Category Informational

Disclaimer: The following solution does work and has worked for me. And until further notice (I find an alternate solution to this, will be my solution for now)

I ran into a bit of an awkward situation. RPC over HTTP was not working on my Vista Ultimate box when I started using Outlook 2007. I discussed with other people and they were all fine, however they were using Outlook 2003, so not clearly the indicator I was hoping for.

Having some others test with their Outlook 2007 clients, I ran into further failure to communicate, resolving in the need to find a solution!

I did find just one solution (which does work, until further notice).

This solution resides in the following registry key

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\RPC

With the creation of the key DefConnectOpts (set to DWORD = 0).

The DefConnectOpts registry value helps to turn down some connection optimizations added in Outlook 2007.

So not exactly what I’d prefer, but it is something which will work when you do want your RPC over HTTP Functionality to work for you.

Some awkward things regarding this is, I did not even have the RPC key present in the registry, which prompted for the creation of that key so I could set that DWORD value. So for now, anyone having similar problems with Vista/OL2007 or somesuch and are looking for some resolution, I did find success here. I’ll continue to find a “better” solution which doesn’t involve client-hacking to go about fixing it.

1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click the following subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\RPC
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type DefConnectOpts, and then press ENTER.
5. Right-click DefConnectOpts, and then click Modify.
6. In the Value data box, type 0, and then click OK.
7. Exit Registry Editor.
8. Check the effect by using the NetBios name.

Error messages when you try to connect Outlook 2007 to Exchange Server: “The action cannot be completed. The connection to the Microsoft Exchange Server is unavailable” or “Your Microsoft Exchange Server is unavailable”
http://support.microsoft.com/?id=913843

Some additional notes which may help resolve this problem:

Adding another dword value of EnableRPCtunnel with a value 1.

Christopher Kusek

This is another in a series of presentations I’ve been working on.

This is the 4th version of the draft I’m working on.

The technical offerings included will be how you can utilize the often unknown features made available on TechNet, MS Partner and even Cisco’s Partner E-Learning Connection. I’ll detail this more later as I work out the verbal presented version of this which I’ll convert into a written form.

http://www.microsoft.com/events/vlabs/default.mspx Virtual Labs
http://www.microsoft.com/events/default.mspxMicrosoft Events and Webcasts
http://www.microsoft.com/technet/traincert/virtuallab/TechNet Featured Labs
http://msdn.microsoft.com/virtuallabs/MSDN Featured Labs
https://partner.microsoft.com/US/trainingevents-Partner Training & Events
http://readysetgo.upsellusa.com/Microsoft Partner University
http://www.microsoft.com/events/podcasts/default.mspxMicrosoft Podcasts
http://www.microsoft.com/technet/technetmag/default.aspx-Technet Magazine
http://www.microsoft.com/technet/technetmag/subscribe.aspx-Magazine Sub
http://www.microsoft.com/technet/community/tnradio/default.mspx-TN Radio
http://www.cisco.com/go/loginpec/-Partner E-Learning Connection

Christopher Kusek

Feel free to comment, and look for the future final version of this document in PDF and in PPTX

Technical Offerings – Draft Version 4

I know I haven’t written any posts lately, and there is good reason for that.

I’ve been working on some consolidated presentation offerings, taking lots of useful information and consolidating it down into a nice and easily accessible Powerpoint or respective PDF after I’m finished. I’ll be sure to publish them on here, in addition to any additional comments I do provide on them from when I present them publicly.

If you have any suggestions of anything in particular which may be known, unknown or otherwise for a handy dandy level of consolidation, speak it up! :)

Christopher Kusek

New registry entry for controlling the TCP Acknowledgment (ACK) behavior in Windows XP and in Windows Server 2003

http://support.microsoft.com/kb/328890

AQADMCLI

delmsg flags=SENDER,sender=postmaster@domain.com

http://blog.sapien.com/current/2006/11/28/command-line-one-liners.html

Cisco VPN PCF Decoder

Open the PCF file in notepad, grab the text after enc_GroupPwd= and go to the following website:
http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
Copy and paste the encrypted code into that and VOILA! Clear text password is generated.

Real Estate valuation websites.

Realestateabc.com
Domania.com
Zillow.com

reviews of 15 security podcasts at
http://www.owasp.org/index.php/Reviews_of_security_podcasts

List of security Podcasts List of security Podcasts
http://realtime-voip.typepad.com/voipcommunity/2006/09/it_security_pod.html
I would say that off the top of my head a list of 10 very popular [keyword *remote], non database related vulns would be:

   1: 1. Cross-site scripting

   2: 2. Remote File Includes

   3: 3. HTML and script code injection

   4: 4. Directory traversals

   5: 5. Authentication bypass

   6: 6. Remote command/code execution

   7: 7. DoS - usually via memory corruption (failed overflows against differing SPs or hotfixes), resource exhaustion, sometimes a cool race condition or something.

   8: 8. Buffer overflows (heap/stack/format string)

   9: 9. Privilege escalation

  10: 10. Information disclosures (arbitrary read and sometimes write vulns [different class]. Often coupled with dir traversal

  11: Besides OWASP Top Ten there is also WASC (Web Application SecurityConsortium) threat classification:http://www.webappsec.org/projects/threat/

I was interviewed here about the Kindle

http://news.medill.northwestern.edu/chicago/news.aspx?id=92537

This coming week brings us the MMCUG (Midwest Messaging and Collaboratioin Users Group) and the CWUG (Chicago Windows Users Group)

Both events will take place at the Downers Grove Microsoft Offices.

If you’re interested in Exchange (MMCUG) and Virtualization (CWUG) I’d advise you check out their websites and signup.

www.cwug.net

www.mmcug.org

Christopher Kusek