[gptalk] Re: Securing The Network & Messenger Service

  • From: "Asaf Efrati" <asafe@xxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Thu, 7 Aug 2008 18:52:18 +0300

Thanks Darren, I will try that J

 

Thank you,

 

Asaf Efrati | IT & Security | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

etoro-logo 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Thursday, August 07, 2008 6:47 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

The only reason I can think of why this is the case is that the service's
permissions have been mucked up to the point that not even GP can modify its
configuration. This can happen. You might want to at using sc.exe with the
sdset parameter to try and reset them to something similar to another
service.

 

In terms of your other question, try using the /persistent:no option when
you map the drive.

 

Darren

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Thursday, August 07, 2008 6:07 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Hey Darren,

 

I tried a reboot, no go.

The gpo is configured correctly and there are no conflicts.

I am unsure as to how this service got disabled before.

But I can't enable it using Gpo.

 

Another question I have (if its all right in the same thread)

Is: how can I determine that if I another work station of one of my users

To access my own computer using RUN and entering the full path like so
\\192.168.xx.xxx\c$ <file:///\\192.168.xx.xxx\c$> 

I then enter my admin user and password, when I am done I use the "x" to
close the window,

My problem is that the next time the user enters his "RUN" command he can
use what I entered and access my computer

No question asked. How can I disable this auto-credentials saving? 

 

Thank you,

 

Asaf Efrati | IT & Security | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

etoro-logo 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Tuesday, August 05, 2008 8:22 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Asaf-

 

Its possible that you could need a reboot for the change to take effect. 

 

Darren

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Tuesday, August 05, 2008 10:21 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Ok, I did the check for some of the computers and the GPO they are getting
are from the domain and seems to configure the Messenger part of the gpo
correctly

But the service stays in "disabled" status.

 

Darren thanks in advance you've been a big help.

This goes to the rest too, every question asked

And every answer given just serves to increase my

Knowledge of this great tool.

 

Thank you,

 

Asaf Efrati | System | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Tuesday, August 05, 2008 17:08
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

You can run GPMC's Results Wizard remotely against a system.

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Tuesday, August 05, 2008 8:47 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

OK thanks, I will try it.

Not sure if it will work though, I think I need to disable a few things
first.

I didn't allow users to open the mmc In author mode.

 

Thank you,

 

Asaf Efrati | System | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Tuesday, August 05, 2008 16:40
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Run RSOP on those problem systems. See if they think they received the
domain policy. If not, then there may be something else going on there. 

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Tuesday, August 05, 2008 8:33 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Ok, so why problem is this, every computer gets the Gpo Etc, but some of the
computers still have the service in DISABLED.

Shouldn't the gpo change to enable messenger change it to automatic or
something?

Because I do want to use net send.

 

Thank you,

 

Asaf Efrati | System | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Tuesday, August 05, 2008 16:32
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Yes, a domain-based GPO would override any local GPO for the service startup
type. 


Darren

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Tuesday, August 05, 2008 5:00 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

In order to allow NET SEND I enabled under the Gpo the messenger service,
but strange enough not every computer got the change, or rather the local
policy is disabling it.

If a service is in "DISABLED" will a Gpo change to enable it will change it?

 

Thank you,

 

Asaf Efrati | System | eToro

A 32 Habarzel St. Tel Aviv 69710, Israel

M +972 545671587

F +9723 7686712

W www.eToro.com 

 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

  _____  

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Darren Mar-Elia
Sent: Tuesday, August 05, 2008 04:41
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Securing The Network & Messenger Service

 

Sorry-just saw this. What exactly are you doing to allow Net Send? I would
guess that allowing net send should have nothing to do with live messenger
working or not (unless Live Messenger relies on the Alerter service but if
its enabled , that should not impact IM). 

 

As for disabling Wireless, you can't really do that as a function of whether
it's on your network or not. If you are worried about users connecting to
non-corporate WAPs while they are in the office, then GP against XP clients
won't help you much. The Wireless Policy that is supported on XP is pretty
limited. Vista is better at this. You might be able to do some kind of IPSec
tunnel while on the corporate network that prevents non corporate networks
from accessing your internal network, but it would take some work.

 

Darren

 

From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Asaf Efrati
Sent: Sunday, August 03, 2008 9:05 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Securing The Network & Messenger Service

 

Hey everyone,

 

I am trying to make my network more secure, I tried looking at a few things
who left me puzzled as they didn't seem to work.

I am trying to enable NET SEND and at the same time deny users the ability
to use live messenger, those options didn't work.

Further more I am trying to force disabling  of Wireless on laptops
connected to my network, I didn't find any effective way of doing that
through GPO.

 

Any thoughts?

 

 

Thank you,

 

Asaf Efrati | IT & Security | eToro

W www.eToro.com 

etoro-logo 

If you have received this email message in error, please notify the sender
immediately by telephone or return email and refrain from taking any action
relating to the content of the email. 

Thereafter, please destroy the original message without making a copy. You
may not use the content of the email without first obtaining prior written
consent from the sender. 

You may not forward this email to anyone other than the sender for
notification purposes. 

 

 

JPEG image

JPEG image

Other related posts: