Encryption by Law? If so, what strength or type?
Have you examined NIST guidelines? You may take a look at http://csrc.nist.gov/ Data encryption rules, regulations, guidelines varies by state to state. In some states if the sensitive data is encrypted (does not matter the key length/strength) it is OK. Please elaborate a bit more and the context?
View Answer
| June 15, 2009 8:06 PM
cybersecurity, Encryption, Massachusetts Data Privacy Law, privacy, Security, White House Cybersecurity Initiative
Have you examined NIST guidelines? You may take a look at http://csrc.nist.gov/ Data encryption rules, regulations, guidelines varies by state to state. In some states if the sensitive data is encrypted (does not matter the key length/strength) it is OK. Please elaborate a bit more and the context?
View Answer
| June 15, 2009 8:06 PM
cybersecurity, Encryption, Massachusetts Data Privacy Law, privacy, Security, White House Cybersecurity Initiative
What is IPSec? How to config Frame Relay ?
ipsec is a method of encrypting traffic between two devices or two networks using key exchange algorithms. See the <a href=”http://en.wikipedia.org/wiki/IPsec”>Wikipedia article on ipsec</a> for more details. As far as a configuration example, it will vary depending on the endpoint devices. You will need to provide more details about the devices for the community to [...]
View Answer
| June 15, 2009 12:03 PM
Access List, Frame Relay, IPsec
ipsec is a method of encrypting traffic between two devices or two networks using key exchange algorithms. See the <a href=”http://en.wikipedia.org/wiki/IPsec”>Wikipedia article on ipsec</a> for more details. As far as a configuration example, it will vary depending on the endpoint devices. You will need to provide more details about the devices for the community to [...]
View Answer
| June 15, 2009 12:03 PM
Access List, Frame Relay, IPsec
Locking the IP address to the MAC address
You need to also remove the IP address from the DHCP pool, then it can not be used by any other PC. Do that and only the one with the correct MAC will get that IP address. Just make the address pool smaller, that is all you need to do.
View Answer
| June 15, 2009 9:43 AM
cisco router or firewall, Cisco Routers, DHCP, MAC address, Network administration, Routers, Windows Server
You need to also remove the IP address from the DHCP pool, then it can not be used by any other PC. Do that and only the one with the correct MAC will get that IP address. Just make the address pool smaller, that is all you need to do.
View Answer
| June 15, 2009 9:43 AM
cisco router or firewall, Cisco Routers, DHCP, MAC address, Network administration, Routers, Windows Server
Lan Auditor
Check out <a href=”http://www.pxserver.com/WinAudit.htm”>winaudit</a> In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>.
View Answer
| June 12, 2009 2:59 PM
Auditing, Hardware Management, Inventory management software, IT audit, IT auditing software
Check out <a href=”http://www.pxserver.com/WinAudit.htm”>winaudit</a> In the IT trenches? So am I – read my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches”>IT-Trenches blog</a>.
View Answer
| June 12, 2009 2:59 PM
Auditing, Hardware Management, Inventory management software, IT audit, IT auditing software
SFTP and sending a file from the 400 to a unix system
Hi, If your file has CCSID=65535 the system will not convert it. If it’s your case you can: 1.- Change CCSID or 2.- Copy file to another with correct CCSID (used in your country) Then you can use CPYTOSTMF or even direct FTP. Regards, Wilson
View Answer
| June 11, 2009 8:47 PM
AS/400 to Unix, CPYTOSTMF, EDI, Exchange EDI, SFTP, Unix
Hi, If your file has CCSID=65535 the system will not convert it. If it’s your case you can: 1.- Change CCSID or 2.- Copy file to another with correct CCSID (used in your country) Then you can use CPYTOSTMF or even direct FTP. Regards, Wilson
View Answer
| June 11, 2009 8:47 PM
AS/400 to Unix, CPYTOSTMF, EDI, Exchange EDI, SFTP, Unix
Logging into Windows XP with a barcode
Have you considered using a different delimiter than tab? -Schmidtw
View Answer
| June 11, 2009 6:02 PM
Integrated Windows Authentication, Windows Permissions, Windows XP
Have you considered using a different delimiter than tab? -Schmidtw
View Answer
| June 11, 2009 6:02 PM
Integrated Windows Authentication, Windows Permissions, Windows XP
Can a user have multiple concurrent signons (sessions)
It clearly would rely on how the Voice Recognition system is designed. It might be originally designed as a one-to-one relationship and only one session is being processed. I would recommend you either read the manual to your voice recognition system or talk to their tech support. There is probably an “update / patch / [...]
