Message 2: Re: Optimize MS SQL & Emerald
from Dale Reed <daler@iea-software.com>
Message 3: Fwd: Yet another "get yourself admin rights exploit":
from Duane Schaub <dschaub@terraworld.net>
Message 4: Re: Sql error 1060
from Duane Schaub <dschaub@terraworld.net>
Message 5: RE: Backup Radius Server
from Duane Schaub <dschaub@terraworld.net>
Message 6: Re: Optimize MS SQL & Emerald
from John Lange <radadmin@palacenet.net>
Message 7: Versions
from "Richard Sensale" <richards@visitus.net>
Message 8: MailSite Procedures
from "Blade" <blade@compuzone.net>
Message 9: Re: Versions
from "Dusan Janjic" <djanjic@rockbridge.net>
Message 10: Re: Versions
from "Richard Sensale" <richards@visitus.net>
Message 11: Re: Sql error 1060
from Dale Reed <daler@iea-software.com>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 1 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: RE: Optimize MS SQL & Emerald
From: "Waldemar Born" <WallyB@LIP.net>
Date: Fri, 26 Jun 1998 09:19:49 +0200
We have here an old HP NetServer LS2 and it runs very well.
Radius and SQL are on this server.
2x P5-100
160MB ECC-RAM
6GB, currently in Wide-SCSI-II mode
> -----Original Message-----
> From: emerald-request@iea-software.com
> [mailto:emerald-request@iea-software.com]On Behalf Of John Lange
> Sent: Thursday, June 25, 1998 9:35 PM
> To: emerald@iea-software.com
> Subject: Optimize MS SQL & Emerald
>
>
> HI
>
> I need some advise on this topic...
>
> Please read before you flame me for having such a slow server.
> That is the
> reason for this eMail.
>
> Currently our SQL Server is the following:
> NT 4.0 sp3
> MS SQL 6.5
> Intel P133
> 96 MB Ram
> 3GB Ultra DMA IDE
>
> This machine was fine when we only had 500 users, now with 1300 we are
> finding that it isn't filling our needs. We need to optimize our server
> for one specific reason.
>
> 1. Running checkdb, nightly maint, truncate, delete start records, and
> other SQL intensive process takes FOOOOOREVER!!! Like 3 hours each.
>
> It auths just fine, reports go OK, and 95% of the time it is overkill,
> because it just sits there at about 5 - 10% utilization.
>
> (Un)-fortunatly, we run SQLMAINT.exe and do a datadump and other
> process's,
> every night about 3AM and no one can log in during the next 3
> hours because
> the server is so busy it won't auth. I have thought about running a text
> file version on the secondary radius server, but I am afraid the text file
> will not get run EVERY night, so new users will not be able to log in.
>
> Is there a way to optimize the servers memory or do something to speed up
> this process. The server is only using about 50MB of the available ram.
> Will increasing it's SQL usage help much?
>
> Our datadumps get to about 300MB before we delete the start records and
> truncate. Will it help to have more ram? More ram alocatted to SQL?
>
> HELP!
> JOhn :}
>
>
> John C. Lange, Sr. PALACE dot NET, INC.
> microjl@palacenet.net MICRO-TECH Computers, Inc.
> 608.742.1601 & 6980 2800 New Pinery Road
> http://www.palacenet.net/ Portage, WI 53901
> Visit our online store @ http://www.microt.com/
> Authorized iPSwitch WebVar @ http://www.microt.com/iPSwitch/index.html
>
> --- __o
> --- _-\<,_ Fastest Service in Town
> --- (_)/ (_)
>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 2 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Optimize MS SQL & Emerald
From: Dale Reed <daler@iea-software.com>
Date: Fri, 26 Jun 1998 00:25:55 -0700
John Lange wrote:
>
> How long does Dale's checkdb.sql take to run on your system and how much
> data do you have?
The checkdb is completely dependant on the size of your calls table.
If you didn't have a calls tale, it should only take minutes.
> Our Secondary Radius Server sometimes looses it's connection while running
> these process, so unloading radius from the SQL server probably won't help.
What vesion of RadiusNT are you using? Does it re-connect?
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 3 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Fwd: Yet another "get yourself admin rights exploit":From: Duane Schaub <dschaub@terraworld.net>Date: Fri, 26 Jun 1998 08:28:36 -0500
For those who missed this, there was an important security oversight postedon Bugtraq recently. Although it has been known for several years, therecent posting may encourage renewed attacks of this type. Although mytesting is far from complete, I have removed the WRITE permissions from thekey listed below and have not seen any adverse effects.
Duane.
