I have a enquiry about the security measurement for FTP connection:
If we release the ftp to trusted user, is possible they can hack the machine
through asp component (e.g: filesystem object.. etc)
Please advise. Thanks.

Is there a third party commercial or shareware tool to create self-signed
certificates under Windows 2000 and Windows 2003?   My immediate need is for
authentication on just a few servers and clients, and I don't want to hassle
with certificate authorities (yet).    I know there is ...

I am trying to set up a CA so we can use EFS for sensitive customer data.
My environment (I am using VirtualPC for testing):
Windows2003 Enterprise DC and EnterpriseCA (one virtual machine)
Windows/XP workstation that is member of the domain.

I have a standalone certificate authority running on a Windows 2003
Server for L2TP/IPSEC VPN.
2 years ago, I set this up and created a 5 year self-signed CA root
certificate for it.  It has been running fine ever since - up until

We have some sensitive customer information that we need to protect and have
discussed the possiblility of encrypting the data.  We are running Windows
Server 2003, Exchange 2003 and SQL Server 2000 and 2005 with Windows/XP
workstations.  I am looking for a paper/website the ...

Can we have 2 sets of domain password policy? Or we can use Block Policy
Inheritance and Disable No Override option to achieve this.
Any suggestion for best Domain Password Policy pratice? Modify the default
Domain Policy GPO or create a new Password GPO and linked to the root

All servers are Server2003, SP1 running active directory.. All workstations
are XP, SP2.
In a remote site the server crashed and was removed.  An older server was
setup with a new IP address and name.  The "Users" folder was created and

Is it possible that an application accessed over terminal services uses
an USB token connected to the client's workstation for generating a
digital signature with the private key stored on the token?
Many thanks in advance.

All,
Is there a way to run something on a server that continuously monitors which
computers talk to it and compile a list of those computers over time?
Example: I'd like to lock down a list of computers, however I want to be

I developed an Active Server Object, ActiveX DLL that I use through
ASP.  I was wondering what the correct permission accounts should be on a
Windows Server 2003 Machine?
If I register the ActiveX using regsvr32.exe then  I have to add additional

In a 2k3 AD, I installed a local CA and it seems it works fine.  However,
when I asked my defautl web site of Exchange 2k3 IIS to request a certificate
, the second option that reads something like "request a certificate from an
online certification authority and send request ...

All,
Hopefully this isn't a completely ridiculous question, but with IPSec when
two machines negotiate a connection, they can be configured to initially use
Kerberos, Certificates, or shared key authentication (if I understand

We have a situation in which a user is only permitted to read and modify a
single file in a directory on a Win2K server.  Mgt doesn't want them to see
any of the other files in that directory.  I granted the user list
permissions to the folder and full rights to the file in ...

I have never seen, or heard of this before so I'm looking for some
assistance.
When we start the Automatic Updates service, within 5-10 mins the
following services all stop:

Hi were migrating to Windows 2003 ans im currently setting right to folders
I have a folder name "STORAGE" that is shared
In that folder, there is a folder name "INFO" that contain alot of folder
How can i give access to only one folder in the folder "INFO"