View Answer
| June 11, 2009 1:24 PM
Concurrent sign-ons, Password
It clearly would rely on how the Voice Recognition system is designed. It might be originally designed as a one-to-one relationship and only one session is being processed. I would recommend you either read the manual to your voice recognition system or talk to their tech support. There is probably an “update / patch / [...]
View Answer
| June 11, 2009 1:24 PM
Concurrent sign-ons, Password
Packet Filtering information required
netstat will show you the connections in use and should also show you the PID of the process making the connection. You can capture at either location, but it may be better to span the client switch port to an analyzer port or hub out with an analyzer on the client link.
View Answer
| June 11, 2009 1:12 PM
Firewalls, Network security, packet analysis, Packet filtering, Packet Sniffing
netstat will show you the connections in use and should also show you the PID of the process making the connection. You can capture at either location, but it may be better to span the client switch port to an analyzer port or hub out with an analyzer on the client link.
View Answer
| June 11, 2009 1:12 PM
Firewalls, Network security, packet analysis, Packet filtering, Packet Sniffing
IT User Access Forms
The OWNER of the data/system – IT is just the custodian.
View Answer
| June 10, 2009 8:28 PM
IT Policy, User Access Forms
The OWNER of the data/system – IT is just the custodian.
View Answer
| June 10, 2009 8:28 PM
IT Policy, User Access Forms
Internet problem for the server 2008
I would review the network settings and confirm that IPv6 and Network Discovery is enabled. I would go to the command line and run commands like ping, tracert, nslookup.
View Answer
| June 10, 2009 2:17 PM
Domain Controller, ISA 2004, Windows Server 2003, Windows Server 2008, Windows Server troubleshooting
I would review the network settings and confirm that IPv6 and Network Discovery is enabled. I would go to the command line and run commands like ping, tracert, nslookup.
View Answer
| June 10, 2009 2:17 PM
Domain Controller, ISA 2004, Windows Server 2003, Windows Server 2008, Windows Server troubleshooting
Securing OWA 2007 on Exchange 2007
See my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches/certificates-who-do-you-trust/”>blog entry</a> on this subject. The process I used is as follows: To generate a Certificate Signing Request (CSR) on an Exchange 2007 server: <i>Prior to starting, uncheck the feature in Windows “Hide extensions for known file types”. When I pasted the cert from VeriSign into notepad on the Exchange box and [...]
View Answer
| June 10, 2009 11:19 AM
Certificates, Exchange 2007, Outlook, Outlook 2007, Outlook Web Access, Outlook Web Access 2007, OWA, SSL, SSL certificate, VeriSign
See my <a href=”http://itknowledgeexchange.techtarget.com/it-trenches/certificates-who-do-you-trust/”>blog entry</a> on this subject. The process I used is as follows: To generate a Certificate Signing Request (CSR) on an Exchange 2007 server: <i>Prior to starting, uncheck the feature in Windows “Hide extensions for known file types”. When I pasted the cert from VeriSign into notepad on the Exchange box and [...]
View Answer
| June 10, 2009 11:19 AM
Certificates, Exchange 2007, Outlook, Outlook 2007, Outlook Web Access, Outlook Web Access 2007, OWA, SSL, SSL certificate, VeriSign
password for symantec brightmail
The only information I was able to retrieve via the administration guide ftp://ftp.entsupport.symantec.com/pub/support/documentation/sbg_administration_guide.pdf on page 453 (Reset an administrator password). If you don’t have any administrator level account to proceed with the reset procedure then you may need to reset the appliance page 475. Also on the page 632, if you can obtain console access, [...]