>Date: Mon, 22 Jun 1998 18:21:37 +0100>Reply-To: "mnemonix@globalnet.co.uk" <mnemonix@globalnet.co.uk>>Sender: Windows NT BugTraq Mailing List<NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>>From: nemo <mnemonix@GLOBALNET.CO.UK>>Subject: Yet another "get yourself admin rights exploit":>Comments: To: "ntsecurity@iss.net" <ntsecurity@iss.net>>To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>>Dear All,>Yet another "get yourself admin rights exploit":>>>This exploit requires nothing more than the default permissions.>>>By default, the group "Everyone" has special access to the following>registry key:>>HKLM\Software\Microsoft\Windows NT\CurrentVersion\AeDebug.>>As part of the special access, "Everyone" is allowed to Set the values of>the entries.>The default for the debugger is : "drwtsn32 -p %ld -e %ld -g". Anyone can>change this to whatever they want but for this exploit to work it needs to>be changed to simply "usrmgr.exe" on an NT server or "musrmgr.exe" on an NT>Workstation.>>You now need to get a service to crash. When I say service I mean any>process started by the system. It needs to be a system process because a>child process will inherit the permissions of the process that spawned it.>When and if you can get a service to crash User Manager will be started>with system privs.>>Below is an account of the testing of this:>>When I ran getadmin.exe on NT 4 Workstation (SP1) a memory error occured in>winlogon.exe. I then upgraded the PC to SP3. When I ran getadmin the same>access violation occured in winlogon.exe. I logged on as a plain old user,>changed the debugger to musrmgr.exe and then ran getadmin.exe... what was>strange was the fact that I had to run getadmin on a non-existent account>first then run it against the account I was logged on with before it would>load User Manager. If you didn't do this then the system would tell you of>a memory problem as opposed to the debugger being loaded. As to why>getadmin was failing after SP3 was installed I can't be quite sure.>>Anyway, it seems this exploit will work on NT Server and workstation SP1>(and on 1 NT Wkst SP3 - the same getadmin program works fine on all other>SP3 machines.) No hotfixes have been applied.>>This could obviously be refined....spoolss.exe and winlogon.exe being the>likely candidates to be targeted for causing memory problems...all that you>need is either a way to get a service to crash or to write a util that will>do it for you.>>The simple solution to this would be the change the default permissions set>in the registry.>>l8r>Mnemonix>http://www.users.globalnet.co.uk/~mnemonix/>
==========================================================================Duane Schaub, President |Terra World, Inc - Connecting The PlanetTerra World, Inc. |Southeast Kansas' Leading Provider200 Arco Place, Suite 252 |Flat Fee - Never an hourly ChargeIndependence, Kansas 67301 |Where Service is Top Priority!Voice (316) 332-1616 |http://www.terraworld.netFAX: (316) 332-1451 |dschaub@terraworld.net===========================================================================
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 4 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Sql error 1060From: Duane Schaub <dschaub@terraworld.net>Date: Fri, 26 Jun 1998 08:37:23 -0500
At 01:33 PM 6/25/98 -0700, you wrote:>Hello All,> We tried to do call consolidation on our server today. Last>time we did it was about 4 weeks ago. After about 30 minutes
I run the consolidation 3 times per week and this helps to dramaticallyreduce processing time. Unfortunately, there is no way to schedule this.....
Dale... In one of your updates and in the newgroup, could you include astored procedure does the call consolidation? This really needs to bescheduled so that it does kill the server during the daytime.
Duane.
==========================================================================Duane Schaub, President |Terra World, Inc - Connecting The PlanetTerra World, Inc. |Southeast Kansas' Leading Provider200 Arco Place, Suite 252 |Flat Fee - Never an hourly ChargeIndependence, Kansas 67301 |Where Service is Top Priority!Voice (316) 332-1616 |http://www.terraworld.netFAX: (316) 332-1451 |dschaub@terraworld.net===========================================================================
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 5 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: RE: Backup Radius ServerFrom: Duane Schaub <dschaub@terraworld.net>Date: Fri, 26 Jun 1998 08:42:55 -0500
At 09:30 PM 6/25/98 -0400, you wrote:>> What are the options for running a primary and secondary Emerald/RADIUS>> setup? I need to have a fairly synchronized redundant secondary RADIUS>> server before I commit to the Emerald product.>>You should take a look at our Proxy & Roaming RADIUS Server (PRRS). In its
This looks nice, but is quite expensive.... Maybe emerald radius could addthe caching, accounting storing, and watchdog features... Or maybe a morefavorable licensing agreement could be worked out.
Duane.
==========================================================================Duane Schaub, President |Terra World, Inc - Connecting The PlanetTerra World, Inc. |Southeast Kansas' Leading Provider200 Arco Place, Suite 252 |Flat Fee - Never an hourly ChargeIndependence, Kansas 67301 |Where Service is Top Priority!Voice (316) 332-1616 |http://www.terraworld.netFAX: (316) 332-1451 |dschaub@terraworld.net===========================================================================
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 6 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Optimize MS SQL & EmeraldFrom: John Lange <radadmin@palacenet.net>Date: Fri, 26 Jun 1998 09:19:28 -0500
HI
At 12:25 AM 6/26/1998 -0700, you wrote:>John Lange wrote:>> >> How long does Dale's checkdb.sql take to run on your system and how much>> data do you have?>>The checkdb is completely dependant on the size of your calls table. >If you didn't have a calls tale, it should only take minutes.
