
net stop "Volume Shadow Copy"
cd /d %windir%\system32
net stop vss
net stop swprv
regsvr32 /s ATL.DLL
regsvr32 /s comsvcs.DLL
regsvr32 /s credui.DLL
regsvr32 /s CRYPTNET.DLL
regsvr32 /s CRYPTUI.DLL
regsvr32 /s dhcpqec.DLL
regsvr32 /s dssenh.DLL
regsvr32 /s eapqec.DLL
regsvr32 /s esscli.DLL
regsvr32 /s FastProx.DLL
regsvr32 /s FirewallAPI.DLL
regsvr32 /s kmsvc.DLL
regsvr32 /s lsmproxy.DLL
regsvr32 /s MSCTF.DLL
regsvr32 /s msi.DLL
regsvr32 /s msxml3.DLL
regsvr32 /s ncprov.DLL
regsvr32 /s ole32.DLL
regsvr32 /s OLEACC.DLL
regsvr32 /s OLEAUT32.DLL
regsvr32 /s PROPSYS.DLL
regsvr32 /s QAgent.DLL
regsvr32 /s qagentrt.DLL
regsvr32 /s QUtil.DLL
regsvr32 /s raschap.DLL
regsvr32 /s RASQEC.DLL
regsvr32 /s rastls.DLL
regsvr32 /s repdrvfs.DLL
regsvr32 /s RPCRT4.DLL
regsvr32 /s rsaenh.DLL
regsvr32 /s SHELL32.DLL
regsvr32 /s shsvcs.DLL
regsvr32 /s /i swprv.DLL
regsvr32 /s tschannel.DLL
regsvr32 /s USERENV.DLL
regsvr32 /s vss_ps.DLL
regsvr32 /s wbemcons.DLL
regsvr32 /s wbemcore.DLL
regsvr32 /s wbemess.DLL
regsvr32 /s wbemsvc.DLL
regsvr32 /s WINHTTP.DLL
regsvr32 /s WINTRUST.DLL
regsvr32 /s wmiprvsd.DLL
regsvr32 /s …

Check the routers for the newest firmware just to cover any software bugs.

Turn off all Intrustion Detection systems on the router (if any).
Turn off all firewall features on the router (if Any)
Remove any blocked keywords if your router has that feature (remember block the word 'sex' and www.marsexplorer.com will also be blocked.

Sure.

Edit /etc/fail2ban/jail.conf

Add in the line:

bantime = 600 
maxretry = 3

So after 3 attempts, the IP is banned for 5 min.

You can allso add in IPs to ignore so they never get banned:

ignoreip = 127.0.0.1 1.1.1.1 2.2.2.2

Fail2Ban gets my vote also. We use it on every server installation.

It will watch for auth failures. AFter a certain number of failures you can block the source IP for a set time or forever.

For me, I usually do 5 missed auths gets you a 20 minute ban. And I have it email me so I can watch for recurring attempts.

For root, you can also do 'sudo -i'.

I"m with ITG-JM. If it's only for 1 user (you), then use a VPN client on your machine.

Your DL speed is usually going to be measures in bits, not bytes. So a 52 Kb/s is 6.5 kB/s. Lets make sure we have the measurements correct here.

To verify your connection, use speedtest.net or any online speed testing tool.
Make sure you are the only user of the connection with no one else sharing it.

DL speed is also not just dependent on your speed, it is also affected by the distance/latency to the remote server, load on the remote server, etc...

What model is the current router?

If the router that connects public wifi to the internet will ALSO be used to create a VPN tunnel, this is still a safe config if done correctly.

Just separate out the public wifi space from the private space in 2 VLANs isolated from each other. Both route outbound. THe VPN tunnel is built to match the interesting traffic to only the private wifi subnet.

I do this all the time.

>>How did this IT person explain that a person could connect back to the work network through a public wifi?

I think he meant that he wanted to take a router and connect it downstream from the public wifi router. So that his wan port is connected to the public router and he offers his own wifi. His router would then create a peer to peer vpn tunnel.

#1 - most consumer routers will not let you connect WAN to a wifi network.
#2 - if somehow you got around #1, if you leave your wifi open, then yes, everyone could connect to the remote network.
#3 - Your IT person should have suggested just using a client on your PC.

What I mean is, if all you are after is a backup of the drive. Clone the VM, then power off the clone and backup THAT vmdk file.

What are the minimum requirements on the 'Grand Chase' game? Does the new PC meet these.

So you have a VGA vid card, but what kind is it? Do you have the model? If you are jut short a driver, the manufacturer site should provide the download for you.

Why not just clone the machine ?

http://www.mytricks.in/2011/09/guide-working-with-vmware-workstation-8.html

Looks like it wants to install on a 32 bit system or different hardware. What distro are you running?

We have another windows convert. Welcome to your new OS.

