Help network security

system · January 29, 2001, 10:18am

Thanks guys for your responses. I've been busy trying to restore one of my
AutoCAD platforms this morning.... hmmm it worked on Friday. I have played
around with the policy editor before without much luck. I had a local PC
consulting firm tell me that it is somewhat flaky and has some holes i.e
help files links. I bought a utility called crowd control for one of my data
collection stations might have to look it additional licenses. I was hoping
to find a quick fix as my time is somewhat limited.

Dan Shallbetter
States Electric.

-----Original Message-----
From: H. Dale Puls [mailto:DPuls@...]
Sent: Monday, January 29, 2001 8:40 AM
To: vantage@yahoogroups.com
Subject: RE: [Vantage] HELP NETWORK SECURITY

Dan,

Rich is correct in the name for the Win95 program. It is the "Policy Editor"
and is found on your Win95 CD. It is NOT installed by default and should
only be installed on the PC you wish to use as the "policy master". The
policy should then be moved to your server so it becomes the only policy for
the Win95 machines.

H. Dale Puls

-----Original Message-----
From: Rich Shafer [mailto:rshafer@...]
Sent: Monday, January 29, 2001 7:59 AM
To: vantage@yahoogroups.com
Subject: Re: [Vantage] HELP NETWORK SECURITY

Dan

I am not sure how it functions but get your local computer guru to use a
built in Win95 utility.
I believe it is called "policy editor".
Perhaps someone can correct me if I am wrong.
We used this to completely "lock" our shop machine unless a user with a
valid password and "rights" logs into the machine.

In short we block all programs except Vantage in the shop login screen. This
also includes Help, Favorites, Settings etc. off of the start button.
To repeat myself.... the ONLY thing accessible off of the start button is
Vantage. (for shop floor users)
Since some of your users may be computer savvy you must also block the same
items if you hit cancel in your network login screen on Win95 startup.
Beware of Vantage and Win95 Help files they can contain links which can
circumvent the policy editor, so block access there as well.
(learned that the hard way)

One last thing, and your users will hate it.....
If you are really that worried, force both network and Vantage password
changes every day or two until things settle down.

Your choice shouldn't be to hard, messed up network and yelling people or
just grumbling people.

I hope this can solve part of your problem.

Rich Shafer
APEX Piping

----- Original Message -----
From: Dan Shallbetter
To: 'vantage@egroups.com'
Sent: Saturday, January 27, 2001 10:57 AM
Subject: [Vantage] HELP NETWORK SECURITY

We are currently facing a strike beginning 02/01/2001. Looking for
suggestions on protecting the network (Small Business Server 4.5 ) from
rumored sabotage. I am planning on ghosting all my shop floor clients, and
also doing nightly backups of the most likely clients to be tampered with.
What additional steps should I take to protect the Vantage database and
server? What are the bare minimum shares that Vantage requires? that SBS
requires? My clients are all Win95 short of password protecting the boot
up,
is there anything else I should consider to prevent access to the clients?
Now if I can only figure out some way to remove all the magnets from the
shop floor!! Isn't paranoia wonderful ?

Thanks
Dan Shallbetter
States Electric Mfg.

Yahoo! Groups Sponsor

www. .com

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

Yahoo! Groups Sponsor

<http://rd.yahoo.com/M=176325.1307935.2900315.1248727/D=egroupmail/S=1700007
183:N/A=567150/R=1/*http://domains.yahoo.com>
<http://rd.yahoo.com/M=176325.1307935.2900315.1248727/D=egroupmail/S=1700007
183:N/A=567150/R=2/*http://domains.yahoo.com>

www.

<http://us.adserver.yahoo.com/l?M=176325.1307935.2900315.1248727/D=egroupmai
l/S=1700007183:N/A=567150/rand=460856006>

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

system · January 27, 2001, 11:04am

We are currently facing a strike beginning 02/01/2001. Looking for
suggestions on protecting the network (Small Business Server 4.5 ) from
rumored sabotage. I am planning on ghosting all my shop floor clients, and
also doing nightly backups of the most likely clients to be tampered with.
What additional steps should I take to protect the Vantage database and
server? What are the bare minimum shares that Vantage requires? that SBS
requires? My clients are all Win95 short of password protecting the boot up,
is there anything else I should consider to prevent access to the clients?
Now if I can only figure out some way to remove all the magnets from the
shop floor!! Isn't paranoia wonderful ?

Thanks
Dan Shallbetter
States Electric Mfg.

system · January 29, 2001, 7:49am

Dan:

It's a damn shame that the right to strike has been reduced to preparing
for idiotic actions by the "unknown and unauthorized"...

