Re: Scheduling NTBackup to mapped drive

• From: "Steve Moffat" <steve@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• To: "Exchange Weblist" <exchangelist@xxxxxxxxxxxxx>
• Date: Sun, 8 Aug 2004 02:17:17 +0100

You sir, are the most arrogant son of a bitch that I have ever had the
misfortune to be on a mail list with.

Your conception of a secure server stinks as there is no such thing as
has been pointed out to you repeatedly throughout this thread.

There is no point security wise in either logging off or locking a
server as any IT admin should know, due to the presence of applications
like ERD Commander etc which will let any monkey reset the admin
password etc.

The only secure server is the one in the locked security room with RDP
disabled.

Steve



-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx] 
Sent: Saturday, August 07, 2004 10:06 PM
To: Exchange Weblist
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Hmm... interesting how Mr. Mark Fugatt didn't even know the basic of
Active Directory and I had to teach him. Could it be that he perhaps
doesn't know AD or basics of security? That all he has to offer is
expertise in Exchange?
That has been proven here. Or did you just conveniently miss my response
to his AD newbie email?

While you and Mark were here crying all day, I was having sex with my
girl.

Get a life
 

-----Original Message-----
From: Andy David [mailto:adavid@xxxxxxxxxxxxxxxx]
Sent: Saturday, August 07, 2004 10:11 AM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

You still havent provided any documentation to back your claims that
this is more secure than simply logging out or answered how this will
protect against remote access. 
Mark is a friend of mine. He is one of the nicest, funniest, sharpest
guys I know. You, Sir, are no Mark Fugatt.


 

-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Friday, August 06, 2004 11:41 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Mark, I met you and liked you too, but you're coming across as a HUGE
ass yourself here. My "arrogance" is only surpassed by yours. You're
losing my respect.

Answers to your odd responses:

A: My gosh, everyone, even newbie's in here, knows the Guest account is
disabled by default. But it's ENABLED by newbie's. I mean, really, you
don't think admins out there enable that account? They do all the time
all over the place.

B: WRONG. You mean a Domain Controllers, NOT a server. I have 110
Windows servers. I have only 10 domain controllers. That means 100
servers can be logged onto (be default) anyone in the "domain users"
group. Mark, I'm surprised you missed the obvious here. And let's not
even TALK About non-domain member servers. And again, let's forget about
GPO's. If you stick a server (non-domain controller) that is a member a
domain in the "domain controllers" OU, then only Domain Admins can log
in. That bit of expertise will cost you $100.00.

C: I already explained that. Didn't you read my previous posts? Not to
mention, 80 of my servers can't be powered off WITHOUT A KEY, (like ALL
servers should be.) Also, look at the post AFTER this. How about the
patch installs and reboots? 

I'm getting tired of being right.




-----Original Message-----
From: Mark Fugatt [mailto:mark@xxxxxxxxx]
Sent: Friday, August 06, 2004 7:35 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

OK, OK, this is the plan, let move this to another location, and I will
invite some folks from Microsoft Trustworthy Computing and a number of
security experts who do not participate in this list to contribute as it
would appear we all have different opinions, the location can be a) the
Microsoft Public Security Newsgroup or I have no problem hosting a
newsgroup for the discussion.

Jared, I have met you, I really like you and like many others here value
your contribution, but you are coming across as an arrogant, childish,
prick, you have not provided any authorative statement backing up your
comments, if you make a statement and get challenged on it then you
should provide supporting evidence not just respond with "why should I
find it for you", step up to the plate Jared and prove us all wrong, we
are all wrong sometime.

So, to correct you on some point:

A) the Guest account is disabled by default
B) Only members of the admin group can log in locally to a server and
that's the default
C) If you lock a workstation, anyone can unlock it by powering off and
on, same applied to screen saver passwords, so what the difference with
this compared to logging out?


-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz@xxxxxxxxx]
Sent: Friday, August 06, 2004 4:21 PM
To: [ExchangeList]
Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive

http://www.MSExchange.org/

Children, be nice. I feel like your daddy here youngster.

You come across as a newbie, but that'd doesn't mean you are. It's just
that your statements are in beginner mode.

Of course one can't log onto a server under "Guest."
My 15 year daughter knows that. I'm talking Servers AND
workstations/laptops. Or do you ONLY believe that security is at the
server level?? Again, a newbie assumption. My daughter also knows ANY
admin can unlock a locked computer. So, again, what's your point?? If
you leave it logged off, then it can be logged in by ANYONE on the
domain if the GPO isn't set exactly correct. If it's locked by an admin,
then ONLY and admin can unlock it. 

Again, this is basics here Mr. 13 years of experience, (experience in
desktop support??)










--- Tony Anderson <tandersn@xxxxxxxxxxxxxxxxx> wrote:

> http://www.MSExchange.org/
> 
> Jared, from the tone of your statements it sounds like you are the one

> who is a "new admin" and "younger". You sound like some punk on a 
> warez list "windoz rulez, linux suks!@" without any foundations for 
> your arguments. How is it more secure to lock it vs loggin off? Answer

> the F#$@ing question?
> 
> I work in the "Paul G Allen center for computer science", I live in 
> Seattle, many of our faculty members work at MS, and many of my 
> friends do too. None of them have ever said that it was policy to 
> 'leave all servers locked'. Yes you must eaither LOCK or LOG OFF, 
> obviously you can't leave on logged on.
> 
> I am definately not a new admin, I have been doing this for 13 years. 
> Your comments are unfounded, and unsupported. Any idiot knows that an 
> administrator can unlock a locked computer. Any idiot knows that guest

