Saturday, October 2, 2010

Maltego

Maltego is an open source intelligence and forensics application. It will offer mining and gathering of information as well as the representation of this information in a easy to understand format.

http://www.paterva.com/web5/

UNIX/Linux command line resources

Below are some resources for the UNIX/Linux command line.

http://cb.vu/unixtoolbox.xhtml

http://www.ee.surrey.ac.uk/Teaching/Unix/

http://linuxcommand.org/learning_the_shell.php

http://www.cs.usfca.edu/~parrt/course/601/lectures/unix.util.html

http://www.pixelbeat.org/cmdline.html

http://bhami.com/rosetta.html

http://www.oreillynet.com/linux/cmd/

Priority of network interfaces within Windows

To determine the priority of available network interfaces within Windows, launch a command prompt and use the following command:

netstat –rn

Near the top of the information will be a list of all of the network interfaces and a priority number in a column to the left.  The loopback entry will normally be the lowest.

netstat_rn

If you wish to change the priority list, access the TCP/IP properties for the interface in question and remove the default checkbox for “Automatic metric” and manually enter a value.  A value higher than 1 is probably preferred as not to interfere with the loopback address entry.

automatic_metric

Verify That TRIM Is Enabled In Windows 7

Windows 7 is supposed to automatically detect a SSD hard drive and enable the TRIM function by default.  To verify this setting, launch a command prompt with local administrative authority and type:

fsutil behavior query DisableDeleteNotify

Two results are possible:

0 –> This indicates that TRIM is enabled and working.

1 –>  This means that TRIM is not enabled.

trim_enabled

Friday, October 1, 2010

CopyTrans Manager

CopyTrans Manager is a free application to allow simple transfer of data to an iPod or iPhone instead of using iTunes.  A portable version is available.

http://www.copytrans.net/

Microsoft’s Enhanced Mitigation Experience Toolkit

EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications.  This helps prevent vulnerabilities in those applications (especially line of business and 3rd party apps) from successfully being exploited.  By deploying these mitigation technologies on legacy products, the tool can also help customers manage risk while they are in the process of transitioning over to modern, more secure products.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04&displayLang=en&pf=true

ADRecycleBin

ADRecycleBin (Active Directory Recycle Bin) allows administrators to quickly restore deleted Active Directory objects via an easy to use GUI.  The tool supports Windows 2008 R2 Active Directory Recycle Bin technology, supports Object reanimation in earlier versions of Active Directory, the review  of deleted object, and allows you to restore multiple objects at the same time.

http://www.overall.ca/index.php?option=com_content&view=article&id=40:adrecyclebin&catid=15:adrecyclebinexe&Itemid=64

VMWare Converter

VMWare Converter is a free solution to convert a physical OS to a virtual machine.  The application can currently be found at http://www.vmware.com/products/converter/.  Once the program has been installed on the target machine in question, launch the application and click on the Convert Machine button.

vmware_converter_1

A wizard starts asking the source of the process.

vmware_converter_2

The next screen asks about the destination type and what VMWare product will be used.  The location of the output must have enough free disk space available.  This example is creating a virtual entry to be used with the VMWare Player and using a network drive for the destination area.

vmware_converter_3

The third screen will display the various options available.  Any entry with a warning must be addressed.  In the example below, the number of processor’s by default is incorrect.

vmware_converter_4

If you click on the warning, a description will appear near the top of the screen.  An option is also available to install VMWare Tools within the output.

vmware_converter_5

The warning above is concerning the requirement of Sysprep files for the target operating system in question.  A KB article concerning the locations of the Sysprep downloads for older Windows versions can be found at http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1005593.

Once the files are downloaded, the /x flag must be used to extract the files from the executable.

vmware_converter_6

The Expand command can be used to extract the .cab file into individual files.

vmware_converter_7

The files can then be copied to the path requested by the Converter application.

vmware_converter_8

Once all of the warning notifications are addressed, the final screen of the wizard will display a summary of the upcoming process.

vmware_converter_9

Once started, the main dialog box will display a status of the conversion process.

vmware_converter_10

A KB web page with troubleshooting tips can be found at http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1004588&sliceId=1&docTypeID=DT_KB_1_1&dialogID=110502783&stateId=0%200%20115438180.