1howmanyunamesaretaken?

Well, my project is now over at the company I was working at. I know, it's been a long time I last gave feedback. Here I am catching up with you all. Without further suspence, below are the results of the project. The network follows the client-server architecture and is protected by a network router hardware firewall with more strict than lenient rules. The server machine is a powerful desktop PC which runs SBS 2003. It is by no means a piece of server hardware, but it runs the 10 person shop quite smoothly. It is also protected by a 200$ UPS system that's about the size of 1 & a half PC towers. The anti-virus solution will not be a client-server one. Rather, the workstations are to be protected by a client-side Anti-Virus. The one that was last decided upon was F-Prot. It's the cheapest and most lightweight commercial AV I found on the net and might already be set up. The file access rights are configured under Active Directory, an object relation scheme integrated in Windows Server OS's. Half the client PCs are running win XP Pro, logging onto the domain, and half are under win XP Home, simply connecting to the file server by means of mapped network drives. For win XP Home users, when a server folder is accessed via a mapped network drive, an authentication window appears where the employee must enter his/her domain username and password. The only problem here is that this session and its respective authentication remain open until the computer is turned off. So, logging off the user will not close the session. The machines running XP Home are also denied having domain policies affect users since a user logs onto his/her machine rather than onto the domain. Therefore, the win XP Home machines are intended to be replaced by XP Pro machines as soon as possible. As for the internally developped software modules and applications, they are for the moment comfortably compatible with Windows SBS 2003. For backup solutions, Brightstor Arcserve for laptops and Desktops is highly compatible with the domain framework provided by Active directory. SBS 2003 has eased the integration of BrighStor in our backup operations. This BrightStor solution will only be used to back up the user's data on the machine he/she logged onto at least once before. Since a domain user can log onto any machine, the possible number of user/machine file sets to be stored is quite high. Thankfully, as I said a bit earlier, the domain aspect is well incorporated into the BrightStor solution. When it comes to backing up the server files, a simple daily copy of the server files onto an external hard drive will prove solid, with the HDDs swapped once a week (2 HDDs will share the server file backup task). Not only that, but since the company data amounts to 8GBs, with 120GB hard drives a 2 weeks of data can be stored. Another solution would be to use incremental backups using BrightStor or an equivalent of the SBS2003-incompatible Norton Ghost 9.0. The problem with BrightStor though is that it depends on a backup server. If the backup server's OS fails, a fear exists that the backed up files would be irrecuperable, since machine identifiers (i.e. domainName/machineName:domainUser) would no longer exist on the server. The file server itself is quite reliable since it is set up using a RAID 1 controller to mirror the server files onto 2 HDDs. Lastly, network monitoring tools such as TCPview & netstat have been learned. Hijackthis is a tool that people praise much, but I have not yet had a chance to increase my knowledge in that. And now, I would like to refer some thing to all of you: Web Sites: ======= Sysinternals.com (Awesome modules of all categories, for windows platforms) Wikipedia.com google.com (All the information is there, you just have to harness it) MSFN.org technet.microsoft.com forums.spywareinfo.com (Check out the introduction pages, they have great procedures there) aumha.net/viewforum.php?f=30 (For HijackThis) searchexchange.techtarget.com (questions appear depending on the interests you choose) www.tek-tips.com (Good for help on specific products) www.no-ip.com (These guys give a free dynamic IP address binding, to bind it to a static domain name) www.domaintools.com (Full of IP web modules, like whois, dns tracking) OldVersion.com (For past versions of popular apps) Here is a pearl for whoever wants it: all my IT firefox bookmarks in .html file Apps: ==== Norton Ghost 9.0 (boots off CD, not OS dependent for image restore, even restores .pqi files). Mozilla Firefox 1.5.* ZoneLabs ZoneAlarm Partition Magic 8.0 CD (or on boot diskettes even better). TCPView (Network diagnostics tool) SisSandra 2007 (Awesome machine diagnostics tool) Ewido anti-malware Spyware, search and destroy HijackThis MagicBelly KeyFinder (For determining which Product key is coded in your computer) PrimoPDF (For free PDF file generation, though it is a bit unpredictable) Alcool 120% (For CD/DVD ripping) CNR (click n run for *spire linux OS's) Devices: ====== D-Link WUA 1310 (USB wireless g adapter) D-Link WBR 1310 (wireless g router) OS's: ==== Windows XP Windows SBS 2003 Freespire (a highly user-friendly Linux that is very similar to windows) (I sadly have not yet had the chance to play with more linux distros, so the list of appreciated Linux OS's ends here) Some things I have not been very happy with: ============================== Wireless adapter compatibility in Linux. Windows OS's not being able to read ext2 files. Wireless network setup in Linux. Some Linux isos barely fit in a CD or just slightly exceed the CD volume. This happened to me with ALinux 12.7 and 12.8. APC UPS 350r model. DSLinux was not what it was all pumped up to be. The menu is frustrating on small screens. Norton Ghost 9.0 is not compatible with SBS 2003 (for image creation). Nero StartSmart CD/DVD burning solution. Made SBS 2003 hang often. There is so much knowledge I wish to share with you all, but to be honest, in order to grow, you need to get your hands dirty. Don't be afraid to try stuff. When I started off, I decided to register to as many forums as I could, and the result was finding a wide and diverse array of people to help me and tools that would deem useful for my tasks. It's been awesome! Well, thanks for hearing me out guys. Phil.

