cluberti
Content Type
Profiles
Forums
Events
Posts posted by cluberti
-
-
To be honest, I've found the XP firewall to be adequate for almost everything, assuming a good hardware firewall is in place. It's configurable via scripts or via the integrated Security Center GUI, it does a good job of blocking inbound attacks, and doesn't require an additional hook driver into your IP stack to work properly. Is it the best software firewall out there, feature-wise? No, it's not, because of the lack of outbound firewalling - but it's still excellent for inbound attacks. If you want a firewall for outbound connections as well, consider ZoneAlarm (http://www.zonelabs.com) or Tiny (http://www.tinysoftware.com).
0 -
Note that I've seen this issue on other motherboard chipsets that use these Marvell gigabit network controllers as well. I think that RogueSpear is correct here, in that your best bet is to fiddle with the .inf files and see what happens.
Avoid Marvell Yukon NICs like the plague
.0 -
Good. I'll keep an eye out for your posting.
0 -
As I said, without the callstack and STOP: data, we're just guessing
.0 -
Have you gotten a network trace of the machine in question, to see where these outbound packets are going? Also, consider using msconfig or autoruns (from http://www.sysinternals.com) to disable all non-microsoft startup items to see if this issue still exists.
0 -
I've had excellent luck (both CD and RIS installs work) with this:
reg query hklm\software\microsoft\windows\currentversion\setup /v sourcepath > source
for /f "tokens=3 skip=3" %%1 in (source) do set sourcepath=%%1
xcopy %sourcepath%i386 %systemdrive%\i386 /s/i/q0 -
Have you tried removing it? What happens? If you've got a VM you don't mind breaking, what's the worst that could happen
?0 -
I agree with you both - it can be done, but it's a royal pain, and not guaranteed to work either. Kind of the old "you can, but should you?" dilemma.
0 -
Tell us how you really feel
0 -
No, that's the web connection client. You're looking for the Remote Desktops console from the Administrative Tools (adminpak.msi). I've never tried using the previous link to install specific components of the adminpak, but I've just installed the adminpak.msi from an extracted Windows Server 2003 Service Pack 1 source on my XP box, and there it is in administrative tools.
0 -
I'd suggest getting more familiar with your system before fiddling with the registry, as it sounds like you are in unfamiliar territory here. For now, simply copy and paste the following text into a new text file on your computer, rename the new text file to msilogging.reg, and double-click the file:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer]
"Logging"="voicewarmup"This will add the appropriate registry entries as per step 4 into your computer's registry.
0 -
1. Open a command prompt, and type the following command:
msiexec /regserver
2. Press the Enter key to execute the command.
3. Reboot
4. Add the following registry value to your registry using regedit.exe:
Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
Value: Logging
Type: REG_SZ
Data: voicewarmup
5. Start installing Java on your machine - it should still fail.
6. Open Windows Explorer, and type the following in the address bar:
%temp%
7. Click the "Go" button or press the Enter key to continue.
8. Open the new "msi*.log" file that was created (where * will be a random number). Copy and paste the contents of this file here, and we can have a look and see what happened
.0 -
Just a nitpick guys - if running from a batch, consider using "winnt32.exe /cmdcons /dudisable /unattend" instead of just /cmdcons.
0 -
Have you considered repackaging your install with WinInstall LE or Adminstudio Repackager? You could start your repackager, install your A/V and update, then let the repackager do it's thing - you'd have an .msi at the end updated (at least up to the current date), and most likely wouldn't complain about the missing update files (because the "first-run" would have already been run in your repackaged application).
It's not the best way to do things like this, but it's usually the easiest
.0 -
From what I see, it connected fine but detected no new downloads - do you have updates (that the client would not have) approved for installation on your WSUS server? It also appears that your detection time is set to 22 hours - have you set it to 1 hour yet? I'd start by checking your WSUS server, and approving new updates, and also changing the detection time to 1 hour (at least for testing - you can reduce it later if you don't want the network traffic that'll induce).
0 -
When you type "ipconfig /all" in a command prompt, what do you see?
As for installing IE, are you getting any errors when attempting to install IE?
Your details are vague - let's troubleshoot network connectivity first, then try IE
.0 -
Well, since WSUS stores EVERYTHING in the SQL database, that's a good place to start looking.
