Symantec said that folks running its pcAnywhere utility were at an “increased risk” when it revealed that the company had been hacked and its source codes pilfered, and advised customers to stop using pcAnywhere for the time being. Sage advice, as a hacker with the handle YamaTough — who’s affiliated with Anonymous — helped do the deed and has now published the code for all the world to see. Apparently, the hacker and hackee had attempted to broker a deal for $50,000 to keep the code private, but neither side negotiated in good faith — YamaTough always intended to release the code, and law enforcement was doing the talking for Symantec to catch he and his hacking cohorts. The good news is, Symantec has released several patches to protect pcAnywhere users going forward. As for the stolen code for Norton Antivirus, Internet Security and other Symantec software? Well, the company’s expecting it to be disclosed, too, but because the code is from 2006, customers with current versions can rest easy.

Hacker spites Symantec, puts pcAnywhere’s source code out in the open originally appeared on Engadget on Thu, 09 Feb 2012 09:24:00 EDT. Please see our terms for use of feeds.

Permalink CNET  |  Reuters  | Email this | Comments

PXE is asking for a password for the eXpress folder

Problem

PXE is displaying the error…

“Initializing TCP/IP MS DOS TCP/IP 1.0a
The command completed successfully
The password is invalid for \serverexpress
Type the password for \serverexpress”

Cause
Windows Server 2003, when promoted to a domain controller, will require SMB signing, which requires the client to connect using this mechanism. Because DOS does not support SMB signing, the client will fail to connect in a Windows Domain. An “Access Denied” message appears after being prompted for the password when mapping the drive.

Resolution
The only way to have the eXpress share on a Windows 2003 DC from DOS is to not require the Security of SMB signing. However, this can open up the computer to “man in the middle” attacks. Because there is no other way to resolve this, do not install the Client Access Point on a Windows 2003 Server Domain Controller.

Change the setting in the registry by going to “HKLM_LOCAL_MACHINESystemCurrentControlSetServicesLanManServerParametersEnableSecuritySignature” and setting the value to 0.

This will disable SMB signing requirement. If the client uses SMB signing and the server is enabled, then it will use it. This setting just doesn’t require it, thus allowing non-SMB signed clients to connect (e.g., Microsoft Windows 95, 98, and NT4 pre-SP3).

Then in regedit set the permissions of the Perameters key for “SYSTEM” so that in the special permissions it cannot Change Value. If this is not done Windows 2003 server will set the value to 1 on reboot, and the problem will occur again.