Microsoft Windows XP - Command-line reference A-Z

September 22, 2004

4 comments  

Microsoft Windows XP - Command-line reference A-Z

A handy reference of all of the command-line commands and what they do, options, etc.

Sasser Netsky virus coder lands job with security firm

September 20, 2004

0 comments  

Hack In The Box - Sasser Netsky virus coder lands job with security firm - "A German teenager accused of creating the Sasser worm that infected millions of computers around the world is being taught to become a security software programmer, the company that hired him said on Friday. Eighteen-year-old Sven Jaschan has been taken on by the Securepoint computer firm based in Lueneburg, northern Germany and is being trained to make firewalls, which stop suspect files from entering computer systems."

This sets a horrible precident.. Write a virus, get rewarded with a job. What was this firm thinking? We'll see more and more people writing viruses in hopes of employment. I can see hiring ex-hackers, who have a large understanding of security and ways around security, but at least a hacker chooses his target and only affects his target. A virus writer creates a little program and then lets it free to infect whatever it can, causing enormous losses for those companies and individuals involved. {True} hackers also follow a certain code of ethics; although thier actions may not be legal, at least they attempt to show some respect for the victim by not violating certain rules. To me, virus writers have no respect for the (internet) community that they are a part of.

Symantec to acquire security firm @stake | CNET News.com

0 comments  

Symantec to acquire security firm @stake | CNET News.com: "Symantec has signed an agreement to acquire @stake, a security consulting and software company, Symantec said Thursday.
@stake will improve Symantec's consulting contacts--six of the top 10 financial institutions are customers, Symantec said. Symantec also will get products to help check and recover lost passwords and to test and improve Web site security. "

Meant to report on this last week, but you know how that goes. Really, I think this blows. I remember l0pht back when they were a bunch of guys in Boston playing around w/ technology in thier spare time. Oh well.. I'd sell out too if the price was right.

DNS Stuff

0 comments  

DNS Stuff: DNS tools, WHOIS, tracert, ping, and other network tools. - This is a must bookmark site. Tons of tools such as: DNS reports, dns timing, whois, reverse dns lookup, routing lookup, spam database, etc.

The GUI Gallery

September 17, 2004

2 comments  

The GUI Gallery: "On these pages you will find many screen shots of various desktop computer Graphical User Interfaces and operating systems. Many different people have had different ideas of how a GUI should work and these screen shots show many of the more popular ones. "

This site is pretty awesome. I spent quite some time reminencing over pictures of old operating systems I've played with over the years: GEOS, Windows 3.0, OS/2 Warp (which I still have a copy of), etc. The screenshots of Microsoft BOB were amusing. I found a copy of BOB at a thrift store the other day, but I couldn't justify the $2 asking price for it (and it was half-off everything day).

Will Microsoft sue OpenOffice users?

0 comments  

arstechnica: Will Microsoft sue OpenOffice users?: "According to a provision in the landmark Sun-Microsoft settlement, Microsoft can sue OpenOffice.org (as the application suite is now known) users and developers over copies of OpenOffice.org installed after April 1, 2004. The agreement between Sun and Microsoft was made public as part of Sun's SEC filings earlier this week. While OpenOffice.org users would be fair game, users of Sun's StarOffice suite upon which OpenOffice.org is based are specifically protected from legal action by Microsoft."

Lets ruin everything that is free. The article talks about how hard it will be for them to sue users (since they are considered monopolists) but this can sure stifle the future growth of the product. Poor home users and small companies will just have to find (yet) another alternative to the {great} Microsoft Office.

Freeware Utility - EventSave

September 16, 2004

0 comments  

Heysoft - EventSave - "There is no utility delivered with Windows NT to move the events from the current logs into backup files.
I wrote a little tool which can be used to schedule a job to automatically save all events to another file and clear each log afterwards. Independently of how often you run it, there will be one file created every month for each log, called year_month_computer_xxx.evt, where xxx is the name of the log (like, for instance, Security or System)."

Nice freeware.

