Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content count

  • Donations

  • Joined

  • Last visited

Community Reputation

0 Neutral

About ravashaak

  • Rank
    Dirty Dolphin

Contact Methods

  • Website URL
  1. Sever 2003- Remote Hacker

    Before I did anything else, I would make sure that my install CD is not infected with any trojans, malware, etc. I would next install the OS and patch it completely without putting the system on the network. Rename the built-in administrator account and give it a strong complex password that you have never used previously anywhere! Set a policy to use only complex passwords and a decent minimum character length (at least 8 characters IMHO). Set a policy to lock accounts for 5 minutes after 3 unsuccessful logon attempts. Disable the guest account and any other unnecessary accounts. Change the RDP port and only allow admins to logon via RDP. Be careful about any other third-party apps you install. Make 100% certain they are not infected. I would also consider a properly-configured hardware firewall. - Ravashaak
  2. You should probably confirm that both DNS servers can resolve your domain. It's possible that your DNS replication is not functioning properly. You could go into the DNS zone on each server and confirm the proper record for your domain. Another way to confirm proper DNS operation would be to run the following commands from your XP client... nslookup testing.com AD1.testing.com nslookup testing.com AD2.testing.com
  3. Group Policy

    When you say "access group policy", exactly what do you mean and from what computer (DC or client)? How often do you see these errors in the logs? Do they occur at regular intervals, and if so, what is the interval? Have you applied any security templates to these systems or to the domain? I once had the same set of symptoms and it wound up being due to MupCache needing to be purged. You might need to purge MupCache, which is done as follows: 1. If you have NOT already installed the Windows Server 2003 Support Tools, install them from the \SUPPORT\TOOLS\SUPTOOLS.MSI file of the Windows Server 2003 CD-ROM. 2. Start / Run / CMD.EXE / OK. 3. Type dfsutil /PurgeMupCache and press Enter. If that doesn't fix it, then most of the time it traces back to DNS problems. Download dcdiag and netdiag from Microsoft and install them on your DC and run them. Any errors of note? Confirm that the computer accounts have at least read access to SYSVOL and the folder where the GPT part of the GPO is located (both NTFS and share permissions) - Ravashaak
  4. PC won't shut down

    Check your system and application logs for clues. Beyond that, I'd update ALL my device drivers. Shutdown issues are often caused by a hanging device driver. If all else fails, try shutting down via the command line: shutdown -s - Ravashaak
  5. I think many people recognize that XP comes at least somewhat bloated, and removing excess components can not only speed up your OS, but also make it more secure. However, when you take this route, you need to be aware of future ramifications (with regards to dependencies, etc). So long as you know enough to be mindful of the potential pitfalls, you will be fine. A full, untweaked, bloated OS? Yuck! - Ravashaak
  6. Other: Cisco 817 router with custom ACL
  7. Things are going screwy...

    I'm not a big fan of DEP myself, and I disable it on all of my machines. It causes too many problems for my tastes. However, YMMV. - Ravashaak
  8. hfnetchk download

    Microsoft Baseline Security Analyzer is free and can perform the same functions via its command line component, mbsacli.exe. Version 2.0 can still output results in plaintext files, if you know the proper syntax. - Ravashaak
  9. Batch file problem

    There's a space between your open quotation mark and your drive letter. Close that space and re-test. - Ravashaak
  10. TCPView might also be of some assistance. I think you can get it at sysinternals.com. - Ravashaak
  11. Active Directory problem

    If others in the same group have the same problem, then maybe you should take a closer look at the group itself. Check its properties, specifically it's security permissions. Compare the group's permissions to that of other groups. Could be one explanation why it's not showing up when you list membership. - Ravashaak
  12. My MSFN username stands for...

    Variation on the name of a character (Ravashack) from an old turn-based strategy game called Master of Magic. - Ravashaak
  13. Use GPO to deploy Norton V9 to clients

    Being someone who has dealt with configuration and deployment issues for Symantec products for a few years now, I can attest to their shockingly poor documentation. Even when you can locate the docs you need, they are usually poorly organized (if not dyslexically organized), ambiguously worded, and often times lacking even basic information someone would need to configure and administer the product. On a quality scale of 1-10 (10 being best) I'd at most grant them a 2. - Ravashaak
  14. auto shutdown software?

    You can create a scheduled task that runs a shutdown command from the command line. Something like: shutdown.exe -s -f The -s signifies shutdown (where a -r would merely perform a reboot) and the -f forces any open applications to close immediately. Try shutdown /? at the command prompt for more information. Also, if you're not using XP, you can download the psshutdown utility from sysinternals.com. It's free and works like a charm. Cheers! - Ravashaak
  15. How to check if an application is installed?

    You could use REG.exe to check a specific registry entry. Type REG QUERY at the command prompt for further syntax information. You could pipe the results into a FIND command to verify installation. You could also check the %errorlevel% system variable immediately after the REG QUERY in order to verify installation. If there are no appropriate registry entries to be checked, a last resort is to use FILEVER.exe to determine the version of the executable. - Ravashaak