The DBCC CheckDB(Emerald2)GOTakes almost 3 hours here.
Then I ran the delete start records, and it still took that long.
I am not sure how long the rest takes, because I usually loose interestlong before it gets there.
> >> Our Secondary Radius Server sometimes looses it's connection while running>> these process, so unloading radius from the SQL server probably won't help.>>What vesion of RadiusNT are you using? Does it re-connect?
RadiusNT Version 2.2.41. Usually will reconnect, but while the checkdb isgoing, neither the primary OR secondary will auth.
JOhn :}
John C. Lange, Sr. PALACE dot NET, INC.microjl@palacenet.net MICRO-TECH Computers, Inc.608.742.1601 & 6980 2800 New Pinery Roadhttp://www.palacenet.net/ Portage, WI 53901Visit our online store @ http://www.microt.com/Authorized iPSwitch WebVar @ http://www.microt.com/iPSwitch/index.html
--- __o --- _-\<,_ Fastest Service in Town --- (_)/ (_)
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 7 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: VersionsFrom: "Richard Sensale" <richards@visitus.net>Date: Fri, 26 Jun 1998 13:07:48 -0700
Hi
We are currently running version 2.1.11 of Emerald and I have been holdingoff doing any upgrades waiting for 2.5 to come out. I would like someopinions on whether or not it may be worth it to upgrade to 2.2.x for nowuntil the new version is released? Anyone have any opinions on this or knowof any advantages of upgrading now?
Richard SensaleNetwork AdministratorVisitUs Internet, Inc.5468 Schaefer RoadDearborn, MI 48126 USA(313) 945-5588(313) 945-0202 faxhttp://www.visitus.netrichards@visitus.net
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 8 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: MailSite ProceduresFrom: "Blade" <blade@compuzone.net>Date: Fri, 26 Jun 1998 13:48:55 -0400
Could someone please give me the ListMailUsers procedure for MailSite 2.16?I have already found the VerifyMailUser Procedure in the prior lists. Butthe only ListMailUsers proc I found was incomplete.Thanks in advance.
Shawn WithrowCompuZone NET Adminadmin@compuzone.nethttp://www.compuzone.net
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 9 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: VersionsFrom: "Dusan Janjic" <djanjic@rockbridge.net>Date: Fri, 26 Jun 1998 15:28:02 -0400
Richard Sensale wrote:
> Hi>> We are currently running version 2.1.11 of Emerald and I have been holding> off doing any upgrades waiting for 2.5 to come out. I would like some> opinions on whether or not it may be worth it to upgrade to 2.2.x for now> until the new version is released? Anyone have any opinions on this or know> of any advantages of upgrading now?>> Richard Sensale> Network Administrator> VisitUs Internet, Inc.> 5468 Schaefer Road> Dearborn, MI 48126 USA> (313) 945-5588> (313) 945-0202 fax> http://www.visitus.net> richards@visitus.net
Since we upgraded to 2.2 it had been much better, especialy callsconsolidation. Hopes this helps.
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 10 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: VersionsFrom: "Richard Sensale" <richards@visitus.net>Date: Fri, 26 Jun 1998 15:43:09 -0700
Thanks for the info.
Richard SensaleNetwork AdministratorVisitUs Internet, Inc.5468 Schaefer RoadDearborn, MI 48126 USA(313) 945-5588(313) 945-0202 faxhttp://www.visitus.netrichards@visitus.net-----Original Message-----From: Dusan Janjic <djanjic@rockbridge.net>To: emerald@iea-software.com <emerald@iea-software.com>Date: Friday, June 26, 1998 7:26 AMSubject: Re: Versions
>>>Richard Sensale wrote:>>> Hi>>>> We are currently running version 2.1.11 of Emerald and I have beenholding>> off doing any upgrades waiting for 2.5 to come out. I would like some>> opinions on whether or not it may be worth it to upgrade to 2.2.x for now>> until the new version is released? Anyone have any opinions on this orknow>> of any advantages of upgrading now?>>>> Richard Sensale>> Network Administrator>> VisitUs Internet, Inc.>> 5468 Schaefer Road>> Dearborn, MI 48126 USA>> (313) 945-5588>> (313) 945-0202 fax>> http://www.visitus.net>> richards@visitus.net>> Since we upgraded to 2.2 it had been much better, especialy calls>consolidation. Hopes this helps.>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 11 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Sql error 1060From: Dale Reed <daler@iea-software.com>Date: Fri, 26 Jun 1998 15:34:01 -0700
Duane Schaub wrote:> > Dale... In one of your updates and in the newgroup, could you include a> stored procedure does the call consolidation? This really needs to be> scheduled so that it does kill the server during the daytime.
Actually, its not that simple. However, I am working on some newlibrary code, one of which is a consolidation executable that can beran standlone and would allow you to cron the operation.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com