[H] Breaking Disk Encryption
Interesting read for those into disk encryption http://www.news.com/8301-13578_3-9876060-38.html Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- Protected by Websense Messaging Security -- www.websense.com
Re: [H] So many files in a dir...
if you open up a command window and shut down explorer in task manager u should be able to maneuver to the dir and remove it then run explorer to get back to the desktop fp At 05:44 PM 2/21/2008, Joe User Poked the stick with: >Hello, > >I have a system that has so many files in a dir the system just hangs >for HOURS while I try to do anything in there. I'm using Wayne's XPPE >disc now and it is also affected. Command prompts and rmdir /s /q >same issue - hangs for hours. I need to remove this dir it's screwing >up av scans and everything. How can I wack it out? Nothing valuable >in the dir it's a windows defender log file dir. > >HELP! > >-- >Regards, > joeuser - Still looking for the 'any' key... -- Tallyho ! ]:8) Taglines below ! -- Remember, it takes two to share a kiss.
Re: [H] So many files in a dir...
You could also try moving every -other- directory somewhere else and just do a format... Greg > -Original Message- > From: [EMAIL PROTECTED] [mailto:hardware- > [EMAIL PROTECTED] On Behalf Of Ben Ruset > Sent: Thursday, February 21, 2008 7:39 PM > To: hardware@hardwaregroup.com > Subject: Re: [H] So many files in a dir... > > I think Knoppix will let you write to an NTFS file system. Try booting > a > Knoppix live CD and delete the directory using that. > > Joe User wrote: > > Hello, > > > > I have a system that has so many files in a dir the system just hangs > > for HOURS while I try to do anything in there. I'm using Wayne's XPPE > > disc now and it is also affected. Command prompts and rmdir /s /q > > same issue - hangs for hours. I need to remove this dir it's screwing > > up av scans and everything. How can I wack it out? Nothing valuable > > in the dir it's a windows defender log file dir. > > > > HELP! > >
Re: [H] So many files in a dir...
Hello Ben, Thursday, February 21, 2008, 7:39:19 PM, you wrote: > I think Knoppix will let you write to an NTFS file system. Try booting a > Knoppix live CD and delete the directory using that. Wondered if I would be using Linux to get me out of this jam - thanks. -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] So many files in a dir...
I think Knoppix will let you write to an NTFS file system. Try booting a Knoppix live CD and delete the directory using that. Joe User wrote: Hello, I have a system that has so many files in a dir the system just hangs for HOURS while I try to do anything in there. I'm using Wayne's XPPE disc now and it is also affected. Command prompts and rmdir /s /q same issue - hangs for hours. I need to remove this dir it's screwing up av scans and everything. How can I wack it out? Nothing valuable in the dir it's a windows defender log file dir. HELP!
[H] So many files in a dir...
Hello, I have a system that has so many files in a dir the system just hangs for HOURS while I try to do anything in there. I'm using Wayne's XPPE disc now and it is also affected. Command prompts and rmdir /s /q same issue - hangs for hours. I need to remove this dir it's screwing up av scans and everything. How can I wack it out? Nothing valuable in the dir it's a windows defender log file dir. HELP! -- Regards, joeuser - Still looking for the 'any' key...
