From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_00EF_01C29898.AF0E34F0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   Only one in five is posted.  It doesn't matter.  I don't have a way =
to search for Dutch messages.

   The log for SFC is in the system or application event logs.  I don't =
remember which of these two.

Rich

  "Thees Peereboom"  wrote in message =
news:o22iuuknp69s5f168svg9v0h4kih4b115h{at}4ax.com...
  Rich,

  See attached BMP - sorry for it being Dutch, but the errormsg is as I
  translated earlier. Next to the errorbox you see the properties I
  opened at the security ('beveiliging') tab. For this case I just
  opened a shortcut, but this happens at every file I open the security
  tab of.

  I ran SFC /SCANNOW, it asked for the original W2K CD many times, but
  ended without any report or log - is it stored somewhere?

  Thanks for taking the time to look into this.

  - Thees Peereboom

  On Sat, 30 Nov 2002 08:49:39 -0800, "Rich"  wrote:

  >   You can't expect different languages to compare.
  >
  >   I don't know in what file the message to which you referred =
resides.  If the message is a simple message box you can copy it by =
pressing Ctrl+C when the message box has the focus.  Reply here with the =
text.  If it is a dialog you need to make a graphics copy to post here.  =
Maybe I can identify the file with that message.
  >
  >   You can also try SFC /SCANNOW to check if all the protected files =
match known versions.
  >
  >Rich
  >
  >  "Thees Peereboom"  wrote in message =
news:v8ehuucjsav8j3vgmlth3s56a9prc6rs6v{at}4ax.com...
  >  Rich,
  >
  >  I have another machine running W2K, only that's a US version I =
bought,
  >  while on this machine W2K is an OEM Dutch version (came with the
  >  Dell). Would it still be possible to compare files?
  >
  >  What files should I look at?
  >
  >  TIA,
  >
  >  - Thees Peereboom
  >
  >  On Fri, 29 Nov 2002 23:09:16 -0800, "Rich"  wrote:
  >
  >  >   This sounds like something is corrupted.  Try comparing the =
files on this machine with another running the same version of Windows.
  >  >
  >  >Rich
  >  >
  >  >  "Thees Peereboom"  wrote
in message =
news:7skbuu8i15bbj0vd4kg2soi480j9b0ghpo{at}4ax.com...
  >  >  Rich,
  >  >
  >  >  On a completely different note, I've got a securityproblem which =
I
  >  >  seem unable to solve. I've posted about this before, but sofar =
no
  >  >  luck.
  >  >
  >  >  This machine is part of an NT4 domain, users and groups are =
maintained
  >  >  on that domain. For some time now whenever I try to change the
  >  >  securitysettings on this machine (other machines in the domain =
work
  >  >  fine) I get the following error:
  >  >
  >  >  (leftclick on file, choose properties, go to the securitytab and
  >  >  choose add)
  >  >
  >  >  'Cannot open the dialogue for userselection (null)'
  >  >
  >  >  which leaves me unable to add or change any rights.
  >  >
  >  >  I'd really appreciate at least a direction to search, since I =
have not
  >  >  been able even to find this error in the docs.
  >  >
  >  >  TIA,
  >  >
  >  >  - Thees Peereboom
  >  >
  >  >
  >  >  On Wed, 27 Nov 2002 18:37:40 -0800, "Rich"  wrote:
  >  >
  >  >  >   I don't see any backing down.  Microsoft does make choices =
that affect backward compatibility but all such choices are scrutinized. =
 If the compat problems are due to app bugs work arounds, often specific =
to one app, are implemented.  Quite a bit of effort is made to keep =
existing apps from third parties working.  Sometimes changes are made in =
documented or default behavior, and don't believe that simply changing =
system defaults doesn't have compat problems.  These are documented and =
often configurable by admins or users depending on the scope of the =
setting.  I suspect there are more settings changes that API behavior =
changes.  John O encountered one in Windows XP Home Edition.  By default =
network access is authenticated as the guest account to limit the = ability
of someone to attack a system remotely and do dammage.  It = allows a local
user to have no password and not open the system to = attack using that
user's account.  How did this bite John?  He disabled = the guest
  >account.
  >  >  >This is a fine example of breaking existing behavior to gain =
greater security.
  >  >  >
  >  >  >Rich
  >  >  >
  >  >  >  "Geo."  wrote in message =
news:3de56764$1{at}w3.nls.net...
  >  >  >  "Rich"  wrote in message
news:3de42e03{at}w3.nls.net...
  >  >  >   >>  It's more complicated.<<
  >  >  >
  >  >  >  I don't doubt it, I just find it funny that right after Craig =
Mundie made
  >  >  >  his "break the apps for security" statements
along comes a =
security issue
  >  >  >  and he's forced to back down from the hardline stance.
  >  >  >
  >  >  >  FWIW, I don't think it's microsoft's place to force patches =
on people as Mr
  >  >  >  Mundie seems to think, there are other much better ways for =
MS to make NT a
  >  >  >  whole lot more secure. Really simple things like random =
directory names
  >  >  >  (instead of \winnt use \winnt+installdate) and stuff that =
won't break apps
  >  >  >  but will break 90% of the hacks.
  >  >  >
  >  >  >  Look at how many hacks have been foiled by the IE temp files =
directory
  >  >  >  names. Such a simple thing to do and it blocked countless =
exploits that
  >  >  >  never became a reality because the files couldn't be located =
easily.
  >  >  >
  >  >  >  Geo.

