Yep, already tried this and it didn't work.
From: Webster [mailto:webs...@carlwebster.com]
Sent: Wednesday 23 May 2012 14:00
To: NT System Admin Issues
Subject: r...@walkermartyn.co.uk - RE: Office 2003 Running Under
T/Services 2008 R2 - Found word(s) list error remove list in the Text
body
Dump hashes of the passwords/passphrases, run then through a rainbow
table, game is still over. Either that or don't even crack the hash,
just pass the hash and game is still over. Nice tool gsecdump gets a
lot, and there are other tools that will allow you to pass the hash.
Z
Edward
These aren't exactly Automated, as with any XSS testing it's a bit more
manual than automated IMHO. Especially if you want to truly show the
evilness of what XSS vulnerabilities can do.
Backtrack Penetration Platform ( W3AF), other tools
Burp-Suite Pro (One of my favorites)
WebScarab
first you would have the user do a gpupdate/force
of course you would have to restart 3 times to get the policy applied
if this does not work, have the user email you a picture of the pbj sandwich to
make sure that is is what they said.
if possible, send a portion of the pbj sandwich so we can
I have no idea what you said. I'm guessing you're saying a 26-character
passphrase is no better than a 12-character password?
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, May 24, 2012 5:09 AM
To: NT System Admin Issues
Subject: RE: Passphrases vs. password
Dump hashes of the
Might be a little better but honestly, if I can dump your hashes its
only a matter of time before they are cracked using rainbow tables.
Z
Edward Ziots
CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
From: David Lum
Good passwords and good password management is still key, because most
attacks against passwords don't involve the hashes.
Of course, it is vital that other attack vectors, such as SQL injection and
XSS are mitigated against, or the hashes will come into play, and this will
undermine strong
NP glad to share you reminded me to read XSS Attacks by Syngress press
over the weekend. ( I know sic, but gotta keep ahead of stuff J)
Z
Edward Ziots
CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
From: Andrew S. Baker
Greetings!
We have four work from home users who connect to our applications through an
SSL-VPN. After well over a year of successful operation, things have broken
the past couple of weeks...
The devices are all Juniper SA- series SSL-VPN, and users load and run the
Network Connect resource.
Got a call from a developer. Seems there is an old PowerBuilder 8.5.1
application that currently uses the users current credentials for the ODBC
connection to a back end SQL server. The question to me was, can they have
it use alternate credentials. So the user would logon to Windows, the app
A very large enterprise customer I am doing some work for also has Juniper
SSL-VPN stuff. something has happened recently to make using the VPN stuff
worthless. They now have me going thru some web SSL-VPN software and I can
actually work now. They said something has caused their Juniper
Yes. See here for samples:
http://www.connectionstrings.com/sql-server-2008
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, May 24, 2012 9:55 AM
To: NT System Admin Issues
Subject: OT: PowerBuilder ODBC connection to SQL with alternate credentials
Got a call from a
Will stopping the automatic updates service on a windows xp client stop a
download that is already in progress from my wsus server?
Latest batch of .net updates are large and killing my wan.
I'd like to cancel a few clients who already started downloading updates from
wsus.
Thanks Michael,
That is actually where the example I listed below came from. I've also got
an example of a PowerBuilder 9 app that shows how to do it. So I can't
believe that functionality doesn't exist in PowerBuilder 8.5.1. My guess
is that the code is wrong, and I've asked for the developer
I had it happen to my home computer. I turned off AU, turned it back on,
installed the patches and rebooted. Fixed the issue.
I did not have the problem with my servers at work.
From: Stu Sjouwerman [mailto:s...@sunbelt-software.com]
Sent: Thursday, May 24, 2012 10:06 AM
To: NT System Admin
In general, I find InfoWorld to be in the sensationalism game.
I have, over time, seen a lot of .NET patching funkiness, but I haven't
seen what is being described in this article.
As for the multiple version question, it doesn't seem like the author
understands how .NET is laid out. (This isn't
Where is the WSUS server relative to the clients in question?