Re: [H] CHKDSK problem in XP
Have you tried looking at the root in XP explorer? There might be a file with some naming error in it. Try to delete the file if it is not of any value. If that does not work try using a folder utility like FAR to delete it or rename it. Also, this could mean the command dir is damaged somehow and you will need to fix the OS itself. This is rather rare, but I have seen it in the past. Good luck, Tim "The Beave" Lider E-mail: [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thane Sherrington Sent: Thursday, February 21, 2008 12:47 PM To: hardware@hardwaregroup.com Subject: [H] CHKDSK problem in XP I'm having an odd problem with an XP computer. If I go to the root directory and type dir /s after awhile I get a bubble message telling me that a file is corrupt (no name is given) and I should run chkdsk. If I run chkdsk (on reboot or from PE) it shows no problems. Any ideas what I could try? T
[H] CHKDSK problem in XP
I'm having an odd problem with an XP computer. If I go to the root directory and type dir /s after awhile I get a bubble message telling me that a file is corrupt (no name is given) and I should run chkdsk. If I run chkdsk (on reboot or from PE) it shows no problems. Any ideas what I could try? T
Re: [H] Offline Windows Updater
With perl you could just parse the c:\windows\WindowsUpdate.log and after you check and see no patches found then you could just delete the startup script. I am sure it would be really easy to determine that even if its a hack like checking for the existence of a file or something. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of j maccraw Sent: Thursday, February 21, 2008 11:50 AM To: hardware@hardwaregroup.com Subject: Re: [H] Offline Windows Updater Totally doable if you use a INF instead of a REG to do the patching so you have a control over setting or reverting the settings by simply changing the parameters of the call to the INF. Initiate the setup call the INF install with GUIRunOnce in WINNT.SIF. As to how to automatically detect when all updates are installed I'm stumped but removing is as simple as calling the same command with a different section. "To invoke the INF Add a line to $OEM$\Cmdlines.txt to invoke the INF you created from the sysdff difference file. The command is of the same form as you would use to invoke any Windows 95-style INF. The format is as follows: "RUNDLL32 syssetup,SetupInfObjectInstallAction section 128 inf" where: Section specifies the name of the section in the INF file. Inf specifies the name of the INF file. This should be specified as a relative path to avoid invoking Setup's default INF rules, which look for an unqualified filename in the system inf directory instead of the current directory. For example, specify ..\newtools.inf, not just newtools.inf. The command is always enclosed in double quotation marks. " Mesdaq, Ali wrote: > Greg your the Man! Thanks for the reg key info and the "wuaclt > /detectnow" info. I remember there was a command line way to force it to > check but too lazy to look for it. So you answered my laziness for me. > > I think a combination of nLite customized xp install to include > something's in the install like perl or whatever scripting language can > really automate this whole process so the computer keeps checking for > updates on start up until there are none left and deletes itself and > changes reg keys back to normal. > > Thanks, > -- > Ali Mesdaq (CISSP, GIAC-GREM) > Security Researcher II > Websense Security Labs > http://www.WebsenseSecurityLabs.com > -- > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Greg Sevart > Sent: Wednesday, February 20, 2008 11:23 AM > To: hardware@hardwaregroup.com > Subject: Re: [H] Offline Windows Updater > > Some other useful notes: > > "net stop wuauserv" stops the Automatic Updates (AU) service so it will > pick up the new config. Change to start, obviously, to restart it. > > "wuauclt /detectnow" forces AU to detect if updates are needed > immediately. > > c:\windows\WindowsUpdate.log provides a verbose log file of AU activity. > > Greg > >> -Original Message- >> From: [EMAIL PROTECTED] [mailto:hardware- >> [EMAIL PROTECTED] On Behalf Of Thane Sherrington >> Sent: Wednesday, February 20, 2008 1:13 PM >> To: hardware@hardwaregroup.com >> Subject: Re: [H] Offline Windows Updater >> >> At 03:04 PM 20/02/2008, Greg Sevart wrote: >>> Oh, absolutely. You also don't need a domain and group policy--you >> just use >>> a .reg file to add the WSUS server info, then delete the key when >> you're >>> fully patched. We use it internally to bring new machines up to date >>> -before- joining the corporate domain. >> Awesome. This is going to be a huge time saver for me. I owe you. >> >> T > > > > > > Protected by Websense Messaging Security -- www.websense.com > > Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs
Re: [H] Offline Windows Updater
