You could try using the Windows Resource Kit utility
cusrmgr.exe (Console user manager)
The command would be; cusrmgr -u administrator -m
\\machinename -P password
Nice and easy to script with too.
Josh Amick
-Original Message-
From: Jimmy Sansi [mailto:[EMAIL PROTECTED]
Sent: Tuesday
Why would you tell someone to run blackice witch has bugs in it.
If your going to have a firewall, just grab a box that is not being used
and put Openbsd on there and make your firewall that way. Much safer,
and secure
-h
-Original Message-
From: Daniel R. Miessler [mailto:[EMAIL PROTECTED
support to test it out personally, as my main away from home machine
is an Apple TiBook.
The model number is BEFVP41.
--
Josh Little
[EMAIL PROTECTED]
PGP: 0x30507C93
Ars Gladii Historical European Swordsmanship
http://homepage.mac.com/lvcian/arsgladii
--
s similar in concept, if not in
features to NetStumbler.
--
Josh Little
[EMAIL PROTECTED]
PGP: 0x30507C93
Ars Gladii Historical European Swordsmanship
http://homepage.mac.com/lvcian/arsgladii
--
As you pointed out, a smart hacker will try the dictionary cracker first,
so the VX.97tf password will be tried first with the dictionary, then brute
force, so by your logic you should add both results to compare the password
strengths.
At 11:48 PM 6/27/2002 +, Chris Berry wrote:
>I've g
better option for Windows
users, IMO) are two such tools that I have experience with and like.
[1] http://gnupg.org/
[2] http://web.mit.edu/network/pgp.html
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
n the same thing in standard English, it is not what
I would call a good password.
In short, I would argue that the above link is good for entertainment,
bad when used as a password generator.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
"$1\n";}}'`; do
for j in $i/*; do
md5sum $j >> md5sums.list
done
done
Gross, but it will get the job done. Sorry for misunderstanding. ;)
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
db_metadig
71f4ad46b5b6c8d9ee620d1fde641852 /usr/bin/4odb_odmsdump
Will that work?
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
ther SIGHUP
This looks like the Apache chunking vulnerability being exploited. Read
the article about GOBBLES's exploit on http://securityfocus.com for more.
What version of Apache are you running?
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
y for MAC addresses that ain't yours.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
If you just need remote control you don't need port 80 right?
We setup something very similar..
Secure VPN between 2 pix firewalls -- and run encrypted PC anywhere and only
allow that port open.
Also, we have the pix's sending to syslog server for monitoring.
Maybe this will help
Jos
atch. Thanks a lot! ;)
[1] http://www.nsa.gov/selinux/license.html
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
rotocol', '$service' )
}, undef, "DONE" ) || die $dbh->errstr;
} # if (open port found)
} # while (eating STDIN)
# Disconnect cleanly
$dbh->disconnect();
-
I do not claim that the DBI stuff is right, as I did not feel like
installing th
ers are out to
> get *your* site on a personal basis. And it is not so.
That is true. In a few cases, you might be intentionally targeted. In
most, you will not.
Your points are well-taken, and I think that we were arguing from
different sides of the issue.
--
Josh Glover <[EMAIL PROTEC
banners and pulling the security
blanket over your eyes.
And *that* is what I have been trying to say. Sorry if I was not clear
enough. And I still stand by my claim that the vast majority of script
kiddies' tools ignore banners and just try the exploits.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
he claims it is something else? Why not just try the known
exploits for every major webserver? It costs me nothing.
Bottom line: you will "stop" less than 0.5% of any attacks on your
webserver, automated or otherwise by having your webserver misrepresent
itself.
--
Josh Glover <[E
force people to use sudo to run them. A smart sudoers.conf should
allow you to protect these binaries pretty well, and log all usage of
them, if you so desire.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
Short_Circut wrote:
>
> because the
e. Most sysadmins could care
less about security. And those who want to care don't have the time or
motivation to learn what they need to know!
-Josh
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
em of being much more easily
crackable than say, a 1024+ bit DSA key, but has the advantage of being
less likely to be left in the floppy or CDROM drive of the laptop *when*
it is stolen.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
pretty simular. It is a
pretty good primer on basic firewall setup.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
nge about that.
True.
>>Is it right or not? If right, what I have to do on my fw to permit
>>this packet traffic?
>
>
> Yes, it is right. You should read: http://www.faqs.org/rfcs/rfc959.html
> You can find Howtos on what to do on the Internet.
Solution.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
e,
that may break a few things (DHCP, NFS, etc). Hiding from ping is
easy--just disallow ICMP.
Get thee to a doc on setting up basic firewalls! [1]
--Josh
[1] (http://www.tldp.org/HOWTO/Firewall-HOWTO.html) The Firewall HOWTO
is a pretty good starting place, though it does not address ipfilter
hings
will be safer than hacking up a custom scripted solution.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
to use sshd on your
home computer and use puTTY / pscp on your Windows client. No installing
of stuff necessary. Just grab the binaries [1] and you are ready to rock
and roll.
--Josh
[1] http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
en sink is included, but that does not stop you from just doing
things the way you want, and you are not forced to use the more "newbie
friendly" functionality.
-Josh
--
Josh Glover <[EMAIL PROTECTED]>
Associate Systems Administrator
INCOGEN, Inc.
tside, you can deny
> root logins through SSH. Then you'd have to login as a regular user and then
> su root (which you should be doing anyhow) ;-)
I would advise using sudo over su. Having root terminals hanging around
is not necessarily the best security practise.
-Josh
ople use the box and it has to be online all
> the time. It'll have some sensitive info so I need something
> with good authorization. Anyone can point me in the right
> direction? Thanks in advance...
How about good ol' OpenSSH? (http://www.openssh.org/) Should run in
ressed. Don't be mislead by trying to count vulnerabilities or
advisories for both products, instead, ask how much time and effort will be
required to secure and installation on your network.
Regards,
_
Josh Daymont
Chief Security Architect
Tel:
like
amazon.com or shopping.yahoo.com or ebay.com to see who is violating the
policy. Then, have HR deal with them. A much cleaner solution, from the
POV of a sysadmin.
Make sure you talk this over with management, if you have not already.
--
Josh Glover <[EMAIL PROTECTED]>
Associate Sys
FreeSwan is what you're looking for, and you want to setup IPSec between
your box and the remote host for IP level security.
- Josh Reynolds
On Mon, 19 Nov 2001, Karel Jennings wrote:
> Hey all.. I've thought that the idea of doing VPN between my home and company
> would
pened multiple times for 30 seconds to a minute. The source IP was
different each time, but it could have been spoofed.
I have copied a segment of the log below. Note the Source Port = 0, seven
lines from the bottom.
I would appreciate any feedback on this.
Thanks
Josh
Date
Tunnel everything over ssh =)
- Josh Reynolds
On Mon, 12 Nov 2001, Rafael 'Dido' Sevilla wrote:
> On Fri, Nov 09, 2001 at 12:21:19PM +0800, Akbar Ali wrote:
> > Hi all,
> >
> > Is there a way to encrypt passwords for Outlook & FTP? I ran a sniffing
&
I believe a proxy works at Layer 7 and NATing works at Layer 2/3.
-Original Message-
From: Muhamad Salem Sugui
Sent: Fri 9/14/2001 7:20 PM
To: [EMAIL PROTECTED]
Cc:
Subject: Proxy x NAT
He
34 matches
Mail list logo