View Answer
| June 9, 2009 3:48 PM
Brightmail, Symantec, Symantec Brightmail, Symantec Brightmail Password, Symantic Brightmail Administration
The only information I was able to retrieve via the administration guide ftp://ftp.entsupport.symantec.com/pub/support/documentation/sbg_administration_guide.pdf on page 453 (Reset an administrator password). If you don’t have any administrator level account to proceed with the reset procedure then you may need to reset the appliance page 475. Also on the page 632, if you can obtain console access, [...]
View Answer
| June 9, 2009 3:48 PM
Brightmail, Symantec, Symantec Brightmail, Symantec Brightmail Password, Symantic Brightmail Administration
Migration: Move a user from one domain (Child Domain) to another domain (Parent Domain).
Here’s a document straight from Microsoft on the migration plans: http://download.microsoft.com/download/a/9/4/a94c5f56-f7b5-4ec8-bcaa-1eadf84c4e3f/V3MigGuide.doc ___________________________________________________________________________ Hi, Using ADMT is easy but it will be quit difficult. I think for this we can use MOVE TREE Command Please find the link below for the same http://support.microsoft.com/kb/238394 Since for moving a Object between a single domain we can go for [...]
View Answer
| June 9, 2009 7:39 AM
Active Directory, Active Directory migration, Child Domain, Exchange Server, Parent Domain, SID
Here’s a document straight from Microsoft on the migration plans: http://download.microsoft.com/download/a/9/4/a94c5f56-f7b5-4ec8-bcaa-1eadf84c4e3f/V3MigGuide.doc ___________________________________________________________________________ Hi, Using ADMT is easy but it will be quit difficult. I think for this we can use MOVE TREE Command Please find the link below for the same http://support.microsoft.com/kb/238394 Since for moving a Object between a single domain we can go for [...]
View Answer
| June 9, 2009 7:39 AM
Active Directory, Active Directory migration, Child Domain, Exchange Server, Parent Domain, SID
Office 2007 apps can’t open or save to Network Share
You might consider using <a href=”http://www.wireshark.org”>Wireshark</a> or Microsoft Network Monitor to capture traffic the next time this happens. There might be some unusual traffic happening on the LAN during the event that you could detect using these great tools. The Microsoft Network Monitor might be better for this case since it has some built-in features [...]
View Answer
| June 8, 2009 8:42 PM
Office 2007, Symantec Endpoint, Symantec Endpoint Protection Manager, Windows Server 2003
You might consider using <a href=”http://www.wireshark.org”>Wireshark</a> or Microsoft Network Monitor to capture traffic the next time this happens. There might be some unusual traffic happening on the LAN during the event that you could detect using these great tools. The Microsoft Network Monitor might be better for this case since it has some built-in features [...]
View Answer
| June 8, 2009 8:42 PM
Office 2007, Symantec Endpoint, Symantec Endpoint Protection Manager, Windows Server 2003
Do I need digital certificates to be sox compliant?
Digital certificates should not be a SOX compliance requirement. Digital certificates are primarily used for two purposes: authentication and encryption. For a digital certificate to be trusted, there must be a trusted root that all parties “trust” (like a Verisign or Geotrust). This means that the owner of the certificate is who they say they [...]
View Answer
| June 8, 2009 8:35 PM
Digital certificates, Sarbanes-Oxley, Sarbanes-Oxley Act, SOX, SOX compliance
Digital certificates should not be a SOX compliance requirement. Digital certificates are primarily used for two purposes: authentication and encryption. For a digital certificate to be trusted, there must be a trusted root that all parties “trust” (like a Verisign or Geotrust). This means that the owner of the certificate is who they say they [...]
View Answer
| June 8, 2009 8:35 PM
Digital certificates, Sarbanes-Oxley, Sarbanes-Oxley Act, SOX, SOX compliance
Hard Drive replacement procedure
You wouldn’t be able to restore all of the software by a copy and paste. A third party backup and restore application like <a href=”http://www.acronis.com/promo/ATIH/true-image-2009-imaging.html?source=us_google&ad=disk+ghosting&c=2673628667&k=disk%20ghost&gclid=CNG-3NbQ-JoCFRMUagod4l9bdQ”>Acronis True Image</a> will help you do this. ++++++++++++++++++++++++++++++++++ Most hard drive replacement may come with a 3rd party utility to “clone” your original drive to an external destination and then [...]