In my mind striking saboteurs are the same as virus creating/releasing
dirt bags.

When will we collectively accept communication as the key to success and
harmony?

Good luck to you and your company!

Rick Gors
MR/MMIS
Osco

Dan Shallbetter wrote:

>
> We are currently facing a strike beginning 02/01/2001. Looking for
> suggestions on protecting the network (Small Business Server 4.5 ) from
> rumored sabotage. I am planning on ghosting all my shop floor clients, and
> also doing nightly backups of the most likely clients to be tampered with.
> What additional steps should I take to protect the Vantage database and
> server? What are the bare minimum shares that Vantage requires? that SBS
> requires? My clients are all Win95 short of password protecting the boot up,
> is there anything else I should consider to prevent access to the clients?
> Now if I can only figure out some way to remove all the magnets from the
> shop floor!! Isn't paranoia wonderful ?
>
> Thanks
> Dan Shallbetter
> States Electric Mfg.
>
>
> To unsubscribe from this group, send an email to:
> vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

system · January 29, 2001, 8:50am

Dan,

I would suggest you set up network profiles for your Win95 machines and then
remove the "cancel" button from the login screen. This will allow you to
prohibit local login to the machine. Also turn on login tracking on your SBS
so you have a record of who has logged on to your client machines and when.
(There are lots of additional pointers in the SBS resource book and on the
Microsoft small business news site:
news://msnews.microsoft.com/microsoft.public.backoffice.smallbiz

H. Dale Puls

-----Original Message-----
From: Rick Gors [mailto:rgors@...]
Sent: Monday, January 29, 2001 6:47 AM
To: vantage@yahoogroups.com
Subject: Re: [Vantage] HELP NETWORK SECURITY

Dan:

It's a damn shame that the right to strike has been reduced to preparing
for idiotic actions by the "unknown and unauthorized"...

In my mind striking saboteurs are the same as virus creating/releasing
dirt bags.

When will we collectively accept communication as the key to success and
harmony?

Good luck to you and your company!

Rick Gors
MR/MMIS
Osco

Dan Shallbetter wrote:

>
> We are currently facing a strike beginning 02/01/2001. Looking for
> suggestions on protecting the network (Small Business Server 4.5 ) from
> rumored sabotage. I am planning on ghosting all my shop floor clients, and
> also doing nightly backups of the most likely clients to be tampered with.
> What additional steps should I take to protect the Vantage database and
> server? What are the bare minimum shares that Vantage requires? that SBS
> requires? My clients are all Win95 short of password protecting the boot

up,

> is there anything else I should consider to prevent access to the clients?
> Now if I can only figure out some way to remove all the magnets from the
> shop floor!! Isn't paranoia wonderful ?
>
> Thanks
> Dan Shallbetter
> States Electric Mfg.
>
>
> To unsubscribe from this group, send an email to:
> vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

system · January 29, 2001, 9:00am

Dan

I am not sure how it functions but get your local computer guru to use a built in Win95 utility.
I believe it is called "policy editor".
Perhaps someone can correct me if I am wrong.
We used this to completely "lock" our shop machine unless a user with a valid password and "rights" logs into the machine.

In short we block all programs except Vantage in the shop login screen. This also includes Help, Favorites, Settings etc. off of the start button.
To repeat myself.... the ONLY thing accessible off of the start button is Vantage. (for shop floor users)
Since some of your users may be computer savvy you must also block the same items if you hit cancel in your network login screen on Win95 startup.
Beware of Vantage and Win95 Help files they can contain links which can circumvent the policy editor, so block access there as well.
(learned that the hard way)

One last thing, and your users will hate it.....
If you are really that worried, force both network and Vantage password changes every day or two until things settle down.

Your choice shouldn't be to hard, messed up network and yelling people or just grumbling people.

I hope this can solve part of your problem.

Rich Shafer
APEX Piping

----- Original Message -----
From: Dan Shallbetter
To: 'vantage@egroups.com'
Sent: Saturday, January 27, 2001 10:57 AM
Subject: [Vantage] HELP NETWORK SECURITY

We are currently facing a strike beginning 02/01/2001. Looking for
suggestions on protecting the network (Small Business Server 4.5 ) from
rumored sabotage. I am planning on ghosting all my shop floor clients, and
also doing nightly backups of the most likely clients to be tampered with.
What additional steps should I take to protect the Vantage database and
server? What are the bare minimum shares that Vantage requires? that SBS
requires? My clients are all Win95 short of password protecting the boot up,
is there anything else I should consider to prevent access to the clients?
Now if I can only figure out some way to remove all the magnets from the
shop floor!! Isn't paranoia wonderful ?

