Microsoft actually has a nice database of product support lifecycles available, though you may need to take notes to figure out what the charts mean.
Microsoft Support Lifecycles
Reply
Category Archives: Housing
Active Directory upgrade
The student sites are now running on a Windows 2003 Server Active Directory. I learned a few things along the way:
- Don’t try to reuse an existing server name if it is staticly mapped in your WINS database. The Windows Server 2003 upgrade process will think there is a name collision and use some randomly generated name for the server, UNIVERSI-2345a8 for example.
- If you have messed around with the User Rights on your NT4 domain, you’d best find the defaults for Windows 2003 and reset them. Updates and other things just don’t install correctly until they are reset. (The Threats and Countermeasures Guide came in pretty handy here too.)
- Until the workstations DNS server and the default DNS domain name is changed, they keep working right along as if the domain is still NT4 based. Dynamic DNS doesn’t start working until then either.
I still need to move all the FSMO roles off the temporary DC, but that doesn’t need to happen any time soon. I may put any more changes off until winter break.
Dell Optiplex GX270 failures
Lots of portscans this morning
Looks like there’s a new worm afoot on campus this morning, lots of probes at port 445 and 135 to our portsentry hosts. Maybe this new RBot variant or this Agobot variant.
And we were down to less than 60 open tickets.
Update (11/18/2004): Looks like at least some of these were recently reinstalled Windows XP without all the patches. Most commonly found virus was Korgo.worm.v. But, this mini-outbreak reinforces the usefulness of being proactive with network monitoring and using the quarantine vlan.
gentoo profile updates
Taking my brain away from the election boondoggle this morning, after an emerge --sync, I was greeted with this:
!!! Your current profile is deprecated and not supported anymore.
!!! Please upgrade to the following profile if possible:
default-linux/x86/2004.0
To upgrade do the following steps:
# emerge -n '>=sys-apps/portage-2.0.51'
# cd /etc/
# rm make.profile
# ln -s ../usr/portage/profiles/default-linux/x86/2004.0 make.profile
Searching the forums led to one post in german about this. Since I’ve got the luxury of more than one non-production test machine, I went ahead and followed the instructions. All seems to be fine.
A little more poking around in the gentoo documentation, and I found some pretty good advice on this upgrade, seems to be just a file system layout/naming convention change.
Great EULA clause
This has to be one of the best End User License Agreement clauses ever:
4.1 Permission to utilize Your computer. In order to receive the benefits provided by the Skype Software, you hereby grant permission for the Skype Software to utilize the processor and bandwidth of Your computer for the limited purpose of facilitating the communication between You and other Skype Software users.
Lots of searching on the web yields very little about Skype that isn’t “it’s the greatest thing ever”, but there is this blog post where the author talks about the fact that Skype makes open hosts on the Internet into “supernodes” to facilitate conversations between computers behind firewalls and NAT devices. Smells a little fishy to me.
Yet another new virus/worm
Similar to an earlier post, we are seeing another worm. This one uses the process name wmediaplayer.exe and seems to be spreading using weak or nonexistant administrator account passwords. Infected machines also appear to be scanning other hosts on ports 135, 139 and 445. Suspiscious keys in HKLMSoftwareWindowsCurrentVersionRun refer to executable name.
As usual, none of the antivirus vendors have signatures for this yet.
It’s just another day on the Internet. I’m not sure if it was someone on this campus that reported it, but the DDoS mentioned at ISC was also seen here.
MBSA and MS04-025
When MBSA 1.2.1 tells you this about MS04-025, it’s probably safe to ignore.
A required registry key does not exist. It is necessary in order for this patch to be considered installed. [SOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{3B7C8860-D78F-101B-B9B5-04021C009402}Compatibility Flags]
Check the file versions listed in the bulletin, but it’s probably wrong.
Oh, and this guy deserves a nice pat on the back for wonderful instructions on how to patch an Office 2003 administrative install share. Amazingly enough, patching the install share and then calling setup.exe REINSTALL=ALL /qb /L*v c:o2k3re.log actually works as advertised.
(And it looks like my stylesheet still needs some adjustments)
MS04-028 patches
I’m working on the last set of patches from Microsoft for the labs, and they are beginning to annoy me.
The one for IE6sp1 works just as advertised, with the standard unattended commandline:IE6.0sp1-KB833989-x86-ENU.exe /q:a /r:n.
The one for the DotNet Framework 1.1, isn’t quite so straight-forward. The command line options work as advertised. (I’m using NDP1.1sp1-KB867460-X86.exe /Q /L:c:dotnetsp1.txt). But after installing, the version numbers don’t match up with the version checking method listed in KB318785. %WINDOWS%System32URTTempmscoree.dll does NOT get updated, while the version in %WINDOWS%System32 does.
Arrgh. Now on to the Office 2003 patching, from an Admin install share. This should be fun. At least there are reccommended practices from Microsoft on this stuff.
mod_log_sql and old logs
I’ve converted one of our Linux Apache webservers over to logging with mod_log_sql and adapted some previously existing php code to display the data.
Continue reading