|
|
Remote Control 3.0 Released!
Finally - Remote Control 3.0 has been released
We appreciate all of the hard work our Beta testers have done for us.
Here is a link to the trial:
http://www.intelliadmin.com/setupex.exe
Screen Shots:
http://www.intelliadmin.com/RemoteControl3_ScreenShots.htm
All current customers should receive an email sometime on October 31st (Today). If you do not get your email...drop us a line at support@intelliadmin.com and we will take care of you.
Posted By: Steve Wiseman on Friday, October 31, 2008
Check out our utilities for windows
Reset your Office 2007 Serial number
We have been working on various test systems here, and sometimes we use the wrong serial number for Office 2007 (One that we have on other systems that are used for work instead of testing). I only figure this after I have installed the whole package.
I wanted to find a way of simply entering a new serial number after the fact.
I researched to see if there was a way to update it without the reinstall...and it turns out it is actually not too hard.
You simply need to drill down to this registry key (As always backup your registry before messing with it):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0
\Registration\{90120000-0030-0000-0000-0000000FF1CE}
If you see more than one GUID, and it does not match the one above...Look through each until you find one with the ProductName of Microsoft Office 2007
Once you find the appropriate registry key look for the two values ProductID, and DigitalProductID? Delete these.
Now run launch any office application, and you will be prompted for the new serial number.
Now you can update the serial without waiting through a re-install.
Posted By: Steve Wiseman on Sunday, October 26, 2008
Check out our utilities for windows
SMB Vulnerablity Found - Emergency Patch
Microsoft has announced that they will be releasing an emergency out of cycle patch for Windows users today.
There are few details on why it is releasing the patch, but a little research shows that it is a flaw in SMB - Windows File Sharing. The update will be released at 10 A.M. Pacific time, as announced on the Microsoft Security blog.
If you take a peek over at the National Vulnerability Database, we can see this article Here is the overview:
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."
This means this vulnerability could be exploited to create a worm. Further it means if one PC gets infected on your network, then quickly all of them will.
After doing some more research it seems there is already an exploit in the wild - it is set to "go off" during the Thanksgiving holiday here in the states.
This is a very serious vulnerability and I suggest making sure your computers are updated with the patch as soon as possible.
Posted By: Steve Wiseman on Thursday, October 23, 2008
Check out our utilities for windows
Remote Control RC6 - Public Beta
We are now opening the beta to the general public. If you don't know already, our Remote Control 3.0 is in beta, and has a few interesting features:
-256 bit AES encryption
-Request Access before connecting
-Support for Vista, 2008 and 64 bit windows
-Support for third party VNC clients like RealVNC, UltraVNC, and TightVNC.
To Get the download, simply use this form to get into the beta site:
http://www.intelliadmin.com/beta/signup.asp
The VNC support is a "clean-room" implementation of the RFB protocol. This means we took the public information about VNC provided by this document.
We carefully designed it with security, performance, and modern operating system support in mind. Since we built ours from scratch our remote control will be unlike many other VNC compatible servers - it won't have the same quirks and bugs as RealVNC - We will just have our own quirks and bugs! :)
Here are a few screenshots:
A remote control session to a 2008 64 bit server:
The client settings and connect window:
The agent settings window:
Posted By: Steve Wiseman on Monday, October 20, 2008
Check out our utilities for windows
Enable file and printer sharing using group policy
Since the release of Windows XP SP2 file and printer sharing has been blocked by default in the Windows firewall.
This creates a problem for many of our tools and products. For example, our remote USB disabler cannot do its work without remotely writing the appropriate registry keys. Our Remote Control product cannot automatically install its agent without file and printer sharing. They all use this to do their magic. We are not the only ones - psexec from SysInternals needs file and printer sharing too.
There are hundreds if not thousands of tools used by IT administrators that require file and printer sharing enabled in the firewall.
If you have 10 computers it is an easy fix. You simply walk around to each of them and add an exception in the firewall. Simple. Done.
If you have 100s of computers spread across 3 states...you now have a much more difficult problem. You could write a script that executes at login. The trouble with this idea is that every user would need full administrator access to their own machine. This type of access is getting pretty rare these days, so I don't even consider it an option.
The best method is group policy. I am going to walk you through it. My example uses Windows 2003 Server. Those of you with 2008 will find that it is almost exactly the same. If you have 2000 Server...well...you have your hands full anyway and shouldn't even have time to read this article.
Start out by getting on your domain controller. Open "Active Directory Users and Computers". You need to determine what group of machines your policy is going to be applied to. Some organizations will have computers under many different OUs.
To keep things simple I am going to change the group policy for the entire domain.
Right click on the domain name and go to properties:
This will bring up a properties window. You will want to move to the Group Policy tab, select the policy you want to edit (In our case it is the Default Domain Policy) and press the edit button.