------=_NextPart_000_00EF_01C29898.AF0E34F0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   Only one
in five is =
posted.  It=20
doesn't matter.  I don't have a way to search for Dutch=20
messages.
 
   The log
for SFC is in the =
system or=20
application event logs.  I don't remember which of these =
two.
 
Rich
 

  "Thees Peereboom" <theesp{at}barkto.com>">mailto:theesp{at}barkto.com">theesp{at}barkto.com>
wrote in =
message news:o22iuuknp69=
s5f168svg9v0h4kih4b115h{at}4ax.com...Rich,See=20
  attached BMP - sorry for it being Dutch, but the errormsg is as=20
  Itranslated earlier. Next to the errorbox you see the properties=20
  Iopened at the security ('beveiliging') tab. For this case I=20
  justopened a shortcut, but this happens at every file I open the=20
  securitytab of.I ran SFC /SCANNOW, it asked for the =
original W2K=20
  CD many times, butended without any report or log - is it stored=20
  somewhere?Thanks for taking the time to look into =
this.- Thees=20
  PeereboomOn Sat, 30 Nov 2002 08:49:39 -0800,
"Rich" <{at}>=20
  wrote:>   You can't expect
different languages to =

  compare.>>   I don't
know in what file the =
message to=20
  which you referred resides.  If the message is a simple message =
box you=20
  can copy it by pressing Ctrl+C when the message box has the =
focus.  Reply=20
  here with the text.  If it is a dialog you need to make a =
graphics copy=20
  to post here.  Maybe I can identify the file with that=20
  message.>>   You can
also try SFC /SCANNOW to =
check if=20
  all the protected files match known=20
 