Totally doable if you use a INF instead of a REG to do the patching so you have a control over setting or reverting the settings by simply changing the parameters of the call to the INF. Initiate the setup call the INF install with GUIRunOnce in WINNT.SIF. As to how to automatically detect when all updates are installed I'm stumped but removing is as simple as calling the same command with a different section. "To invoke the INF Add a line to $OEM$\Cmdlines.txt to invoke the INF you created from the sysdff difference file. The command is of the same form as you would use to invoke any Windows 95-style INF. The format is as follows: "RUNDLL32 syssetup,SetupInfObjectInstallAction section 128 inf" where: Section specifies the name of the section in the INF file. Inf specifies the name of the INF file. This should be specified as a relative path to avoid invoking Setup's default INF rules, which look for an unqualified filename in the system inf directory instead of the current directory. For example, specify ..\newtools.inf, not just newtools.inf. The command is always enclosed in double quotation marks. " Mesdaq, Ali wrote: > Greg your the Man! Thanks for the reg key info and the "wuaclt > /detectnow" info. I remember there was a command line way to force it to > check but too lazy to look for it. So you answered my laziness for me. > > I think a combination of nLite customized xp install to include > something's in the install like perl or whatever scripting language can > really automate this whole process so the computer keeps checking for > updates on start up until there are none left and deletes itself and > changes reg keys back to normal. > > Thanks, > -- > Ali Mesdaq (CISSP, GIAC-GREM) > Security Researcher II > Websense Security Labs > http://www.WebsenseSecurityLabs.com > -- > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Greg Sevart > Sent: Wednesday, February 20, 2008 11:23 AM > To: hardware@hardwaregroup.com > Subject: Re: [H] Offline Windows Updater > > Some other useful notes: > > "net stop wuauserv" stops the Automatic Updates (AU) service so it will > pick up the new config. Change to start, obviously, to restart it. > > "wuauclt /detectnow" forces AU to detect if updates are needed > immediately. > > c:\windows\WindowsUpdate.log provides a verbose log file of AU activity. > > Greg > >> -Original Message- >> From: [EMAIL PROTECTED] [mailto:hardware- >> [EMAIL PROTECTED] On Behalf Of Thane Sherrington >> Sent: Wednesday, February 20, 2008 1:13 PM >> To: hardware@hardwaregroup.com >> Subject: Re: [H] Offline Windows Updater >> >> At 03:04 PM 20/02/2008, Greg Sevart wrote: >>> Oh, absolutely. You also don't need a domain and group policy--you >> just use >>> a .reg file to add the WSUS server info, then delete the key when >> you're >>> fully patched. We use it internally to bring new machines up to date >>> -before- joining the corporate domain. >> Awesome. This is going to be a huge time saver for me. I owe you. >> >> T > > > > > > Protected by Websense Messaging Security -- www.websense.com > > Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs
Re: [H] Notebook hard drives
You need to figure out if the notebook hard drive is SATA or PATA. Once you figured that out, try to find a drive with fall protection. Toshiba makes some good drives for this, but are a bit slow in speed. If your looking for performance, Samsung has some good ones out right now. Unfortunately the Western Digital Notebook drives run hot and use a lot of voltage. Also, my back up is like 3 fold. Laptop is backup'd to main computer at home over network. Home computer is backed up to External FireWare drive. Firewire drive is backup'd at work and stored on servers there. Right now it's about 350GB of data. Good luck on your search, Tim "The Beave" Lider E-mail: [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Weeden Sent: Thursday, February 21, 2008 4:56 AM To: hwg Subject: [H] Notebook hard drives I've only had a laptop for about 18 months now and just experienced my first HD failure. I actually got a heads-up from SMART a few days prior that failure was imminent so no data was lost. But I've never dealt with notebook HDs before so I was wondering if there was anything I should be looking for in a replacement. I have heard that just recently they came out with drives with on-board encryption. I would love to have that but I'm guessing that the BIOS needs to support it. The laptop is an HP NC600 series that I bought refurbished so it's a few years old. Centrino-based and works just fine for what I need. Are there any incompatibility things that I should be on the look out for? Or are most notebook drives pretty much interchangeable? - Brian Weeden Technical Consultant Secure World Foundation
Re: [H] Notebook hard drives
