April 2005 - Posts
Log Parser 2.2:
http://www.microsoft.com/downloads/details.aspx?familyid=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®. You tell Log Parser what information you need and how you want it processed. The results of your query can be custom-formatted in text based output, or they can be persisted to more specialty targets like SQL, SYSLOG, or a chart. Most software is designed to accomplish a limited number of specific tasks. Log Parser is different... the number of ways it can be used is limited only by the needs and imagination of the user. The world is your database with Log Parser.
Correction/Update:
I said that Tim Rains built this tool. Sorry! That is not the case. Check it out anyway ;-) Also, check out www.logparser.com!
Overview
Network Access Protection (NAP) is a set of operating system components that provide a platform for protected access to private networks. The NAP platform provides an integrated way of detecting the state of a network client that is attempting to connect to a network and restricting the access of the network client until the policy requirements for connecting to the network have been met.
To protect access to a network, a network infrastructure needs to provide the following areas of functionality:
• Policy validation, which determines whether the computers are compliant with security policy. Compliant computers are deemed “healthy.”
• Network restriction, which restricts access based on health state.
• Remediation, which provides necessary updates to allow the computer to get healthy
• Ongoing compliance, which permits access to the network as long as the users’ computer meets policy requirements.
The NAP platform provides enforcement for Dynamic Host Configuration Protocol (DHCP) address configuration, virtual private network (VPN)-based network connections, and Internet Protocol security (IPsec)-based communications and an architecture through which policy validation, network restriction, remediation, and ongoing compliance can occur via additional components supplied by third-party software vendors or Microsoft.
The NAP platform requires servers running Windows Server "Longhorn" and clients running Windows® XP with Service Pack 2.
The NAP platform is not the same as Network Access Quarantine Control, which is a capability provided with Windows Server 2003 to provide additional protection only for remote access (dial-up and VPN) connections.
Download the white paper here:
http://www.microsoft.com/downloads/details.aspx?familyid=2f37651e-1749-45c3-996e-53de05d44ef7&displaylang=en
Sometimes after releasing a security update we hear of customers having issues. The only way we can validate those issues is to work directly with the folks that are having the problem. Once we find a problem we can then develop a solution. In other words, we need to be able to reproduce the problem before we can figure out how to address it.
For problems with a security update, you can call 1-866-PCSafety (1-866-727-2338) in the US. All others should contact your local subsidiary. I hear feedback that people don't believe that this is a free call. As standard procedure, you may be asked for a credit card in case your issue is not actually related to the security update and you still want help. However, if your issue is with the security update you will not be charged.
So please, if you are having a problem with a security update, give us a call. All numbers can be found at http://support.microsoft.com.
April 12, 2005
Today Microsoft released the following Security Bulletin(s).
Note:
www.microsoft.com/technet/security and
www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.
Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.
Bulletin Summary:
Critical Bulletins:
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338). International customers should contact their local subsidiary.