* *
*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…
*
On Thu, May 24, 2012 at 10:10 AM, David Mazzaccaro
david.mazzacc...@hudsonmobility.com wrote:
Will stopping the automatic
I don't think so - the BITS service is the one downloading the updates. You can
use bitsadmin.exe to see what's in the queue and kill them (from the client
side)
Cheers
Ken
-Original Message-
From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com]
Sent: Thursday, 24 May
On Thu, May 24, 2012 at 7:10 AM, David Mazzaccaro
david.mazzacc...@hudsonmobility.com wrote:
Will stopping the automatic updates service on a windows xp client stop a
download that is already in progress from my wsus server?
Latest batch of .net updates are large and killing my wan.
I'd like
WSUS server is at my main site, I have remote sites w/ clients (XP
Win7) that pull from it over my WAN.
As you can see from the graph, it was a rough morning... this is my T1
circuit at my main site.
All my remote sites also come back here on their own T1 lines.
From: Andrew S.
Thx! I'll check that out.
It seems that stopping the AU services on the clients didn't stop the
downloads in process.
They did finally finish, but slowed everything to a crawl while they
were downloading.
-Original Message-
From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent:
Code upgrade possibly? If the web SSL VPN software is Java based, I
would look at that also,
Z
Edward Ziots
CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
From: Webster [mailto:webs...@carlwebster.com]
Sent: Thursday, May 24, 2012 10:00
I need to extract several Security Group Management related events from the
security log.
Using Get-EventLog leaves me with the Message and ReplacementStrings properties
as strings.
So filtering on an OU and finally developing a non-admin friendly report that
shows just a username
and group
We patched ~1500 servers and ~5000 desktops without issue. While there are
the occasional glitches int he patching cycle they have been far and few
between in the last few years and this sort of sensationalistic crap serves
no IT professionals interest except fear mongering and distortion.
On
I've not seen rainbow tables that work for passwords longer than 14 characters,
and even that excludes a large chunk of the ASCII set.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Thursday, May 24, 2012 7:53 AM
To: NT System Admin Issues
Subject: RE: Passphrases vs. password
Might be
IIRC, at a past employer, we pushed a GPO (or registry change) to either kill
BITS altogether or only allow it at certain times.
Regards,
Don Guyer
Catholic Health East - Information Technology
Enterprise Directory Messaging Services
3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073
I don't understand what you are asking?
-Original Message-
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com]
Sent: Thursday, May 24, 2012 11:33 AM
To: NT System Admin Issues
Subject: Powershell Eventlog Reporting
I need to extract several Security Group Management related events
Indeed they are.
They also reduce your password reset requests as people will write them down.
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 24, 2012 5:51 AM
To: NT System Admin Issues
Subject: RE: Passphrases vs. password
I have no idea what you said. I'm guessing you're
Sorry Michael,
The Message is a string, which makes for large capturing regex's, total pain...
I had hoped the Member|Account name was accessible from with the Message
property...
An example output:
Get-WinEvent Security |?{ $_.Id -eq 4729 } |fl
TimeCreated : 5/24/2012 9:40:16 AM
ProviderName
Ok.. I see that point. And it is 100% correct.
SharePoint takes an entirely different set of skills to administer and develop.
It isn't something you can just throw on a server and have a successful
implementation.
BF
-Original Message-
From: Ken Schaefer
I've got a rainbow table set for all keyboard characters (US-standard
keyboard). Sure, that leaves out a lot of ALT+whatevers, but getting a user
to use those is unlikely.
From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Thursday, May 24, 2012 11:47 AM
To: NT System Admin Issues
Oh. No. Not from there.
In the raw event log entry (which you can get from WMI), you'll see
InsertionStrings, ReplacementStrings, and the Message. You can SOMETIMES get
what you want form ReplacementStrings. But more often than not you will still
be looking at painful regex's or just flat out
So, I got no actual recommendations on harsh-temperature switches... So here's
a last-ditch request: Is there any brand anybody has used in the past?
I guess the silence is deafening.
--Matt Ross
Ephrata School District
- Original Message -
From: Matthew W. Ross
rugged is probably the keyword you are most interested in here; along
with outdoor. Have you Google'd for something along the lines of:
https://www.google.com/search?q=rugged+outdoor+network+switch
?
--
Espi
On Thu, May 24, 2012 at 11:07 AM, Matthew W. Ross
Hardened, Extreme Temperature, High Temperature, Ruggedized, Harsh
Environment... to name a few.
