Re: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins to Temporarily Escalate Privileges and Login as Cached Domain Admin Accounts (2010-M$-002)

2010-12-09 Thread Mike Vasquez
You can dump the local cached hashes, take a domain admins, and use a pass the hash attack, which has been around for a while, such as: Hernan Ochoa / http://oss.coresecurity.com/projects/pshtoolkit.htm I don't see this being any more concerning. Whatever you do in the above, is under the other

Re: [Full-disclosure] n3td3v has a fan

2008-04-08 Thread Mike Vasquez
You can send these messages directly to the trash with Gmail -- play with the filters. On the top right dropdown, where it has reply, choose "Filter messages like this" Putting "n3td3v" in "has the words:" will mark the message. click next, and choose "delete it" or "skip the inbox", for instanc

Re: [Full-disclosure] [Professional IT Security Reviewers - Exposed] SecReview ( F - )

2007-12-20 Thread Mike Vasquez
What I really want to know, is if a past customer (err - reader?) of sec review surfaces with a negative opinion of them, will you adjust your grade accordingly? On Dec 20, 2007 1:20 PM, Sec Review Sucks <[EMAIL PROTECTED]> wrote: > This rating is based entirely off my personal feelings after r

Re: [Full-disclosure] [Professional IT Security Providers -Exposed] Cybertrust ( C + )

2007-12-20 Thread Mike Vasquez
Yes, a blog is an opinion, typically. And a blog that reviews a product, *tried the product.* Seriously, find a blog that reviewed a product without actually trying it, but almost purely by looking at the marketing material on the product. That's an incredibly fundamental difference which makes

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Audit Serve, Inc. ( F- )

2007-12-18 Thread Mike Vasquez
Well for starters, writing a company/service review by reading their website is akin to doing a movie review by looking at the trailer, think about it. Second: people go to qualys resellers for the addon services/extra value that you can get/they may provide, as opposed to the stock services provi

Re: [Full-disclosure] Best wireless card for packet capturing?

2007-07-02 Thread Mike Vasquez
I think it was more as a statement regarding the maturity of security tools on each platform. for instance, for wireless, linux has far more tools, and a wider variety, for that work, than windows, and the tools have fewer limitations... and that's an opinion from an mcse+i/mcdba/mcse:security.

Re: [Full-disclosure] Best wireless card for packet capturing?

2007-07-02 Thread Mike Vasquez
ya but has anyone seen it exploited in the wild, outside of perhaps defcon/blackhat/conferences, etc? I think I have a greater threat of spilling a soda on my laptop. On 7/2/07, coderman <[EMAIL PROTECTED]> wrote: On 7/2/07, Joshua Ogle <[EMAIL PROTECTED]> wrote: > ... I've now found a live CD

Re: [Full-disclosure] WEEPING FOR WEP

2007-04-06 Thread Mike Vasquez
verage with ARP replay on an 802.11g network. About 20 seconds average if the network is going full blast on its own. http://blogs.techrepublic.com.com/Ou/?p=464 George Original Message Subject: Re: [Full-disclosure] WEEPING FOR WEP From: "Mike Vasquez" <[EMAIL PROTE

Re: [Full-disclosure] WEEPING FOR WEP

2007-04-06 Thread Mike Vasquez
And traffic rate shouldn't be in the discussion either, since arp-replay allows enough packets to be captured, on most home equipment, in about 20 minutes if you're unlucky, and attacking 128-bit wep. 64 bit keys can be had in under 5 minutes, 128 in under 10, and all you have to do is be connect

Re: [Full-disclosure] Extracting files from SMB packet captures

2007-02-27 Thread Mike Vasquez
While I haven't done anything specifically with SMB, I did come up with the following a few years back: it might prove useful in your research: http://www.adminprep.com/articles/default.asp?action=show&articleid=52 It covers taking an ethereal data cap, and taking portions of it to come up with

Re: [Full-disclosure] Nmap Online

2006-12-06 Thread Mike Vasquez
1) I'm sure none of you can imagine this, but sometimes running and startup configs aren't the same. YES it's TRUE! So, your approach could be disastrous and is really ill advised. 2) Nmap may not give reliable results from all sites. Surely you've encounted ACLs that caused erroneous nmap res