I guess that answers it. In winXP Pro w/ SP2, I don't have the option to install such a component. I guess I'll have to wait till we get SBS 2003 installed on the server. Anyways, Hamachi is very good (I've already installed it). I guess this thread is solved. Thanks guys, helpful as usual.

Hamachi looks very promising. Haven't been able to test it properly yet, i.e. on machines plugged into different networks. But it looks very good. Thanks alot guys. It a bummer though that VPN won't work. @TAiN: What client software are you using? The VPN in Windows? Yes What version of Windows? XP? Yes What server software are you using? none Did you verify basic connectivity between hosts before attempting the VPN connection? I think that direct cable connection is the most basic connection to check. Not only that, but I also tried other configurations. No doubts here. Can you verify that the VPN server is running? How? Should it appear in TCPView? In task manager? It doesn't for me. Thanks.

Hi network guys I have tried many alternatives to get a VPN happening on one of my computers. For simplicity, I'll name the computer I want to connect to remote comp and the one I'm connecting from, local comp. 1st try - Direct cable connection: . disabled the software firewalls on both comps. . connected both comps via crossover cabling. . set static IP address to both comps over LAN. . On local computer, set same static ip over VPN connection. . Initiated PPTP connection to remote computer through VPN. Got error 678 2nd try - Through router (static IP addresses): . same as first try, but connected both comps via router. . set router to assign static ip addresses to both comps. . initiated PPTP connection through VPN. Got error 678. (Note: Network files are accessible, but unable to connect to the web) 3rd try - Through router (dynamic & static IP addresses + domain name): . software firewalls disabled. . comps connected via router. Local comp has dynamic IP (over lan and VPN), remote comp has static IP over LAN. . router set to redirect incomming PPTP requests to remote comp's static IP. . TCP port 47 (GRE) opened. . assigned domain name to router's WAN IP address. . on local computer, initiated PPTP connection to domain name through VPN. Got error 678. Any help?

The impression I got from reading on Sharepoint on the internet was that it could do like VPN, that it could allow for remote connection to a network through PPTP or L2TP. I don't know where I got that from. I was happy to think that because I was having issues with VPN. Guess I'll have to revert to solving those.

This is a very clear summary. thxPlease clarify this: When you say that I have a CAL to connect a comp to the server, will I be adding this to the licensing manager by means of a CAL code or will the manager not even ask me to authenticate the CAL? The only reason why I'm asking this is to know what artifacts to look for when buying the Server OS. B) Entry added July 13 2006, 11:13AM Here is an answer to my above question, courtesy of Fizban2:

I sure hope that the Sharepoint services that come with SBS 2003 will be fully functional and will not require any tools not built into SBS. Any more on this? Because this is what I was intending to do. Or very close to that, only replace VPN by SharePoint services. By the way, these issues have been resolved. I learned that, generally, if a software runs on Windows Server 2003, it is compatible with SBS 2003.

Thanks, I have a D-Link DI-614.I've visited this site called Spywareinfo (SWI). There were excellent instructions to follow. I followed their instructions and you can see what it gave me by clicking on the links: Spybot search and destroy (no log) adaware Ewido 1 Antivirus (Ran Kaspersky) and HijackThis I also installed ZoneAlarm and it's really tracking everything. I have a feeling it gets less intrusive with time. Results: The downloads.aaa1screensavers.com is gone! Thank you very much. Let me know if you have any comments on the Logs. Maybe we can trace back to the root of the intrusion. Note: Let me know if and how I can improve the format of the log files.