Feds say Lamo inspired other hackers

0 comments  

SecurityFocus HOME News: Feds say Lamo inspired other hackers: "The final act in the saga of Adrian Lamo's hacking adventures ended with a contrite message from the once brash cyber outlaw, and a grim denunciation from his prosecutor, who blamed the hacker for inspiring other computer intruders. "

Troubleshooting Group Policy in Windows 2000

September 15, 2004

0 comments  

Troubleshooting Group Policy in Windows 2000: "This white paper explains how IT administrators can troubleshoot Group Policy. It includes sections on using command line tools, accessing and using logs, common troubleshooting scenarios, solving software installation issues, checklists for troubleshooting, and best practices. This advanced level paper assumes readers are familiar with the fundamentals of Group Policy. It includes the following sections:"

Black Tuesday - September

September 14, 2004

0 comments  

Microsoft Security Bulletin MS04-028: Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) - Critical

This looks pretty bad.. there are a ton of applications that are affected. The attack vector is limited (somewhat); this can't be exploited remotely (like blaster), but the exploitation potential via email or webpage is great.

(edit: 9/22) There is proof of concept and exploit code circulating already, so be on the lookout for the next major virus.

Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2

0 comments  

Download details: Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2: "Windows XP Service Pack 2 (SP2) includes the Windows Firewall, a replacement for the Internet Connection Firewall (ICF) in previous versions of Windows XP. Windows Firewall is a stateful host-based firewall that discards unsolicited incoming traffic, providing a level of protection for computers against malicious users or programs. To provide better protection for computers connected to any kind of network (such as the Internet, a home network, or an organization network), Windows XP SP2 enables Windows Firewall on all network connections by default. This new behavior can impair some types of communications. This article describes how to deploy the appropriate configuration settings for Windows Firewall on an organization network so that it is enabled and providing protection, and so that communications are not impaired."

Good white paper on how to set up Windows Firewall using GPOs.

SYSADMINHELL ANNIVERSARY

September 11, 2004

0 comments  

So, SysAdminHell has been around for 1 year, 231 posts, 18,966 words, and 408 links. Here's to another year of surviving this hell!

Here's a little treat that I'm sure most of us can relate to:
The Chronicles of George: "George is, quite simply, the worst helpdesk technician ever.
His grasp on the written word is shakier than a canoe full of epileptics. His knowledge of computers is thinner than a Vegas dancer's chiffon underpants. He is, by all standards of intelligence, a rock."

By the way, anyone wanting a gmail account send me an email at netmancer@gmail.com and I'll hook it up (if I have them).

Here's some more goodies:

my favorite webcomics:
Dilbert
General Protection Fault
User Friendly
Penny Arcade

(some of) my favorite mailing lists:
Def-Con Stuff
NTSysAdmin
WinSecurityIssues
W2Knews
WXPnews

An "Operation Failed" Error Message Appears After You Click "Send and Receive"

September 10, 2004

0 comments  

312354 - OL: An "Operation Failed" Error Message Appears After You Click "Send and Receive"

I was getting this error: the operation failed. an object could not be found. I installed the latest updates/service packs, uninstalled office/reinstalled office, nothing. Apparently, Windows keeps your outlook profiles and settings even if the software is removed from your computer.

Optimizing Domain Name System (DNS), Windows 2000

September 09, 2004

0 comments  

Optimizing Domain Name System (DNS), Windows 2000

JSI Tip 3412. How do I setup the Domain Name System for Active Directory?:

War, Peace, or Stalemate: Wargames, Wardialing, Wardriving...

0 comments  

SSRN-War, Peace, or Stalemate: Wargames, Wardialing, Wardriving, and the Emerging Market for Hacker Ethics by Patrick Ryan: "This article will explain the roots of the term 'wardriving,' and the cultural phenomenon of the 1983 Hollywood movie WarGames that gave birth to the concept more than 20 years ago. Moreover, this article will show that the press has often confused wardriving with computer crimes involving trespass and illegal access. There are inconspicuous ethical shades to wardriving that are poorly understood, and to date, no academic literature has analyzed the legality of the activity. This article will argue that the act of wardriving itself is quite innocuous, legal, and can even be quite beneficial to society."

UNIX on the Game Boy Advance

September 08, 2004

0 comments  

UNIX on the Game Boy Advance: "In this document, we discuss 'gbaunix', a rather contrived experiment in which we run an ancient version of the UNIX operating system on a popular hand-held video game system using a simulator. "

Not sure how practical this is, but it's pretty cool. Might as well have something to do w/ my gba; either the game suck or are too expensive for my broke ass.

