darkfiber1010

I do house calls on the side, 85% of my house calls involve spyware in some way. I try my best to educate the people about safer habits but I know that it will only go so far and that’s where anti-spyware software comes in. I know there are a lot of commercial programs out there but the problem with that is money. Many people just don’t want to spend money. So that leaves me with giving them free software. The problem is that a lot of the anti-spyware freeware only does a specific thing. Ad-aware (the free version) for example is great for getting rid of spyware but it doesn’t do anything to prevent it. Spyware Guardian has real-time scanning and other protections but no removal. Spybot S&D kind of does a mixture of these but not everything. Then there is cache cleaners like CCleaner and Hijack programs like Hijack this. So in the end you have to use a combination of programs. Even then there's drawbacks such as manual updates and scanning etc. After a lot of thinking I determined 6 main requirements that an anti-spyware program should have in order to properly clean a system of spyware and keep it protected. 1. Scanning and removal (meaning it scans for and cleans spyware already on the system) 2. Real time scanning (meaning that the program stops new spyware from being executed etc.) 3. Automatic scans and updates (Pointless?, not really most users aren’t always going to remember to run scans and updates) 4. ActiveX, Download, hosts and browser hijack protection (basically browser/internet settings protection) 5. A cache cleaner (the temp folder) 6. A restore feature (fix internet settings in the case of browser hijacks etc.) Microsoft Anitspyware is the only one I know of that meets or comes very close to meeting all my requirements (it does have a cache cleaner built in you just have to run it manually). One major problem with Microsoft Antispyware is it only works for Windows and more specifically 2000 and XP. Some of my clients still use Windows 98. Some people are just stubborn, so in the end I'm stuck using a combination of programs and relying more on them to "do their part". Anyways thanks for indulging my long rant, I realize that free is free and beggars can’t be choosers, but does anyone have an opinion on this? Do others feel the need for such a program or know of any? I want to hear opinions but before I start getting bashed, I know people could just use firefox…They should know better…They should spend money…They should upgrade to a newer version of Windows…etc. I know they should do all these things but they don’t.

I'm a little confused about your setup. Would it be possible for you to tell me more? So there is 1 router connecting you to an external network. Now this router is performing dns or directing requests to a dns server correct (because you have it set as primary dns)? There is another router (DSL) is this the internet connection? If it is, is it just your internet connection or is it also for the external network?

When you're using a 56k modem, because of the technology involved your limited to 56k (in reality more like 40-52K because it’s rare to get full capacity). However if you are getting something like 40k there are some things you can try to get a closer to the 56k max. Make sure the drivers for your modem are the most current version available. Sometimes a new driver can increase the modems performance. Using a higher quality cable from your modem to the phone jack might increase speed. A shielded cable with gold contacts would be an example of this. Many companies make these, Belkin is a popular brand. You can also try a software utility that will optimize your modem's settings. Examples are Cyber Tweak and CableNut Connection Tweak, there are many more, but be careful because many of them contain adware. Also some ISPs like EarthLink and others provide acceleration software which can make it appear like your connection is faster when you are browsing web pages. This software doesn't really increase the speed but it uses compression and other methods to cut down on the time it takes to access a webpage. Finally I have heard that you can use two 56k modems at once to get more speed but I don’t know how to set something like that up so if your interested in that do some research.

It is common to have more than one local area connection if you have more than one NIC or connection, I wouldn't worry about that. I would try another USB cable first then see what happens. If that doesn't work, get a cat-5 cable and connect your computer to the modem that way just to see if it makes a difference. It could be something with the USB connection, maybe it wasn't installed properly. The USB port on your cable modem could also be bad. It could also be the actual coax cable running to your house from the cable company, but I wouldn't worry about that yet. If switching cables doesn't work, do what Wyverex said and check for spyware. I recommend downloading Microsoft Antispyware if you are using a Windows 2000 or XP computer. If not get Ad-Aware or Spybot S & D and also get a program called LSP Fix and run that. Just out of curiosity when did this start happening? Was it always like this or did it just start?

From what you are asking it sounds like a roaming profile would work, but you need a server for that. So I think the answer to your question is no, you need a server. However, what specific reason do you have for logging onto another computer with the same profile? Maybe there is another way to do what you want.

Oh ok, looks like a good book. After awhile they all start sounding the same

It is possible it was the SAM file, there are many programs such as SAM Rape that will allow this. It is also possible it was another password cracking program like LC5 (lopht crack) which has pre-compiled databases of possible passwords and is very effective. Most of these programs however only work if they can be booted to. If you have the computers booting from hard drive only and are using BIOS passwords then this probably isn't the case. (Unless they physically opened the box, cleared the CMOS settings and changed the BIOS configuration but that is rare) Another possibility is that the students might have copied the SAM file from the computer and cracked it off site. I would recommend restricting access to the search function on the computers and also hiding the C drive so they can not see or access it. Finally they could have installed a program while they were logged on like a keylogger or password cracking software. However if you are restricting them from installing programs then this probably isn't the case. I know your original question was about security and tracking software but if you have Novell already you should be able to create the correct policies in order to lock down the network. However, here is a list of possible choices. http://www.adminfavorites.com/cat_security/ I havn't tired many of them, but Fortress seems to be popular these days.