So there are some differences in the directory structure between the 2. As a primer, read the following:
http://ictom.wetpaint.com/page/Windows+vs+Linux+File+System
http://www.freeos.com/articles/3102

Keep this handy reference taped to your wall until you are used to it.
http://www.thegeekstuff.com/2010/09/linux-file-system-structure/

I don't think I've ever used a Linux AV program. rubberman mentioned ClanAV which is good. But it is very difficult to get any infection in Linux if you aren't running as 'root' which you shouldn't be doing anyway.

Ubuntu makes a 'netbook' edition for download. http://www.ubuntu.com/ubuntu HAve you tried that?

Also running the install iso from a usb stick is very easy. I do it all the time. I can't remember the last time I burnt an ISO to a CD.
http://www.ubuntu.com/download/ubuntu/download Look at step 2 for your info.

You probably have a 172.68.50.0 255.255.255.0 subnet. Is that a correct assumption?

If it is, you can double your hosts by changing the subnet mask from 255.255.255.0 to 255.255.254.0. Then your network stays at 172.168.50.0, your hosts can use 172.68.50.1-172.68.51.254, and the broadcast becomes 172.168.50.255. Your default gateway on the .50 ip doesn't change, but you still need to edit the hosts so that they have the new subnet mask.

This of cource only works if you haven't assigned 172.68.51 anywhere else in your network. (without a lot of complex natting).

The USB headset will probably not work along with the onboard sound output. IF you use windows, usually only 1 device can be active for sound output. Go with the above suggestions, and get a splitter. Costs all of $1.90 at radio shack.

NMAP SCanner is what I use. ZenMap GUI can be used as a front end if you don't like command line.

If you included the 1 start bit, you'd get 1+7+1+2. 11 bits total with 4 for overhead with is something like 36.36363636%

For the baud rate, did I incorrectly assume you were talking about modem speed?

The Gross Bitrate can be expressed as R = bitrate*log_base2(M) where R is the rate and M is the number of distinct messages.

For Rs232, each character frame has 1 start bit, the data bits, the parity bit (optional), and the stop bit(s).

The start bit is the transition from negative voltage to positive. All rs232 communication has 1 start bit, it's just assumed to be there. I didn't include the 1 start bit in the math.

7 data bits + 1 Parity bit + 2 stop bit = 10 bit total with 3 being used for control. 30%. If you included the 1 start bit, you'd get 1+7+1+2. 11 bits total with 4 for overhead with is something like 36.36363636% IIRC Assuming the start bit is not included is the only way to get one of the multiple choice answers.

bit rate = baud rate when over 110, so for 1st question, 12000/8 = 1500 baud

For the 2nd question, total bits sent = 7 bit data, 2 stop bits, 1 bit parity = 10 bits. 2 stop bits + 1 parity bit = 3 bits. 3/10 = 30% overhead.

I think a VLookup might be what you are looking for....

http://spreadsheetpage.com/index.php/tip/alternatives_to_nested_if_functions/
http://www.ozgrid.com/Excel/excel-vlookup-formula.htm

I'm just going to ditto wldake's reply. Using a random public IP as an internal network doesn't cause any issues internally.

Sounds like you may have bricked it.

When you plug in via ethernet, do you get a DHCP ip on your system? If yes, run a IPCONFIG /ALL from command prompt and you will see the DHCP server address. That would be the router ip to connect to.

If you get nothing, then you might be out of luck. IMHO

That's looks pretty good.

Did you also run the online scan jholland suggested?

If you have another PC, download the installer for MalwareBytes

Boot the PC into safe mode, START - run - MSCONFIG and choose selective startup and uncheck the startup items. Reboot normal and you should be able to load malware bytes and update and run a scan.

You can also run a scan of malware bytes in safe mode if needed.

Consider this solved?

If you are not the admin, then the answer is probably no. This depends alot on the setup of the mail solution though.

The only 100% way to not have them read it is end to end encryption using email certs or an encrypted attachment.

Most often, yes they can. Unless you are doing some sort of Smime or other type of encryption on the mail body.

All emails servers will hold the mail until a client connects to it and pulls the mail or otherwise reads the mail list.

If you don't want to receive mail, just don't let you client connect to the mail server....?? Not really sure what you are trying to accomplish....

Yes - that's good too... :)

If you are booting and you see the GRUB loader offer you a choice, then at some point, you chose to install ubuntu to the disk. The ubuntu install most likely took a portion of the disk for itself leaving the remainder for windows.

So you have 2 tasks here. #1 Remove the Grub loader and use windows to boot. #2 Remove the ubuntu partition and reassign to windows.

**** Make sure you backup anything important ****
Anytime you go messing with your disk like this, make 100% sure you have copies of whatever data you can't live without.

HAve a look at this site for easy instructions on removing GRUB and reassigning the space: http://www.wikihow.com/Uninstall-the-Grub-Bootloader-from-a-Dual-Boot-XP-System-With-an-XP-CD

I've used paragon partition manager for stuff like this with success many times. ... FYI

Give it the full filepath to the executable.