Crahak, I liked your insight on TortoiseCVS. Lots of good points you made. Having already toyed with it a bit, I can say: - I loved the GUI. Clean and simple to understand. - It takes practice to predict the dynamics between the repository and the client directory (tested on localhost). Thanks, I'll definitely look into subversion (already started doing so). If I have time, I'll post my findings on a new thread (in relevance with what it can bring to a client-server network). I was gonna explain why this domain app is relevant, but for simplicity I thought we should just leave it at: Server OS needs to be able to run 32-bit apps. B) Ok, back to a higher level. I don't need: - IIS 6.0. - SQL Server 2005. - Any type of mail services (Exchange). - SUS - MIIS - Clustering - Migration tools - ISA Let's make sure to keep these items out of this topic. I need: - File sharing (>10 users). - Remote file access (VPN or SharePoint?) - Running a 32-bit application (constraint). - Backup system. - Security (Firewall, Antivirus, AntiMalware) - Ability to monitor network activity. - Ability to create users for a domain rather than for a machine. - Access rights for users on a network. I think I'm gonna go for a Windows Server (2000 or 2003) OS, as I've been running into app support issues with SBS 2003, mainly Backup and Antivirus. Can anyone comment on the last two items of the needs list?

I'm shopping for a windows server product. To whoever has already bought a Windows Server Product, Do CALs need activation? Does a CAL come with an associated product key? If I buy a 25 CAL pack, should it come with 25 keys? What certificate of authority do I get when I purchase a CAL? Thanks guys.

Thanks for the help. I was discouraged when I saw no replies at first. The process is firefox (firefox.exe).There is another entry in my netstat that uses firefox, but the origin IP address doesn't indicate anything to me (72.14.205.19). I made a search for the hosts file. If you look carfully at this image, I could not find the occurence under .../CD BURNING/... .Anyways, I added the entry 0.0.0.0 downloads.aaa1screensavers.com in my hosts file and will now install an anti-virus software on the computer. Note: TAiN, I read the thread you referenced to me. Thanks, it was helpful.

Hi. I was playing with netstat today and realized that foreign address downloads.aaa1screensavers.com was playing with my ports: mine(to) his(from) ======= :1257 :1258 :1258 :1257 :3366 :3367 :3367 :3366 Where do I start to get this guy off?

I must say, the discussion is bringing out a lot of interesting points. What especially jumps out is the difference in scale between my IT perspective and dear Crahak's. Crahak has provided an excellent description of what a full fledged IT solution would look like in a more IT driven company. In our case though, it's not really the direction we'll be taking. I am the company's IT guy. Maybe a bit new at it, but there's a start for everyone. In response to And , please take a close look not only at my first, but also at my second post, as it will answer a lot of your questions.Just to sum up my 2nd post, I had described: The network diagram. Also, the version control system will handle concurrent file access. I'm already looking into tortoiseCVS. Domain apps that require 32-bit windows. Mail and web server ... not just yet. Remove exchange, IIS and SQL Server from scenario. Gathering things from what crahak, fizban2 and fdv said, here is a nice study: 2 scenarios: Scenario 1: Complete IT setup Purpose: Mail, Web, file and application servicing. Hardware: 2 servers w/ specs from crahak (1 x 1800$ -- we already have 1) UPS: Uninterruptible Power Supply (700$) Backup tape drives + 5 Tapes (500$ + 5 x 60$ = 800$) [*]Software: 2 x Windows Server 2003 SE w/ 10 CALs + 5 CALs (2 x (1200$+200$) = 2800$). 2 x Expensive tape drive software (2 x 2000$ = 4000$) [*]IT training: Books, time, personnel => $$$ Total: 10,100$ + $$$ Yowsers! Taking in fdv's idea of a red hat box on computer 2, we get 10,100$ - Server machine, OS & license costs (1800$ + 1400$) => 6,900$. Still ... Scenario 2: Basic IT setup Purpose: File and application servicing. Hardware: Intel Pentium 4 3.00 GHz, 1GB RAM, 235GB HD space (0$ -- in our possession) UPS (700$) [*]Software: Windows SBS 2003 w/ 5 CAls + 10 CALs (700$ + 800$ = 1500$) OR MORE LIKELY Windows Server 2003 SE w/ 10 CALs + 5 CALs (1400$) BrightStor Backup Software (0$ -- in our possession) [*]IT training: Books, time, personnel => $$$ Total: 2200$ + $$$ In the future, I'd probably add another machine as web and mail servicer running on an Open Source platform.

Here it is... Got IP addresses automatically for 2 workstations using DHCP. Disabled firewalls on workstations 192.168.0.107 and 192.168.0.114 . Created new VPN connection from 0.114 to 0.107 . In "Connect cname" window, entered the uname and passwd info for 0.107 . Hit Connect. And ... Got error 800. "Unable to establish the VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for this connection." Note from July 19th 2006: SOLVED: Refer to 2nd thread on same issue.

You were right, they were upgrade CALs. About point 3, the version control program. Does Win SBS or Server 200x have an integrated version control system?