Blog

A while back I mentioned that you can just enter sendto in the start/run field and it would open your sendto folder.  There are many of these shell folders – special folders that may be on disk, or may be fabricated by the OS.  The “correct” way to reference these is with the “shell:” prefix.  So you can specify shell:sendto, shell:startup, shell:favorites, etc. [more]

The full list is in your registry at

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions

Note: The name in the registry does not always match the name you see in explorer.

One of our bank customers has a vendor that monitors the status of one of their servers remotely through a VPN connection.  In the past few days, something has happened to where they call saying that they are detecting the server is down or unreachable.  The bank had not noticed any problems in their ability to provide service to their customers as they usually get calls when something isn’t working right.

The vendor began troubleshooting network connectivity and determined later that there didn’t seem to be a network problem, but their network monitoring software was still indicating the server was down.  They later said that the problem had been traced to an “application” problem.  Rebooting the server brought the connectivity back up with their monitoring software.  The application running on the bank server had stopped responding and blocked incoming requests from the vendor’s monitoring software. This is an example of network monitoring software only being as good as the application on the other end.

The newer versions of the Cisco IOS allow you to add a compression algorithm to the transform set that defines how traffic is encrypted.  After adding new crypto map entries at a client using this compression, other VPNs (using the original transform set that does not include compression) started getting odd errors.  The VPN would stay up, but only small ping packets would get through.  And different endpoints had different sized pings that would make it through.  Eventually, I tried removing the crypto map entries using compression and the other problems disappeared.  The lesson I learned from this was to not use a crypto map that mixes transform sets with compression and transform sets without compression.

64 bit Gotcha:   If you are creating a DSN on a 64bit machine for a 32 bit database, then you will need to create a 32bit DSN. This cannot be done from the Control Panel  ODBC Data Source Administrator , because this program creates a 64bit DSN. In order to create the 32bit DSN, you must run the program odbcad32.exe from the Windows\syswow64 directory.  The KB article here talks about this issue. In particular, I ran into this problem when moving a VMware Virtual Center from one machine (32 bit, Windows 2003) to a new machine (64 bit, Windows 2008 R2). [more]

http://support.microsoft.com/kb/942976

I had been troubleshooting a DL380 server and replaced bad memory.  I had the server powered off and connected to it using iLO.  I used iLO to send power signal to the server so that I could watch it boot up.  For some reason right after I powered on the server, I lost connectivity to iLO and the blue UID light on the server remained on.

Once Windows came up, I checked the HP System Management software, and it did not list an iLO management processor like the other servers did.  I figured that iLO was hung, so I shutdown the server.  Still no response from iLO, so I checked BIOS with a physical monitor and keyboard.  Upon boot, it did not show the message to press a function key to configure iLO.[more]

In order to reset iLO, I had to completely unplug both power supplies from the back of the server.  After powering the system on again, I then saw the option to configure iLO.  I saw that it had an IP address but I still could not connect.  The blue UID light was off though.  After the system came back up, I had to reset the iLO interface through the HP System Management software before it would work again correctly.

When logging into the Symanted Endpoint Protection Management Console (SEPMC) console, keep in mind that the username is case-sensitive.  This is true whether the account you're using is set for 'Symantec Management Server Authentication' or MS 'Directory Authentication'.  You have to match the case of the username as it is listed within the console. The case as set in the console does not have to match case of the username as shown in MS-ADUC when using Directory Authentication.

I had an issue come up with using GUID partition table disks in Windows 2008 VMs. The issue involves doing a file-level restore from image-based backups made using 3rd party VMware backup utilities such as Veeam Backup, Vizioncore vRanger, or esXpress. In Windows 2008, the disk containing the system partition is always MBR, but disks with non-system partitions I had been using GPT. I found specifically with Veeam, file level restore functionality does not work because when the vmdk is mounted to the recovery host during the process, the partition table cannot be read. The partitions on the system disk show up fine, but all partitions on GPT disks are not available. A VERY close look at the Veeam documentation shows that GPT disks are not supported, only MBR disks. So, if one of these products will be used for backup, it would be best just to go with the MBR disks.

The Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Independent Community Bankers Association (ICBA), along with a variety of payment systems industry partners, are planning a Cyber Attack against Payment Processes (CAPP) exercise.  the three-day exercise is scheduled for February 9-11 and will simulate a different attack scenario each day.  There is no charge to participate in this exercise.  The deadline to register is January 29th.  To read more or register, visit http://www.fsisac.com/capp/.

An issue has been identified in the Symantec Endpoint Protection Manager (SEPM) which causes Security Content newer than 12/31/2009 11:59 PM to be considered older than content previous to that date/time. As a temporary workaround, Symantec is currently not incrementing the date on Symantec Endpoint Protection (SEP) Security Content and instead is only incrementing the revision number of the content. A message from Symantec provides this more detailed explanation: "As of early Sunday, January 3, 2010, the Symantec Endpoint Protection antivirus definition version "12/31/2009 rev. 114" has been published. Rev 114 includes all the latest definitions through Jan-2-2010."

As of today, January 5, 2010, CoNetrix definitions are showing a revision number of 116. The revision number should continue to increase as evidence of ongoing updates. [more]

This issue has been identified in the Symantec Endpoint Protection Manager (SEPM) and effects the following products:

• Symantec Endpoint Protection v11.x Product Line
• Symantec Endpoint Protection Small Business Edition v12.x Product Line
• Products which rely on Symantec Endpoint Protection for definition updates (e.g. Symantec Mail Security for Microsoft Exchange or Symantec Mail Security for Domino)

There are no required customer actions for this issue. More specifically, there are no changes an administrator needs to apply in order for the above mitigation to be successful.

For more information, see the following Symantec Knowledge Base article: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2010010308571348