Maxamoto's diagnosis sounds right. Usually that message means there is a DNS problem or other error. Try clicking "use any available domain controller" to see if it will allow you to do what you want. If it does great, but something is still probably configured wrong which is why you are getting the error.

Yeah I’m fairly certain it means a point to point link. What curriculum was that from Cisco?

How exactly was your school network hacked? And what kinds of security do you currently have now? Is the school using a domain with policies and restricted user accounts etc.? Is there any kind of firewall? I used to work at a high school here's 7 things I recommend (I know 10 would have sounded better but I ran out of ideas lol) 1. Use a domain server such as windows 2000 or 2003 and make a domain called "student" or something. Have a user name and password for each student. And make a group policy in active directory for all students that restricts access to everything you don't want them to have access to. This does two things. First it allows you to keep track of who did what a little better by using user names. Second it strictly defines what users can and can't do on the computers. 2. Before you let any student even get near a computer make sure it is locked down tight. All security patches, strong passwords on local administrator account, BIOS passwords, disable booting from anything but hard drives, etc. And don't use windows 98 if it can be helped (I know there are a lot of you who still like 98, it was good in its time, but it is a huge security risk when it is in a network environment, especially a school.) 3. Have a good hardware firewall I'm brainwashed into using Cisco PIX but they are pretty pricey so if it’s not in the budget, check out Sonic Wall or other vendors. 4. Have a good router, once again I'm a Cisco guy but I know they are expensive. Just don't rely on something like a Linksys model that was made for home use, get something made for serious work. Implement Access Control Lists on the router. 5. Use something for Internet filtering as in what students can and can't see on the internet. You can do this manually by blocking sites on the router etc. Or subscribe to a nice service like Websense that will do relatively everything for you and allow a wide range of management capabilities. I know the district I used to work for made it mandatory to use a product like Websense. Websens is costly though. 6. This might be a no brainer but use strong passwords at least 6 characters, letters, numbers, ASCII symbols @!#$, etc. No words and don't use the same passwords for the router, firewall and administrative accounts. 7. Make a strict computer usage agreement describing what the students can and can't do. Make them sign it and make sure they know what will happen to them if they break it. I know I've focused mainly on students as a security risk so far but from my past experience it’s not a bad idea to enforce similar security school wide, meaning for the teachers and administration as well. Hope this helps and let me know how things go, Jon.

You've done a good job at getting most of everything set up, it sounds like it could just be something little that you are missing. Disable any firewalls on the LAN connection to make sure it is not interfearing (you can keep the firewall on the WAN side). So for example assuming your using the built in firewall in XP, go to the advanced tab in the windows firewall menu and uncheck the LAN connection. Also could you give me more information. How are you trying to get the clients to get their dhcp addresses? Are you issuing a release all & renew all? Are you disabling and enabling the NICs? Or are you just restarting the computers. The computer that got the 169.245.x.x address was that an XP or 98 machine? Also the third pc did that get an address or did you assign that statically as well? Good luck, Jon

Hmm that's an interesting issue. It seems that you are doing everything right so it leads me to believe it something with hardware. I had a similar problem one time with a Realtek NIC. The drivers that XP automatically installed for the NIC were buggy. I got new drivers from the manufactuer's site and my problem was solved. So maybe try that, I'll let you know if I think of anything else. Good Luck, Jon

It makes perfect sense, but you may not even need a router. Personally I always like to avoid spending money becuase I am cheap so I try to use what is already there lol. If both your machines have wired ethernet cards you could run a cat-5 crossover cable between them. Then all's you will have to do is make sure each machine is on the same workgroup and make sure you give them ip addresses in the same subnet. If your machines don't have wired ethernet adpaters, then let me know and we'll do it another way. Hope this helps, Jon

It’s do-able, just make sure you have the bandwidth to support it. Its been awhile since I've messed with VLANS but something along these lines should work, although I don't know your setup so maybe it won't You will need at least 3 VLANS (I would suggest actually making 4, the 4th one being for administrative purposes but that is optional). Anyways one VLAN will be for data, one for video, and one for audio. Now there's a few ways you can do this: you can divide each switch into several separate VLANS or use a single switch for each VLAN, or a combination of both. The main thing to remember is that each specific VLAN has to be the same number/name on each switch. For example let’s assume you’re dividing Switch_1 into 4 VLANs. VLAN 1 (admin), VLAN 2 (data), VLAN 3 (video), VLAN 4 (audio). Now every other switch involved will have to use the same VLAN numbers/names. So on Switch_2 VLAN 1 will be admin, VLAN 2 data, etc. Then you’re going to have to enable VLAN trunking for the VLANs to communicate and do some other configuration. Some of this can be a pain but not too bad. If you’re using Cisco hardware I can help get you started, if not then I would suggest reading up on configuration manuals for your specific hardware. I hope this can at least get you started; sorry if anything is off a bit I am a little rusty, Jon.