> and even regular user accounts can't log on to a server locally.
> 
> What kind of exchange admin has a @yahoo account anyway?
> 
> Tony Anderson
> UW CSE
> 
> 
> 
> ----- Original Message -----
> From: "Jared Johnson" <jaredsjazz@xxxxxxxxx>
> To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
> Sent: Friday, August 06, 2004 12:46 PM
> Subject: [exchangelist] Re: Scheduling NTBackup to mapped drive
> 
> 
> > http://www.MSExchange.org/
> >
> > Easy and expected replies to all.
> >
> > You just missed the point, as all new admins do.
> >
> > The point is: It's obviously LESS secure leaving
> the
> > computer logged off, than actually locking it.
> >
> > I mean, DUH
> >
> > --- Tony Anderson <tandersn@xxxxxxxxxxxxxxxxx>
> wrote:
> >
> > > http://www.MSExchange.org/
> > >
> > > Security documents might say "lock your computer when you leave"
> > > but they mean that as opposed to leaving it
> logged
> > > on. (not opposed to
> > > logging off)
> > >
> > > Your statements are incorrect:
> > > If you say that locking the computer prevents someone from logging

> > > on as 'Administrator' (presuming it wasn't renamed),
> that
> > > is wrong. An
> > > administrator could unlock a locked computer. A 'GUEST' could not 
> > > log into a server locally anyway, against local policy.
> Same
> > > with Aspnet, or IIS
> > > accounts, they aren't allowed to log on locally.
> (by
> > > default!)
> > >
> > > Besides, if you have a hacker in your server
> room,
> > > he wouldn't need to log
> > > on, he could boot with a bartPE CD or a Linux
> boot
> > > floppy (to change the
> > > admin password
> > > http://home.eunet.no/~pnordahl/ntpasswd/) and
> change
> > > the
> > > admin password or do whatever he wanted. AND
> EVEN IF
> > > your server happens to
> > > be a domain controller, you can still change the local admin 
> > > password and boot up in 'active directory recovery mode' and
> use
> > > the local password.
> > >
> > > Tony
> > >
> > > > Think about it: WHY would you give a hacker
> more
> > > > opportunities to log in to various known
> accounts,
> > > > i.e., GUEST (because of these newbies don't
> > > disable
> > > > that account), the Administrator (because
> newbies
> > > > don't rename the account), or having the
> server
> > > power
> > > > off because of the power profile isn't loaded
> when
> > > > logged out (unless changed, but newbies
> don't),
> > > the
> > > > IIS accounts, the ASPNet accounts, etc. etc.
> > > That's
> > > > just ridiculous to give hackers that easy
> > > opportunity.
> > > >
> > > > I just did a google search and quickly found a
> > > "Five
> > > > Security Steps.." by Microsoft. One of them
> > > mentioned,
> > > > "locking your computer..."
> > > >
> > > > Google it, go to support.microsoft.com, to
> > > dogpile,
> > > > your local professional IT Auditor. You'll
> find
> > > more
> > > > information on it that you'll want to.
> > > >
> > > > --- Mark Fugatt <mark@xxxxxxxxx> wrote:
> > > >
> > > > > http://www.MSExchange.org/
> > > > >
> > > > > Yes, I would like you to provide me with one
> > > link
> > > > > that mentions that locking
> > > > > is more secure than logging out.
> > > > >
> > > > > What was the very first Windows 2000 admin
> book
> > > ever
> > > > > written?, and I will see
> > > > > if I can find reference to it in there.
> > > > >
> > > > > On Fri, 6 Aug 2004 08:14:21 -0700 (PDT),
> Jared
> > > > > Johnson wrote
> > > > > > http://www.MSExchange.org/
> > > > > >
> > > > > > Read the posts again. Do your search on
> > > dogpile,
> > > > > read
> > > > > > your beginning admin books. The proof is
> > > > > everywhere.
> > > > > > It's just plain common sense.
> > > > > >
> > > > > > You really want ME to do your research FOR
> > > YOU? Am
> > > > > I
> > > > > > your personal secretary dog? Dont' think
> so.
> > > Read
> > > > > the
> > > > > > very first Windows 2000 admin book ever
> > > written,
> > > > > and
> > > > > > you'll see. Basics my friend.
> > > > > >
> > > > > > --- "Michael B. Smith"
> <michael@xxxxxxxxxx>
> > > wrote:
> > > > > >
> > > > > > > http://www.MSExchange.org/
> > > > > > >
> > > > > > > Have you yet answered ANYONE as to why?
> > > > > > >
> > > > > > > Or provided a reference? Either
> Microsoft or
> > > > > FIPS?
> > > > > > > Or anything else for
> > > > > > > that matter?
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Jared Johnson
> > > > > [mailto:jaredsjazz@xxxxxxxxx]
> > > > > > > Sent: Friday, August 06, 2004 10:58 AM
> > > > > > > To: [ExchangeList]
> > > > > > > Subject: [exchangelist] Re: Scheduling
> > > NTBackup
> > > > > to
> > > > > > > mapped drive
> 
=== message truncated ===



                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
mark@xxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist




------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
adavid@xxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
JaredsJazz@xxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist

This E-Mail is confidential. It is not intended to be read, copied, disclosed 
or used by any person other than the recipient named above. 


Unauthorised use, disclosure, or copying is strictly prohibited and may be 
unlawful. Optimum IT Solutions disclaims any liability for any action taken in 
connection of this E-Mail. The comments or statements expressed in this E-Mail 
are not necessarily those of Optimum IT Solutions or its subsidiaries or 
affiliates.

administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx 

Other related posts:

• » Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » RE: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive
• » Re: Scheduling NTBackup to mapped drive

1. Home
2. exchangelist
3. Archive
4. 08-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---