And I've found some. They're just all in the $3k+ range. At that cost, I can
use a cheap HP switch and replace it if/when it fails.
I'll keep looking. Thanks.
--Matt Ross
Ephrata School District
We installed using a computer startup script. The MSI can be extracted from the
EXE and used to deploy but you must ensure that you have all the pre-reqs
yourself (which is what the EXE does).
I agree, it is a bit fiddly
Regards
Tobie
sip:tobie.f...@freebridge.org.uk
From: Troy Adkins
Yes, the error msg received after GPO instalss is ocsetupdir not found.
Troy Adkins
Network Administrator
Virginia House of Delegates
General Assembly Bldg. Room 824
PH: 804.698.1567
Fax: 804.771.7917
tadk...@house.virginia.govmailto:tadk...@house.virginia.gov
Update, the developer just informed me that this is not PowerBuilder, but
ClientBuilder. I've never heard of this before. Not even sure they are
around. This is the only thing online that I've been able to find that
references it:
Hacking VMs in an ESXi 5 -based cloud
http://www.insinuator.net/2012/05/vmdk-has-left-the-building/
Looks like there's more work to be done, but also looks do-able...
Kurt
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
Joseph, here's a very old and crude code I wrote when I was starting
with PowerShell and needed to find very specific events:
# Start of script
$FinalArray = @()
[string]$ServerName = $Args[0]
$BackInTime =
[System.Management.ManagementDateTimeConverter]::ToDMTFDateTime((Get-Date).AddHours(-48))
What switches are you used to using, and who do you buy from?
My first thought would be to call HP (or whomever you use) and
describe your use case, and ask for recommendations.
Kurt
On Thu, May 24, 2012 at 11:07 AM, Matthew W. Ross
mr...@ephrataschools.org wrote:
So, I got no actual
If you can stand the noise, there are often a few nuggets of goodness on FD.
There are a lot of other nuggets on there too though
--Original Message--
From: Kurt Buff
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: I do appreciate the Full-disclosure list
Sent: 24 May
To infinity, and beyond!
On Thu, May 24, 2012 at 11:17 AM, Crawford, Scott crawfo...@evangel.edu wrote:
For longer than 14 characters?
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Thursday, May 24, 2012 12:34 PM
To: NT System Admin Issues
Subject: RE: Passphrases vs.
Wow, that's a blast from the past. I haven't used that since around 1998/99.
It's now part of Progress Software and called Z/Presentation.
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, May 24, 2012 3:04 PM
To: NT System Admin Issues
Subject: RE: PowerBuilder ODBC
No, sorry. I should've clarified that.
But they are available for purchase (or you can generate them yourself - that's
not as ridiculously expensive in compute-time as it was even 5 years ago).
From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Thursday, May 24, 2012 2:17 PM
To: NT
To keep your searching simple, I would lean more toward rugged,
which typically relates to physical durability. Hardened is usually a
term related to security-related accessibility.
--
Espi
On Thu, May 24, 2012 at 11:38 AM, Matthew W. Ross
mr...@ephrataschools.orgwrote:
Hardened, Extreme
Any idea how to calculate that? Even assuming we just use a-z,A-Z, and 0-9, we
have 62 characters, so is a 15 char rainbow table 62 times the size of a 14
char one? I'd assume there's some relationship similar to that. Even if it's
just double size for each character you add, the tables are
The delete key is your friend on most lists, though after a while on
all of them, if you pay attention, you'll find out who's worth the
read.
On Thu, May 24, 2012 at 12:56 PM, Rankin, James R kz2...@googlemail.com wrote:
If you can stand the noise, there are often a few nuggets of goodness on
Any interest in looking at some of the code?
Thanks
Christopher Bodnar
Enterprise Achitect I, Corporate Office of Technology:Enterprise
Architecture and Engineering Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
christopher_bod...@glic.com
The Guardian Life
Uh…. Sure, WTH. No promises. When I last used it, it was on Sybase SQL 4.1
(just before it became Microsoft SQL).