0 -
The easy answer - disconnect it from the internet, pull the plug, and lock it away
.The better answer - your computer will only be as secure as you can allow it to be and still meet your usability requirements. You can lock a Windows XP machine down so that nothing can be done to it, but that's not very usable, and sort of defeats the purpose of having a computer in the first place.
Windows XP is fairly secure by default, but does need some work to meet "hardcore" security guidelines. Basically, reducing your attack surface will increase the security of your machine, which means disabling any services you (or your computer) do not need, removing all software that you are not going to actually use, and making sure that you have decent security in place *outside* of your machine as well - a good hardware firewall between your PC and the internet connection is a good start, as is possibly having an IDS or other sniffing device on the network as well if you need that level of security auditing.
As to the C: drive issue, assuming it contains your Windows directory, you can't really hide this drive without seriously affecting the stability of the machine. If you need to hide files, you are best served to store them on another partition or volume, formatted for NTFS, and using the encrypting file system along with NTFS permissions to deny other users' access to, and ability to see, your files. Putting your data on an external hard disk that you remove when not at the PC is another very good way to effectively hide your data
.As to program installation, it is difficult to keep users from installing programs that only write to the HKCU portion of the registry, or can run from the users' own home directory. It can be done, but again, it's not easy to make happen (especially when you are not in an AD domain environment).
Consider reading the following linked documents, for a starter. Also consider downloading the Microsoft Shared Computer Toolkit, as it has some nice resources for configuring a computer that will be shared amongst multiple users.
0 -
You can verify that the MSI engine is not the issue by running the command "msiexec /regserver" and checking your event logs to make sure the engine and service started correctly (or not). If you run "msiexec /regserver" without errors and still cannot install Java, it's the package itself.
Also, have you checked your event logs after attempting the installation to see what happened, if any errors were logged? You can also turn on MSI logging in Windows XP to get a detailed log when installing an MSI application by editing your registry as follows:
Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
Value: Logging
Type: REG_SZ
Data: voicewarmup
Add the above registry value, and you will now get detailed logging when installing an .msi package. The log will be named msi*.log (where * will be a random number), and will be located in your %temp% directory.
0 -
What is the exact text of the BSOD, including the STOP: code and the callstack data? Without that data, we're just guessing...
0 -
VWIMaster, what was the second parameter of those BSOD's? That parameter will tell whether it is a disk issue, a driver issue, a resource exhaustion issue, or a hardware issue...
0 -
Actually, if you're willing to spend the additional $150 or so, it can be easy to load-balance across 2 internet connections:
http://www.netgear.com/products/details/FVS124G.php
If you need to do more, you'll likely be spending a lot of time configuring a Linux box with iptables and iproute2, or spending a lot of money on a device that can handle 3 or more internet interfaces:
http://www.ispfailover.com/default.asp
Since you do say that money is an object and important in your decision, it would be cheapest in the long run to get an old PC and install Linux and a few NICs to load balance 3 or more slower connections (giving you better bandwidth, but lower throughput per connection), but it would be easiest to purchase the netgear device and 2 faster network connections (giving you better throughput per connection, but lower bandwidth overall).
0 -
What motherboard was this? If it's an Asus K8N, you need a PXE BIOS update for the PXE boot to RIS to work properly. If not, apparently Nvidia has a special driver (or hack) to get the Nforce4 NIC to work with RIS (I've seen this many places via a simple google search for Nforce4 RIS).
I wish I had better information, but it looks like the problem is fairly widespread with Nforce4 motherboards. I've even had a client switch from Nforce4 to an ATI chipset (MSI R482) due to RIS problems with the Nforce4 chipset (which didn't exist in Nforce3 and 2 chipsets, btw).
I'd start by contacting Nvidia directly to see if they can provide you the "special RIS driver" that apparently exists.
0 -
Yes, it should be OFF.
I'll actually stop and check my own winnt.sif file one day instead of just answering things off of the top of my head someday, I promise
.0
.
[Error] - Cant install Java
in Windows XP
Posted
If you're unable to create a new file and rename it, or copy and paste, I'm not entirely sure you're going to find my advice helpful. I'm sorry.