** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.11.12

Before you post a question to a Microsoft.public.*.security newsgroup, note
that your question may already be answered below:

Answers to Top Frequently Asked Questions:
http://securityadmin.info

My question is not mentioned below. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.asp#moreinfo
See also: http://www.google.com/groups?as_ugr...rosoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com

I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.asp#netiquette



I just heard about a new Microsoft security patch update. Where can I get
the patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp

I just installed a Microsoft security patch update, and now my computer is
having problems.
http://securityadmin.info/faq.asp#patchbroke

I received an email from Microsoft / Microsoft Support / Microsoft Internet
Security Center claiming to be a security patch [or comprehensive Internet
Explorer update]. Is this a virus?
http://securityadmin.info/faq.asp#microsoftemail
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.

I received a virus email from a Microsoft email address. Who do I report
this to?
http://securityadmin.info/faq.asp#microsoftemail

I have the RPC Blaster worm "virus," what do I do?
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.

My computer is giving RPC Remote Procedure Call messages.
There is a TFTP message or file on my computer.
My computer keeps locking up, and/or rebooting, or telling me that it will
reboot in 1 minute.
http://www.microsoft.com/security/incident/blast.asp
ALSO NOTE: www.grisoft.com is free antivirus, USE IT.

Where can I download the Blaster worm / RPC DCOM patch?
http://windowsupdate.microsoft.com OR
http://www.microsoft.com/technet/security/current.asp

I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I
want to replace this file.
http://securityadmin.info/faq.asp#jdbgmgr

I forgot my Windows logon password and can't log in. How do I reset it?
http://securityadmin.info/faq.asp#password

I have a problem or a question with a virus or with antivirus.
http://securityadmin.info/faq.asp#virus
NOTE: www.grisoft.com is free antivirus, USE IT.

Why is Outlook Express blocking my attachments as "unsafe"?
http://securityadmin.info/faq.asp#attachments

How do I stop getting pop-up messages? Or adware? Or spyware?
http://securityadmin.info/faq.asp#pop-ups

How do I block people from viewing adult or objectionable content on a
computer?
http://securityadmin.info/faq.asp#contentfilter

How do I block spam emails?
http://securityadmin.info/faq.asp#spam

There is a Content Advisor password blocking me from certain web sites.
http://securityadmin.info/faq.asp#contentadvisor

How do I delete an FTP folder that a hacker put on my computer and I cannot
delete?
http://securityadmin.info/faq.asp#ftpfolder

Have I been hacked? What do I do if I've been hacked?
http://securityadmin.info/faq.asp#hacked

How do I re-secure a computer that has been hacked?
http://securityadmin.info/faq.asp#re-secure

How do I test or improve the security on my computer to avoid being hacked?
http://securityadmin.info/faq.asp#harden

How do I investigate a suspicious IP address that may be trying to hack me?
http://securityadmin.info/faq.asp#trace

How do I report a hacker?
http://securityadmin.info/faq.asp#reporthacker

How do I use a port scanner or vulnerability scanner to test my security?
http://securityadmin.info/faq.asp#portscanner

How do I encrypt my files and/or hard drive?
http://securityadmin.info/faq.asp#encryption

How do I get a firewall? IDS?
http://securityadmin.info/faq.asp#firewall

I want to use the IPSec filtering or IP filtering feature of Windows to
block certain ports and have a problem or question.
http://securityadmin.info/faq.asp#ipsec

I have a problem or question with the XP ICF firewall.
http://securityadmin.info/faq.asp#icf

I have a problem or question with the IIS URLScan tool.
http://securityadmin.info/faq.asp#urlscan

How do I change the banner on my computer or server to hide what software
version I'm using?
http://securityadmin.info/faq.asp#banner

How do I enable Windows Auditing to tell who logged into Windows or who
accessed a file?
http://securityadmin.info/faq.asp#auditing

How do I inspect and disable programs that start up when Windows starts?
http://securityadmin.info/faq.asp#startup

How do I use RUNAS or let someone use RUNAS to run commands as administrator
without having to type the password?
http://securityadmin.info/faq.asp#runas

How do I let non-administrator users run Defrag or change their IP address?
http://securityadmin.info/faq.asp#runas


My question is not mentioned above. How do I get an answer immediately,
with no waiting?
http://securityadmin.info/faq.asp#moreinfo
See also: http://www.google.com/groups?as_ugr...rosoft.public.*
See also: http://www.google.com/advanced_group_search
See also: http://www.google.com

I want to post a problem or question to the newsgroup. What info do I need
to post in order to get a correct answer quickly?
http://securityadmin.info/faq.asp#netiquette

Note that this is NOT a full list of all the questions answered in the FAQ.
Chances are, your question has probably already been answered. The complete
FAQ is at:
http://securityadmin.info/faq.asp#contents


I hope this is helpful. Feedback, suggestions and criticism regarding the
FAQ are welcome and may be emailed to me.

kind regards,
Karl Levinson, CISSP, MCSE, MVP
email: levinson_k@despammed.com