I've got an 80GB 2.5" drive that I bought for a portable USB that I am going to stick in. Then I will get a bigger 2.5" drive to put into the USB case. My backup solution is twofold. All my data is backup with JungleDisk to my Amazon S3 account. So even if the worst happens and my house burns down, I still have everything I need. S3 is pretty cheap to, like $0.10/GB per month I think. I also use SyncToy from Microsoft to sync the Jungle Drive data on both my main PC and laptop so I can access it from both places. Secondly, I use Acronis True Image to do images of my system weekly. I keep the original fresh install once I have everything perfect and then do a differential each week. That way if I screw something up I can go back to a previous image. I usually keep about 2 months worth of images. - Brian Weeden Technical Consultant Secure World Foundation On Thu, Feb 21, 2008 at 9:18 AM, Al <[EMAIL PROTECTED]> wrote: > > "Brian Weeden" <[EMAIL PROTECTED]> wrote: > > > Are there any incompatibility things that I should be on the look out > for? > > Or are most notebook drives pretty much interchangeable? > > That unit sold with 30/40 GB drives, there might be a BIOS limitation on > going much larger. I would guess an 80Gb would work. Get a 7200 RPM > drive, it's worth the extra $. > > Get two drives and keep an up to date image on the second drive: > http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&rd=1&item=290208228552 > If you shop around, you may find it even cheaper. Be sure you are > getting the PATA version. > > Between full images, you can copy email folders, etc. to the second > drive. If the internal drive fails, just pop in the second drive. Back > up and running in a few minutes. > > I replaced my laptop drive well before it could go bad, and use it as > the second drive. It's seldom turned on, so it should last a long time. > And the upgrade from 5400 to 7200 was a nice bonus. > > Also, never move a laptop while it's powered up. I know there are > commercials with someone sitting on the couch with the unit in their lap. > The big print giveth and the fine print taketh away. All of the fine > print that comes with laptops, that I've read, say not to move it while > it's running. > > Regards, > Al >
Re: [H] Notebook hard drives
"Brian Weeden" <[EMAIL PROTECTED]> wrote: > Are there any incompatibility things that I should be on the look out for? > Or are most notebook drives pretty much interchangeable? That unit sold with 30/40 GB drives, there might be a BIOS limitation on going much larger. I would guess an 80Gb would work. Get a 7200 RPM drive, it's worth the extra $. Get two drives and keep an up to date image on the second drive: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&rd=1&item=290208228552 If you shop around, you may find it even cheaper. Be sure you are getting the PATA version. Between full images, you can copy email folders, etc. to the second drive. If the internal drive fails, just pop in the second drive. Back up and running in a few minutes. I replaced my laptop drive well before it could go bad, and use it as the second drive. It's seldom turned on, so it should last a long time. And the upgrade from 5400 to 7200 was a nice bonus. Also, never move a laptop while it's powered up. I know there are commercials with someone sitting on the couch with the unit in their lap. The big print giveth and the fine print taketh away. All of the fine print that comes with laptops, that I've read, say not to move it while it's running. Regards, Al
Re: [H] Notebook hard drives
At 08:56 AM 21/02/2008, Brian Weeden wrote: Are there any incompatibility things that I should be on the look out for? Or are most notebook drives pretty much interchangeable? They are interchangeable (at least in every case I've seen.) I would get an Western Digital drive over any others. T
Re: [H] Offline Windows Updater
Even easier. Just nuke the key completely when you're done. The AU key to use WSUS is most definitely under HKLM. Perhaps "standard" Windows Updates doesn't use it at all, so simply deleting it should revert back to that functionality. > -Original Message- > From: [EMAIL PROTECTED] [mailto:hardware- > [EMAIL PROTECTED] On Behalf Of Wayne Johnson > Sent: Thursday, February 21, 2008 2:36 AM > To: hardware@hardwaregroup.com > Subject: Re: [H] Offline Windows Updater > > At 02:04 PM 2/20/2008, Greg Sevart typed: > >You'll want to save out the > >HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate > > I have no such key under HKLM to save out but I do under HKCU. > > > ---+-- > I'm a geek that loves to tweak.
[H] Notebook hard drives
I've only had a laptop for about 18 months now and just experienced my first HD failure. I actually got a heads-up from SMART a few days prior that failure was imminent so no data was lost. But I've never dealt with notebook HDs before so I was wondering if there was anything I should be looking for in a replacement. I have heard that just recently they came out with drives with on-board encryption. I would love to have that but I'm guessing that the BIOS needs to support it. The laptop is an HP NC600 series that I bought refurbished so it's a few years old. Centrino-based and works just fine for what I need. Are there any incompatibility things that I should be on the look out for? Or are most notebook drives pretty much interchangeable? - Brian Weeden Technical Consultant Secure World Foundation