This is a computer policy (It will apply to computers...not specific users), so drill down to:
Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall
You will notice two sections under this area. A domain profile, and a standard profile. A machine will automatically determine which profile it should use by the type of network it is connected to. Directly from Microsoft, they are defined in this way:
* Domain profile The domain profile is the set of Windows Firewall settings that are needed when the computer is connected to the managed network. For example, the domain profile might contain settings for excepted traffic for the applications and services needed by a managed computer in an enterprise network.
* Standard profile The standard profile is the set of Windows Firewall settings that are needed when the computer is connected to another network. A good example is when an organization laptop computer is taken on the road and connects to the Internet using a public broadband or wireless Internet service provider. Because the organization laptop computer is directly connected to the Internet, the standard profile should contain more restrictive settings than the domain profile.
So generally speaking, I suggest only making these changes to the Domain Profile. You don't want your sales guys hooking up to a hotel network with their file and printer sharing fully accessible.
Selecting the domain profile, and looking on the right we see what we need - "Windows Firewall: Allow file and printer sharing exception"
There are two items you need to set. First check the radio button to enabled, and then below you need to fill out a filter value. This tells the group policy what computers are allowed to connect to the machine. For our example I will put *
This value allows any computer to connect. Click OK, and allow some time to pass (15 to 30 minutes). Then your computers will pick up the new policy. If you are impatient you can go to the command line on the server and your test machine. Type: GPUPDATE /force
If I hop on one of my Vista machines we can see that it has accepted the policy:
Perfect. Now I can terrorize my programmers by rebooting all of their machines at the same time using Network Administrator :)
Posted By: Steve Wiseman on Saturday, October 18, 2008
Check out our utilities for windows
64 Bit VNC Server
Sorry to keep blabbering about our remote control product, but we released another beta today. This Release Candidate has added VNC support. This means we now have a fully functional 32 Bit - 64 bit - Vista - and 2008 compatible VNC Server. (Update: We have released the full version...see download link at the bottom)
It has a cool new setup wizard, and agent settings application. Here are a few screen shots:
Settings Form:
Setup Wizard:
More screenshots can be found Here
Download it from here
Posted By: Steve Wiseman on Thursday, October 16, 2008
Check out our utilities for windows
Vista and Windows 2000 Authenticaiton Problems - Resolved
We have many test systems here. Ranging from Windows 2000 Server, Windows XP Home, to Windows 2008 x64. Something I noticed today while testing...when I tried to connect to some Windows 2000 machines - the remote computer would not accept my password:
I happened to be working from a Vista Ultimate machine. So I went over to one of our XP Pro installs - it worked fine. The more testing I did, I realized it only happened with machines that were Windows 2000
Immediately I remembered that there were different levels of NTLM authentication, I thought that Vista might be enforcing a higher level through security policy.
On my Vista machine I opened the local policy editor (You can find this under administrative tools in the control panel).
Drilled down to Local Policies -> Security Options
Looking at:
Network Security: LAN Manager authentication level
I see that it only will allow NTLMv2 responses. Since I know that my physical network is protected, and I know all of the machines running on it I changed it to this:
Now I can connect to the admin$ share...and any other share on Windows 2000 computers.
This tip comes with a warning. Obviously dropping this down makes your Vista install less secure. If you think it is possible that you could have a rogue SMB server (A specially crafted windows share) on your network, I suggest not changing this. setting.
Posted By: Steve Wiseman on Monday, October 13, 2008
Check out our utilities for windows
Vista VNC Server
Sorry to keep blabbering about our remote control product, but we released another beta today. This Release Candidate has added VNC support. This means we now have a fully functional 32 Bit - 64 bit - Vista - and 2008 compatible VNC Server. (Update: We have released the full version...see download link at the bottom)
It has a cool new setup wizard, and agent settings application. Here are a few screen shots:
Settings Form:
Setup Wizard:
More screenshots can be found Here
Download it from here
Posted By: Steve Wiseman on Friday, October 10, 2008
Check out our utilities for windows
Remote Control Beta RC3
Just posted RC3 to the beta site. We have fixed a number of bugs...and updated the artwork for the logo:
If you want to take it for a spin email us at support@intelliadmin.com and put beta in the subject...if you already sent us a mail and have not gotten your invitation...then please send it again. We are getting a large number of requests, and since we are silly enough to do them by hand...some get lost :(
Posted By: Steve Wiseman on Friday, October 10, 2008
Check out our utilities for windows
Release Candidate 1
We have just uploaded RC1 of our Remote Control LAN Edition. If you would like to take it for a spin...email us at support@intelliadmin.com with beta in the subject.
A few features:
1. It supports Windows Vista, 2008, 2000, XP, 2003, 32 and 64 bit versions
2. It allows you to request access before connecting to a machine
3. It works over the internet now...and only one TCP port is needed.
4. Supports active directory user accounts, and local user accounts - currently only allows users in the "Administrators" group to access the machine
5. Uses 256 Bit AES encryption with Diffie-Hillman key exchange to keep your credentials safe
Join the beta soon. We will be closing it as we get to our final release date of October 31st. Thanks again beta testers!
Posted By: Steve Wiseman on Wednesday, October 01, 2008
Check out our utilities for windows
|
 |
