i see this urlscan preventing updates in the log file, i dont have any stuff like that installed on the culprit wkstns. How can i fix this?
"...Sooner or later you're going to realize, just as I did, there's a difference between knowing the path and walking the path..."
Ö¿Ö
James if you are running active directory you would need to create security grps for your users with every grp with levels of access.
Lets say all class 1 in the classonegrp, now make this group local admins and you should be fine.
Ö¿Ö
Bob if you are running active directory you would need to create security grps for your users with every grp with levels of access.
Lets say all class 1 in the classonegrp, now make this group local admins and you should be fine.
Ö¿Ö
Get to your domain policy>computer configuration>windows settings>security settings>Local policies>User rights...shut down the system (fix users u need to be able to shut down system)
Get to your domain policy>computer configuration>windows settings>security settings>Local policies>Security options..prompt user to change password b4 expiration (fix your time here)
Ö¿Ö
I dont know if you realise that was the main intent of the Msblaster worm.
Can you disble ICMP on your core switches and router?
Make sure the server is patched up real good with all the MS security updtes and running the latest DAT file for your AVSW.
Ö¿Ö
Are you using win2k active directory?
If you are then you would have to edit your policy to make detection cycle less than the default 17 to 22 hrs as what you do on the new machines would be overwritten by the doman policy.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.