ATK - Attack Tool Kit

0 comments  

ATK - Attack Tool Kit - The acronym ATK stands for Attack Tool Kit. It was first developed to provide a very small and handy tool for Windows to realize fast checks for dedicated vulnerabilities.

Metasploit Framework, Part 2

0 comments  

SecurityFocus HOME Infocus: Metasploit Framework, Part 2: "This article will start off with a brief introduction to the console interface and explain how to select and use an exploit module. We will then cover the environment system, how it works, and what features can be enabled through it. "

Free iPods

September 04, 2004

0 comments  

Click here to help me and to start your way to your own free iPod.

Ok, here's the deal. FreeiPods.com is giving away iPods, including the new Apple 20 GB iPod for free, sort of. The way it works is simple. You sign up. You are now presented with a list of "trial offers". Currently, all of these trials require a credit card number. Pick a trial, give them your CC#, go through the trial for a short amount of time, then cancel (or keep the service if you want). Nothing shows up on your credit card. Next, you have to get 5 friends to sign up and participate in a trial. If they sign up with your referral code, you get a credit once it is verified that they did a trial. After you have completed this, you get a free iPod shipped to your house.

I did my research on this. I have not found a single complaint on any newsgroup, mailing list, website, forum, etc that had any merit. Sure, it's easy to blow this off as paranoia, but the economics of this make sense. Check out Jay Bees' analysis of the economics driving this offer. It makes perfect business sense. The parent company, Gratis Internet, has been registered with the BBB over the past several years with no pending complaints. I've only heard positive experiences with this program.

Here's my deal: Everyone knows that I will NEVER be able to afford an iPod. Everyone also knows that I WANT an iPod. If you're interested in getting a free iPod, what does it hurt to help me out? Click here to help me and to get started on your free iPod.

Here's a few more links:
The Original Free iPod Guide
Guide to freeiPods.com
Yet Another Guide to FreeiPods.com
Gratis Internet Better Business Bureau Report
Analysis of the economics driving FreeiPods.com.

Windows 2000/XP Command Prompt - Cheat Sheet

September 03, 2004

0 comments  

Windows 2000/XP Command Prompt - Cheat Sheet [[PRINTABLE]] - nice handy reference for when you draw a blank.

RIAA forced technology weed to choke it

0 comments  

RIAA forced technology weed to choke it - "See the problem? The network providers will tell you in very colourful language exactly where to shove it, no doubt there. Even if they didn't, what would they implement it on again? They hold none of the databases, you and I do. If they manage to coerce Kazaa into forcing the filters onto your machine somehow, there are a dozen other networks out there. If they get them all, a lot of the code is open source, I'd give it 30 minutes before a dozen new networks spring up.

In the old days, there was one provider, and one repository, one throat to strangle. It was manageable technically if it came down to a technical solution. Instead of allowing that technical solution to blossom, they went the legal route, and lost. In the intervening years, the tech went around them, and they sat still, and possibly regressed.

The problem with forced evolution is that it tends to work. The RIAA made the networks evolve technically, from a relatively incocous MP3 network to the file sharing network from hell. There is nothing you can't get anymore, and there is no one to stop it. If they came up with a tool, unlikely as that may be, there is no place to implement it."

- Well written article outlining how the RIAA and MPAA have shot themselves in the foot and why. BTW, I shit on the RIAA. I may not share files, but I'm not purchasing any more music from those assholes. I'll purchase used from stores, garage sales, or pawn shops rather than let my money see RIAA's pockets. They've lost a customer for life.

BOFH takes the Piss | The Register

September 01, 2004

0 comments  

BOFH takes the Piss | The Register: "And I'm left wondering what Lassie would do... would she dial the suspiciously short US 24hr freecall number? Would she ring the local 'Value Added' (pfft) Reseller and ask what the hell's going on? Or would she just relieve herself on the cabinet and wander off?
So I'm relieving myself on the cabinet (with the Power OFF, of course) when the user returns to the office. .."

This is one of the funniest BOFH's I've read in a long while.. take a look.