Windows Server 2003 Tools

August 27, 2005


Windows Server 2003 Tools: "On this page you'll find downloadable tools that will help you support Windows Server 2003 systems." - Really helpful little collection of tools. Sometimes we overlook the obvious source...

Windows Server 2003 Feature Packs: "On this page you'll find downloadable feature packs that provide all-new Windows Server 2003 solutions and functionality." - Several nice add-ons...

Download details: File Replication Service Diagnostics Tool (FRSDiag.exe): "FRSDiag provides a graphical interface to help troubleshoot and diagnose problems with the File Replication Service (FRS). FRS is used to replicate files and folders in the SYSVOL file share on domain controllers and files in Distributed File System (DFS) targets. FRSDiag helps to gather snap-shot information about the service, perform automated tests against that data, and compile an overview of possible problems that may exist in the environment."

Upgrading from Windows 2000 to Windows Server 2003

August 26, 2005


How to upgrade Windows 2000 domain controllers to Windows Server 2003

Common Mistakes When Upgrading a Windows 2000 Domain To a Windows 2003 Domain

Preparing Your Windows 2000 Network for an Upgrade to Windows 2003, from Global Knowledge Network - White Papers, Webcasts and Case Studies - TechRepublic

Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller

Windows Server 2003 - How to transfer the FSMO Operations Master roles

Transferring FSMO Roles: "How can I transfer some or all of the FSMO Roles from one DC to another?"

Microsoft exploit code hits the web

August 12, 2005


Microsoft exploit code hits the web - "Exploit code has started appearing on hacking websites for a critical Microsoft flaw less than three days after the patch was released.

Security testers at eEye claim to have found two separate examples of working exploit code in the past few hours that could give full control of a target PC. "

Here's some of said exploits, from FrSIRT:
Microsoft Windows 2000 Plug and Play Universal Remote Exploit (MS05-039)
Microsoft Internet Explorer COM Objects File Download Exploit (MS05-038)
Microsoft Windows Plug and Play Remote Buffer Overflow Exploit (MS05-039)

Black Tuesday: 6 Fun Things To Take Away Your Spare Time

August 09, 2005


Microsoft Security Bulletin MS05-038: "Cumulative Security Update for Internet Explorer (896727)" - Critical

Microsoft Security Bulletin MS05-039: "Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)" - Critical

Microsoft Security Bulletin MS05-040: "Vulnerability in Telephony Service Could Allow Remote Code Execution (893756)" - Important

Microsoft Security Bulletin MS05-041: "Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591)" - Moderate

Microsoft Security Bulletin MS05-042: "Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587)" - Moderate

Microsoft Security Bulletin MS05-043: "Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)" - Critical

3 Criticals.. but beware none-the-less. Although labeled Moderate, MS05-041 (RDP) already has an exploit released over at FrSIRT.

Get Home Earlier With Windows Vista

August 04, 2005


Get Home Earlier With Windows Vista: "Windows Vista offers systems engineers, deployment engineers, and support center operators a possibility of life outside of work"

I'll have to admit that I haven't been very excited (at all) about the new Windows Vista (Longhorn). With the loss of WinFS and other features, plus the far away shipping date, I've just ignored all of the hype and looked at this as just MS selling another Service Pack as an OS. Well, this article helps get me a bit more excited by outlining what Vista will do for me, the SysAdmin. Features I'm looking forward to: registry and file virtualization, better Group Policy (configure just about everything), monad, imaging (better, easier to update), customized help fuctions, better error reporting, more in-depth error messages, hardware monitoring, and hopefully much more as I learn more about this new OS. Of course, I'm taking a wait and see approach to whether or not this stuff lives up to the promises, but if it does, I'll be happy with it.

Here's Microsoft's Resources for IT Professionals website.

NirSoft - freeware utilities: password recovery, system utilities, desktop utilities


NirSoft - freeware utilities: password recovery, system utilities, desktop utilities: "NirSoft web site provides a unique collection of small and useful freeware utilities, all of them developed by Nir Sofer. "

Take a look at his MessenPass, Mail PassView, and his Protected Storage PassView utilities... these will blow your mind! MessenPass pulled out my Gaim Yahoo! Messenger account password and Mail PassView was able to pull out several Outlook account password on my box in a matter of seconds (as long as it took for me to double-click). The Protected Storage PassView utility pulls passwords out of IE (saved logins) and just showed me why I NEVER save my passwords in IE or Firefox. This is some scary stuff.. that's one reason why losing physical access to a box results in the end of your security. Wow. If I were you, I'd get this stuff before he wises up and starts selling it.. Right now everything is FREEWARE.

Worm hole found in Windows 2000

August 03, 2005


Worm hole found in Windows 2000 | CNET "The vulnerability in Microsoft's operating system could enable remote intruders to enter a PC via its Internet Protocol address, Marc Maiffret, chief hacking officer at eEye Digital Security, said on Wednesday. As no action on the part of the computer user is required, the flaw could easily be exploited to create a worm attack, he noted.

What may be particularly problematic with this unpatched security hole is that a work-around is unlikely, he said."

This looks to be a little worrisome... We'll just have to take a wait and see approach to what happens with this. Sometimes you have to always remember that there are huge holes out there that just aren't found yet.. and hopefully, the people who do find them are responsible people who won't take advantage (like eEye, who won't release any details until a patch is avaliable).

DefCon 13 Coverage

August 02, 2005

1 comments DefCon 13 Coverage: "We now conclude the MAKE Magazine DEFCON coverage. We have a special spot on MAKE with all the enhanced audio podcasts, images, posts and more."

InformationWeek > Security > Hackers Demonstrate Their Skills in Vegas > August 1, 2005: "Even allegedly foolproof biometrics aren't totally safe at Defcon, the conference where crackers, hackers, and feds come to share tips and tricks."

Great coverage of Defcon 13. Unfortunately, I was unable to attend this year, just like every year since Defcon 6. Well, there's always next year... Also, you may want to take a look at the Defcon Media Archives.. a good resource.