View Answer
| June 8, 2009 5:29 PM
Hard Drive Installation, Hard drives, Internal hard drives
You wouldn’t be able to restore all of the software by a copy and paste. A third party backup and restore application like <a href=”http://www.acronis.com/promo/ATIH/true-image-2009-imaging.html?source=us_google&ad=disk+ghosting&c=2673628667&k=disk%20ghost&gclid=CNG-3NbQ-JoCFRMUagod4l9bdQ”>Acronis True Image</a> will help you do this. ++++++++++++++++++++++++++++++++++ Most hard drive replacement may come with a 3rd party utility to “clone” your original drive to an external destination and then [...]
View Answer
| June 8, 2009 5:29 PM
Hard Drive Installation, Hard drives, Internal hard drives
SFTP results
you can output the batch results using -b option. Here’s an Example code $ cat > batchfile pwd ls $ sftp -b batchfile someuser@localhost > /var/tmp/foo Password: $ cat /var/tmp/foo sftp> pwd Remote working directory: /home/someuser sftp> ls some_file some_other_file some_dir sftp> $
View Answer
| June 8, 2009 4:17 PM
iSeries FTP, iSeries SFTP, SFTP
you can output the batch results using -b option. Here’s an Example code $ cat > batchfile pwd ls $ sftp -b batchfile someuser@localhost > /var/tmp/foo Password: $ cat /var/tmp/foo sftp> pwd Remote working directory: /home/someuser sftp> ls some_file some_other_file some_dir sftp> $
View Answer
| June 8, 2009 4:17 PM
iSeries FTP, iSeries SFTP, SFTP
Sendmail with TLS and CA signed CERT
TLS over SMTP in Sendmail is referred to as “Sendmail Secure Switch”. There are certain limitations to this implementation as well. The complete step by step process is described in the below article. http://www.linuxjournal.com/article/4823
View Answer
| June 8, 2009 3:59 PM
CA, CA Signed Cert, Sendmail, Sendmail Server 8.13, TLS
TLS over SMTP in Sendmail is referred to as “Sendmail Secure Switch”. There are certain limitations to this implementation as well. The complete step by step process is described in the below article. http://www.linuxjournal.com/article/4823
View Answer
| June 8, 2009 3:59 PM
CA, CA Signed Cert, Sendmail, Sendmail Server 8.13, TLS
Using ISA 2004 to block the majority of sites and allow a few.
ISA processes rules from top to bottom so create the rule that denies *.* on top and as the last ones create the rules that allow the sites you want to be accessible. Just to add, access should always be based on white list and not black list. “Allow” only what’s required and rest is [...]
View Answer
| June 8, 2009 3:46 PM
ISA 2004, ISA Server 2004, Network security, Network server software, Networking
ISA processes rules from top to bottom so create the rule that denies *.* on top and as the last ones create the rules that allow the sites you want to be accessible. Just to add, access should always be based on white list and not black list. “Allow” only what’s required and rest is [...]
View Answer
| June 8, 2009 3:46 PM
ISA 2004, ISA Server 2004, Network security, Network server software, Networking
Spam firewall recommendations
I absolutely love our Barracuda Spam Firewall 300. It is way under 4 grand even with 2 years of support and updates. You can find out specific information about it and even rwequest an evaluation unit by going to http://www.barracudanetworks.com It does spam and virus catching via hourly updates and a bayesian database/filter. You train [...]
View Answer
| June 8, 2009 2:35 PM
Firewalls, Spam, Spam Firewall
I absolutely love our Barracuda Spam Firewall 300. It is way under 4 grand even with 2 years of support and updates. You can find out specific information about it and even rwequest an evaluation unit by going to http://www.barracudanetworks.com It does spam and virus catching via hourly updates and a bayesian database/filter. You train [...]
View Answer
| June 8, 2009 2:35 PM
Firewalls, Spam, Spam Firewall