versions.>>Rich>> 
"Thees Peereboom" =
<theesp{at}barkto.com>">mailto:theesp{at}barkto.com">theesp{at}barkto.com>
wrote in =
message news:v8ehuucjsav=
8j3vgmlth3s56a9prc6rs6v{at}4ax.com...> =20
  Rich,>>  I have another
machine running W2K, only =
that's a=20
  US version I bought,>  while on this machine
W2K is an OEM =
Dutch=20
  version (came with the>  Dell). Would it still
be possible =
to=20
  compare files?>>  What files
should I look=20
  at?>> 
TIA,>>  - Thees=20
  Peereboom>>  On Fri, 29 Nov
2002 23:09:16 -0800, =
"Rich"=20
  <{at}> wrote:>> 
>   This sounds =
like=20
  something is corrupted.  Try comparing the files on this machine =
with=20
  another running the same version of Windows.>  =
>> =20
  >Rich> 
>>  >  "Thees
Peereboom" =
<theesp{at}barkto.com>">mailto:theesp{at}barkto.com">theesp{at}barkto.com>
wrote in =
message news:7skbuu8i15b=
bj0vd4kg2soi480j9b0ghpo{at}4ax.com...> =20
  >  Rich,> 
>>  >  On a =
completely=20
  different note, I've got a securityproblem which I>  =
> =20
  seem unable to solve. I've posted about this before, but sofar=20
  no>  > 
luck.>  >>  =
> =20
  This machine is part of an NT4 domain, users and groups are=20
  maintained>  >  on that domain.
For some time now =
whenever=20
  I try to change the>  > 
securitysettings on this =
machine=20
  (other machines in the domain work> 
>  fine) I =
get the=20
  following error:> 
>>  >  =
(leftclick on=20
  file, choose properties, go to the securitytab and>  =
> =20
  choose add)> 
>>  >  'Cannot open =
the=20
  dialogue for userselection (null)'> 
>>  =
> =20
  which leaves me unable to add or change any rights.> =20
  >>  >  I'd really
appreciate at least a =
direction to=20
  search, since I have not>  > 
been able even to =
find this=20
  error in the docs.> 
>>  > =20
  TIA,>  >> 
>  - Thees=20
  Peereboom> 
>>  >>  =
>  On=20
  Wed, 27 Nov 2002 18:37:40 -0800, "Rich" <{at}>
wrote:>  =

  >>  > 
>   I don't see any backing =

  down.  Microsoft does make choices that affect backward =
compatibility but=20
  all such choices are scrutinized.  If the compat problems are due =
to app=20
  bugs work arounds, often specific to one app, are implemented.  =
Quite a=20
  bit of effort is made to keep existing apps from third parties =
working. =20
  Sometimes changes are made in documented or default behavior, and =
don't=20
  believe that simply changing system defaults doesn't have compat=20
  problems.  These are documented and often configurable by admins =
or users=20
  depending on the scope of the setting.  I suspect there are more =
settings=20
  changes that API behavior changes.  John O encountered one in =
Windows XP=20
  Home Edition.  By default network access is authenticated as the =
guest=20
  account to limit the ability of someone to attack a system remotely =
and do=20
  dammage.  It allows a local user to have no password and not open =
the=20
  system to attack using that user's account.  How did this bite=20
  John?  He disabled the
guest>account.>  =
> =20
  >This is a fine example of breaking existing behavior to gain =
greater=20
  security.>  > 
>>  > =20
  >Rich>  > 
>>  >  =
> =20
  "Geo." <georger{at}nls.net>">mailto:georger{at}nls.net">georger{at}nls.net>
=
wrote in=20
  message news:3de56764$1{at}w3.nls.net...=
> =20
  >  >  "Rich" <{at}>
wrote in message news:3de42e03{at}w3.nls.net...>=
 =20
  >  >  
>>  It's more=20
  complicated.<<> 
>  >>  =
> =20
  >  I don't doubt it, I just find it funny that right after =
Craig=20
  Mundie made>  > 
>  his "break the apps =
for=20
  security" statements along comes a security
issue>  =
> =20
  >  and he's forced to back down from the hardline=20
  stance.>  > 
>>  >  =
> =20
  FWIW, I don't think it's microsoft's place to force patches on people =
as=20
  Mr>  >  > 
Mundie seems to think, there =
are other=20
  much better ways for MS to make NT a> 
>  =
>  whole=20
  lot more secure. Really simple things like random directory=20
  names>  >  > 
(instead of \winnt use=20
  \winnt+installdate) and stuff that won't break apps>  =
> =20
  >  but will break 90% of the
hacks.>  > =20
  >>  > 
>  Look at how many hacks have =
been=20
  foiled by the IE temp files directory> 
>  =
> =20
  names. Such a simple thing to do and it blocked countless exploits=20
  that>  >  > 
never became a reality =
because the=20
  files couldn't be located easily.>  >  =
>> =20
  >  > 
Geo.

------=_NextPart_000_00EF_01C29898.AF0E34F0--

--- BBBS/NT v4.01 Flag-4