Each webcam would sit behind your router. The router would need to be setup to pass on the port from the external IP to the internal IP of the webcam.

So if the webcam is assigned a private 192.168.1.10 ip and operates on port TCP/1024, then the router must be setup to port forward 1024 from the external IP to the internal 192.168.1.10 address. That way, if you hit the public ip, all traffic is sent internally to the camera.

If your ISP give you a non-static IP for the internet, you'll need to use a dynamic dns service to register the new ip to a domain name for this to be practical.

"how far may I locate a pc from the keyboard, mouse, and display"

kBS/mouse/video destance is not the same as gigabit distance.

Gigabit ethernet is meant to connect multiple PCs to a central router/switch so they can share data. The distances vary depending on what you are running. For Gig speeds, you are limited to 100 meters over Cat6... reference:http://www.homenethelp.com/web/explain/maximum-cable-length.asp

If you are asking about max distance for your KBD/mouse/vid, you are going to be limited, especially with the video. Wired KBDs and mice usually come with 6 foot cords and you can extend those another 10 foot without issue. Now the Video, depending on if its VGA, DVI, etc will be different. VGA especially will start to show "ghosty" images on the screen if you extend it too far (12 feet or more).

If all you want to do is block traffic and allow certain outbound ports, then I think any firewall would suffice. The ASA begins to shine when you talk about hosting services, managing VPNs, etc...

If you have no VPN, and no internal hosts to share, then the e3000 should do the job fine IMHO.

Sounds like you are missing that font on the new PC. If you downloaded it from somewhere, you'll need to do the same on this PC. If it was "just there" or you can't find it... then copy the ttf file to the new machine and install it.

The ASA 5505 is a business class firewall that has a lot more flexibility when it comes to configuration. With that flexibility comes a very big learning curve if you've not used an ASA before. Not that it's rocket science, but a beginner will get frustrated with the command line quickly.

The ASA does a lot that the linksys can't do. The ASA can handle deep packet inspection and run fixups for things like DNS, SQLnet, etc to handle the NATing quirks for those protocols. The ASA can run static nats and port forwarding internally to various machines with access list control to really get detailed about what's allowed.

The ASA has support for the IPSEC VPN client and the SSL Anyconnect clients (check your licensing). It can also forward internally to multiple VLANs (again, check licensing). The ASA can route multiple subnets across a single VPN IPSEC tunnel instead of just 1 single subnet spec.

The big CON here is price. The ASA's are expensive if you start adding licensing for sec plus or Anyconnect support. So make sure you know what you are buying.

My 2 cents:
On the splash screen, you should be able to hit ESC or TAB and get the BIOS startup info. Do you get this? The splash screen is usually a "Quiet Boot" enabled or Verbose boot disabled setting in Bios.

Check for the BIOS startup info and that should give you a clue to your next step.

Also, there is usually a CMOS reset jumper on the mainboard. since it's a new setup, you can safely clear CMOS using the jumper. Check your MOBO manual for details.

I would replace that HTTP server with a CLOUD icon and label it "Public Internet". That's what you would usually find in the real world.

An ISP router doesn't 'connect' you to a specific server. The router is the gateway to the internet by which your internal machines can request a service from a public server.

What kind of lab expriment did you run that 'shows' a server conencted to your router?

I have a hunch that you may have to make that a batch file and use a GPO to run the file at logon. I've done similiar stuff with user home directories in VBS so it can't be much different.

I don't see why not. COMPUTERNAME is a system variable. I'm not 100% about mapping drives with the variable, but you can try it anyway.

It would be something like \\fileserver\backups\%COMPUTERNAME%

I run a Virtual DC for a network of 200. Have no fear. However, make sure you have a 2nd DC or good backups of your AD/LDAP. Although with only 4 machines, rebuilding the domain isn't such a big deal in the event of an AD database failure.

But 'virtual' is the way to go. IMHO

As for the HOW TO on a guest OS installation... look right here:
http://technet.microsoft.com/en-us/library/cc742460.aspx

How is the computer on 2nd floor connecting to your hub/switch? Is it a direct run? Is there a cross connect? Is there a patch panel on the 2nd floor?

If you tried the PC in your office and it works, then its not the PC.

If you take your working PC and (what I assume is a working patch cable) up to 2nd and it fails. Then it sounds like a cabling issue to me.

You would need a cable tester to shoot the line and look for loss of connectivity, crossed pairs, shorted pairs, etc....

ESXi is a barebones VMWare OS that only runs an a limited number of certified servers. This will not run on a PC.

You can try VMware Server or Workstation but will need to have them licensed. I think they did away with the trial period for these products.

I've used all flavors of VMWare and have also used Virtual box. Pound for Pound, Virtual box is just as capable as a VM solution when run on a PC. They both do exactly what they are supposed to do. With Virtual Box, there is no charge but limited support options (only the forum). With VMWare, it is more polished, and you get tech support for purchased products and the VM ware tech support is awesome IMHO.