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, May 24, 2012 4:37 PM
To: NT System Admin Issues
Subject: RE: PowerBuilder ODBC connection to SQL with
+1
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Thursday, May 24, 2012 4:33 PM
To: NT System Admin Issues
Subject: Re: I do appreciate the Full-disclosure list
The delete key is your friend on most lists, though after a while on all of
them, if you pay
There used to be a really good article on rainbow tables available via
ophcrack; but now that ophcrack is on sourceforge it doesn't seem to be
available anymore.
It isn't linear, but yes it's still O(n), where n is the number of characters
included in the tables. The tables converge somewhat
BAT/CMD only? Or is PowerShell an option?
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 24, 2012 5:08 PM
To: NT System Admin Issues
Subject: Is there a way...
In batch to take this output:
---
W32i DLL ENU11.2.202.235 shp flash32_11_2_202_235.ocx
Reply from 4.2.2.3:
Sure
snip
Echo 11.2.202.235, 24ms textfile.txt
snip
But, I imagine that's not exactly what you're looking for. What's generating
the input? Is it always in a certain form? Whats the goal? Checking ping time
on computers with a certain version of flash?
From: David Lum
I did call HP. They don't sell any switches that can handle operating
temperatures below freezing.
Looking at the historical data for Ephrata. I don't think the high temperatures
are to worry. (I see we hit 115F once.)
But we often drop below 32F in the winter. This building, being small and
http://www.lockdown.co.uk/?pg=combi#Classes
See the note on the bottom of the page if you want your mind blown.
-Jeff Steward
On Thu, May 24, 2012 at 4:29 PM, Crawford, Scott crawfo...@evangel.eduwrote:
Any idea how to calculate that? Even assuming we just use a-z,A-Z, and
0-9, we have 62
On Thu, May 24, 2012 at 2:38 PM, Matthew W. Ross
mr...@ephrataschools.org wrote:
Hardened, Extreme Temperature, High Temperature, Ruggedized,
Harsh Environment... to name a few.
Industrial is another good adjective.
And I've found some. They're just all in the $3k+ range.
Yah... this
On Thu, May 24, 2012 at 4:29 PM, Crawford, Scott crawfo...@evangel.edu wrote:
Any idea how to calculate that? Even assuming we just use a-z,A-Z, and 0-9,
we have 62 characters, so is a 15 char rainbow table 62 times the size of a
14 char one? I’d assume there’s some relationship similar to
On Thu, May 24, 2012 at 5:15 PM, Matthew W. Ross
mr...@ephrataschools.org wrote:
I did call HP. They don't sell any switches that can handle
operating temperatures below freezing.
So strap a small solid-state heater to the side of the thing, and
set it for 35F. The industrial control
On Thu, May 24, 2012 at 5:08 PM, David Lum david@nwea.org wrote:
In batch to take this output:
W32i DLL ENU 11.2.202.235 shp flash32_11_2_202_235.ocx
Reply from 4.2.2.3: bytes=32 time=24ms TTL=53
And end up with this in a .TXT file?
11.2.202.235 , 24ms
Yes. Look into the FOR /F
On Thu, May 24, 2012 at 5:17 PM, Jeff Steward jstew...@gmail.com wrote:
http://www.lockdown.co.uk/?pg=combi#Classes
See the note on the bottom of the page if you want your mind blown.
And note that the page is dated July 2009. If we blindly assume for
the sake of discussion that computing
CMD only.
Sorry I should have included more info. The commands I am already running are:
FILEVER %SystemRoot%\system32\Macromed\Flash\Flash*.ocx /A /D
b:\wsdata\MAP-WS_Results.txt
Echo. b:\wsdata\MAP-WS_Results.txt
ping -n 1 4.2.2.3 | find /i reply b:\wsdata\MAP-WS_Results.txt
So what you
So strap a small solid-state heater to the side of the thing, and
set it for 35F. The industrial control equipment we get at work these
days is often regular commercial equipment with heat and A/C wrapped
around it.
That is a good idea.
How much will the problems cost you? If the
I'm not going to say that it has NOT happened, but none of the current
generally available software utilizes GPUs.
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Thursday, May 24, 2012 5:45 PM
To: NT System Admin Issues
Subject: Re: Passphrases vs. password
On
http://www.golubev.com/hashgpu.htm
--
Espi
On Thu, May 24, 2012 at 3:38 PM, Michael B. Smith mich...@smithcons.comwrote:
I'm not going to say that it has NOT happened, but none of the current
generally available software utilizes GPUs.