Thanks
Dan Shallbetter
States Electric Mfg.

Yahoo! Groups Sponsor

www. .com

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

system · January 29, 2001, 9:15am

If your client PCs have a BIOS that allows it you can password the
Supervisor functions (access to BIOS setup) separately from a login
password. In order to recover from power outages, etc... without having to
visit each shop PC we don't use boot up passwords but DO secure access to
the setup. Then we remove the A: (floppy) drive by disabling it (no CD
drives to disable but they could be too). This prevents booting from a DOS
floppy with network drivers which could try to access the server or at the
least mess with the local settings. Even so about once a month I find a PC
someone has tried to "hack".
-Todd C.
Harvey Vogel Mfg. Co.

-----Original Message-----
From: Dan Shallbetter [mailto:dans@...]
Sent: Saturday, January 27, 2001 9:58 AM
To: 'vantage@egroups.com'
Subject: [Vantage] HELP NETWORK SECURITY

We are currently facing a strike beginning 02/01/2001. Looking for
suggestions on protecting the network (Small Business Server 4.5 ) from
rumored sabotage. I am planning on ghosting all my shop floor clients, and
also doing nightly backups of the most likely clients to be tampered with.
What additional steps should I take to protect the Vantage database and
server? What are the bare minimum shares that Vantage requires? that SBS
requires? My clients are all Win95 short of password protecting the boot up,
is there anything else I should consider to prevent access to the clients?
Now if I can only figure out some way to remove all the magnets from the
shop floor!! Isn't paranoia wonderful ?

Thanks
Dan Shallbetter
States Electric Mfg.

Yahoo! Groups Sponsor

<http://us.a1.yimg.com/us.yimg.com/a/ya/yahoo_domain/note.gif>
<http://us.a1.yimg.com/us.yimg.com/a/ya/yahoo_domain/notetext.gif>

www. .com

<http://us.adserver.yahoo.com/l?M=176325.1307935.2900315.1248727/D=egroupmai
l/S=1700007183:N/A=572130/rand=921981261>

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

system · January 29, 2001, 9:33am

Dan,

Rich is correct in the name for the Win95 program. It is the "Policy Editor"
and is found on your Win95 CD. It is NOT installed by default and should
only be installed on the PC you wish to use as the "policy master". The
policy should then be moved to your server so it becomes the only policy for
the Win95 machines.

H. Dale Puls

-----Original Message-----
From: Rich Shafer [mailto:rshafer@...]
Sent: Monday, January 29, 2001 7:59 AM
To: vantage@yahoogroups.com
Subject: Re: [Vantage] HELP NETWORK SECURITY

Dan

I am not sure how it functions but get your local computer guru to use a
built in Win95 utility.
I believe it is called "policy editor".
Perhaps someone can correct me if I am wrong.
We used this to completely "lock" our shop machine unless a user with a
valid password and "rights" logs into the machine.

In short we block all programs except Vantage in the shop login screen. This
also includes Help, Favorites, Settings etc. off of the start button.
To repeat myself.... the ONLY thing accessible off of the start button is
Vantage. (for shop floor users)
Since some of your users may be computer savvy you must also block the same
items if you hit cancel in your network login screen on Win95 startup.
Beware of Vantage and Win95 Help files they can contain links which can
circumvent the policy editor, so block access there as well.
(learned that the hard way)

One last thing, and your users will hate it.....
If you are really that worried, force both network and Vantage password
changes every day or two until things settle down.

Your choice shouldn't be to hard, messed up network and yelling people or
just grumbling people.

I hope this can solve part of your problem.

Rich Shafer
APEX Piping

----- Original Message -----
From: Dan Shallbetter
To: 'vantage@egroups.com'
Sent: Saturday, January 27, 2001 10:57 AM
Subject: [Vantage] HELP NETWORK SECURITY

We are currently facing a strike beginning 02/01/2001. Looking for
suggestions on protecting the network (Small Business Server 4.5 ) from
rumored sabotage. I am planning on ghosting all my shop floor clients, and
also doing nightly backups of the most likely clients to be tampered with.
What additional steps should I take to protect the Vantage database and
server? What are the bare minimum shares that Vantage requires? that SBS
requires? My clients are all Win95 short of password protecting the boot
up,
is there anything else I should consider to prevent access to the clients?
Now if I can only figure out some way to remove all the magnets from the
shop floor!! Isn't paranoia wonderful ?

Thanks
Dan Shallbetter
States Electric Mfg.

Yahoo! Groups Sponsor

www. .com

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com

[Non-text portions of this message have been removed]

To unsubscribe from this group, send an email to:
vantage-unsubscribe@egroups.com