-Original Message-
From: Ben Scott
From memory BITS is supposed to be something you can schedule stuff with.
So I did a quick search. May or may not be helpful for future use.
http://www.group-policy.com/ref/policy/59/Set_up_a_work_schedule_to_limit_the_maximum_network_bandwidth_used_for_BITS_background_transfers
On Thu, May
That doesn't appear to generate rainbowtables, nor does it appear to have been
updated since 2009.
From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]
Sent: Thursday, May 24, 2012 6:44 PM
To: NT System Admin Issues
Subject: Re: Passphrases vs. password
Curses to 2009!
--
Espi
On Thu, May 24, 2012 at 3:53 PM, Michael B. Smith mich...@smithcons.comwrote:
That doesn’t appear to generate rainbowtables, nor does it appear to
have been updated since 2009.
** **
*From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com]
*Sent:*
On Thu, May 24, 2012 at 6:38 PM, Michael B. Smith mich...@smithcons.com wrote:
I also wonder if the latest crop of GPU/math coprocessor hardware
could be adapted to this purpose.
I'm not going to say that it has NOT happened, but none of the
current generally available software utilizes
On Thu, May 24, 2012 at 5:47 PM, David Lum david@nwea.org wrote:
FILEVER %SystemRoot%\system32\Macromed\Flash\Flash*.ocx /A /D
b:\wsdata\MAP-WS_Results.txt
Echo. b:\wsdata\MAP-WS_Results.txt
ping -n 1 4.2.2.3 | find /i reply b:\wsdata\MAP-WS_Results.txt
You should probabbly wrap
Why are you using MAP-WS_Results.txt? Just as a data collection point or do you
possibly need more info from it later besides the 4 things you mention? If the
only thing you want at the end is your master list in a text file, I would
parse the data during each command. Something like this,
I think that might be your best bet - that, or insulate the building
and let the switch heat it!
Heh.
On Thu, May 24, 2012 at 2:15 PM, Matthew W. Ross
mr...@ephrataschools.org wrote:
I did call HP. They don't sell any switches that can handle operating
temperatures below freezing.
Looking
Thanks guys.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with
On Thu, May 24, 2012 at 2:45 PM, Ben Scott mailvor...@gmail.com wrote:
On Thu, May 24, 2012 at 5:17 PM, Jeff Steward jstew...@gmail.com wrote:
http://www.lockdown.co.uk/?pg=combi#Classes
See the note on the bottom of the page if you want your mind blown.
And note that the page is dated July
All,
I'm trying to figure out why SBS 2003 has a constant defrag running -
I see defrgntfs.exe in the task list every time I touch this machine,
except for short periods after I reboot it, and then it starts right
back up again.
I've rebooted the box and (as the Administrator) done an analyze on
It's not all doom-and-gloom.
Someone still needs to *get* the hashes somehow. So they need the ability to
dump something from your authentication stores (AD? Proprietary database? LDAP
store), which may or may not be in NTLM. If they are able to do that, then you
already have significant
Indeed.
* *
*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…
*
On Thu, May 24, 2012 at 9:54 PM, Ken Schaefer k...@adopenstatic.com wrote:
It's not all doom-and-gloom.
Someone still needs to *get* the hashes somehow. So they need the
True enough, to one degree or another.
I won't say it's trivial to establish a foothold in a network, but I'd
guess it's pretty routine, given how most environments are configured.
o- Identify employees using the network
o- Entice them to click on a URL with nasty stuff behind it, or send
them a
Sure - that can be done. But I said a well designed network.
Well designed networks have a modicum of control within them - proxy filtering,
SMTP filtering, anti-virus/malware scanning, NIPS, and largely no local admin
rights.
I'm pretty sure that most larger orgs would have at least 4 out of
I haven't had a chance to respond, and if I missed part of your
requirements, I apologize. The way I understand it, you just need a port or
two in a remote facility with little to no environmental controls, subject
to low temperatures.
Omnitron Systems has some equipment in their iConverter
80 matches
Mail list logo