VAST is a Linux-based security distribution specifically designed for pentesting VoIP and UC networks. It enables security professionals and UC administrators to rapidly perform VoIP security assessments and enumerate vulnerabilities in IP Phones or IP PBX servers in a lab environment.
Sunday, December 2, 2012
Gbridge is a free software that lets you remotely control PCs, sync folders, share files, and chat securely and easily. An extension of Google's gtalk service, Gbridge automatically forms a collaborative, encrypted VPN (Virtual Private Network) that connects your computers and your friends' computers directly and securely with patented technology.
Windows Firewall Notifier (WFN) extends the default Windows embedded firewall behavior, allowing to handle outgoing connections, and displaying (almost) real-time information about the current connections.
Saturday, December 1, 2012
Windows 8 has a refresh option available. Instead of reinstalling the operating systems and all data files, the refresh process has the following features:
1. Your data files as well as personal settings will be retained.
2. The PC Settings will be returned to the defaults.
3. All application not installed via the Windows Store will be removed; those installed via the Store will remain.
In this example, we have installed Notepad++ and created a shortcut on the desktop.
We have one Windows Store application and a few test files within the Documents folder.
To start the refresh process, access the PC Settings area. Click on General section. The user account in question must have local administrative authority.
With the proper authority, the wizard should display.
The original media may be required.
Once the media is available, click on the Refresh button.
The boot screen should display information on the process after the required restart.
When logged back in, the Notepad++ application was not to be found but the two test files under the Documents folder were still present. Also present was the Windows Store application.
Sunday, November 4, 2012
Internet Explorer version 10 includes a Flash plug-in by default. But only certain web site URL’s are “whitelisted” and can use Flash by default. To view the list of “approved” sites, access the iecompatdata.xml file under an account’s profile.
Open the file in a text editor and search for the string <Flash>. A list of URL’s should be present underneath.
Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests. Cookie Cadger is a graphical utility which harnesses the power of the Wireshark suite and Java to provide a fully cross-platform, entirely open-source utility which can monitor wired Ethernet, insecure Wi-Fi, or load a packet capture file for offline analysis.
Saturday, November 3, 2012
WinToBootic is a free tool that allows you to create a bootable USB flash drive for installing Windows 7 or Windows 8. The application supports an ISO file, a DVD, or a folder as the boot disk source. It’s a standalone tool that doesn’t require installation.
File system alignments are important in a virtual environment. If a partition within a virtual machine is not aligned correctly, additional load can be placed on the storage array. Windows 2008 R2 by default should use the correct alignment parameters, but older Windows versions may not. To check the alignment, launch a command prompt with administrative credentials and use:
wmic partition get BlockSize, StartingOffset, Name, Index
Divide the StartingOffset by the BlockSize. In the example below, the value would be 63. This would be an example of a misaligned partition. The offset value of 32,256 is a common value for a misaligned file system.
The value for the next example would be 2048 for the first partition. This partition has correct alignment.
More information concerning this command can be found at http://support.microsoft.com/kb/929491.
Sunday, October 7, 2012
VMware has a pre-built appliance named VMA (VMware Management Assistant) that offers an alternative to the VCLI offering. During the initial configuration of version 5.1 of VMA, a password must be set. But regardless of the complexity of the value, an error would be returned stating the password was too simple. The following value was accepted as the initial password during setup:
To disable the complex password requirement, use the following procedure.
1. Log in as vi-admin and use the sudo –s command.
2. Use the command pam-config –d –cracklib.
3. Use the exit command.
4. Use the passwd command to enter a new value.
Thursday, October 4, 2012
TCP/IP cannot be uninstalled with recent versions of Windows. To “reset” TCP/IP for troubleshooting purposes, launch a command prompt with administrative privileges and use the following command:
netsh int ip reset c:\logname.txt
Another command to use if an issue persists would be:
netsh winsock reset
A Fix-IT option is available at http://support.microsoft.com/kb/299357 for resetting TCP/IP.
Network Stuff is a portable collection of essential networking tools that include a TCP/UDP/CGI port scanner, Whois lookup, DNS resolve, TCP/IP statistics, IP to MAC address conversion (ARP), Wake On LAN and an ICMP ping tool. In addition, the program also includes a RAW packet sniffer, a transparent proxy server and generic client/server modules that allow you to test TCP and UDP communications.
PoSHStats is the first free and open source reporting tool of Hyper-V Resource Metering. PoSHStats runs on your Hyper-V server to get detailed statistics like CPU, Memory, Disk and Bandwidth usage of your virtual machines. It's possible to get daily, weekly, monthly usage statistics of Virtual Machines. Also PoSHStats gets hourly performance data of your Hyper-V host to monitor your virtualization environment.
Monday, October 1, 2012
Fingerbank is a web site that has a database of DHCP fingerprint. A DHCP fingerprint is an almost unique identifier for a specific operating system or device type. Due to the broadcast and pervasive nature of DHCP, DHCP fingerprinting is a very low-cost low-effort way to do passive system identification and inventory.
To change the product key for Windows 8 and Server 2012, launch an elevated command prompt and use the following command:
slmgr.vbs /ipk license key
Saturday, September 8, 2012
Within Windows 8, tiles can be removed from the start screen by performing a right-click on the entry in question. A menu bar should appear at the bottom of the page with an option to “unpin” the tile. A selected tile will have a check-mark in the top right-hand corner of the box.
Large tiles can be made smaller and vise versa by selecting the tile and using the menu bar.
To name a group of tiles, click on the minus icon near the bottom right corner of the screen.
This action should “zoom out” the start screen.
Right-click on a group of tiles, which should display a Name group option.
Click on the Name group icon and enter a value for the group.
When returning to the start screen, the name should appear above the group.
To create a new group, select a tile and drag it to the left or right until a grey bar appears.
Monday, September 3, 2012
Sunday, September 2, 2012
PerfView is a performance analysis tool focusing on ETW information (ETL files) as well as CLR memory information (heap dumps). It can collect and view ETL files as well as XPERF CSV files. Powerful grouping operators allow you to understand performance profiles in ways other tools can't.
Saturday, September 1, 2012
Sudo runs a single command with root privileges. By default, Ubuntu remembers the password for 15 minutes. To get a full root shell, use the sudo with the lowercase i.
To enable the root user account, use sudo passwd root command.
Permissions can be assigned to a user to use sudo via the visudo command.
Measurement Labs offers a collection of various tools from different sources to test your internet connection and perform diagnostics.
Thursday, August 9, 2012
Wednesday, August 8, 2012
Tuesday, August 7, 2012
OSFMount allows you to mount local disk image files (bit-for-bit copies of a disk partition) in Windows with a drive letter. This application supports .ISO as well as VMWare’s Image format of .VMDK.
Monday, August 6, 2012
Friday, August 3, 2012
Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques.
Wednesday, August 1, 2012
Several options are available within Linux to find files or folders. The locate command is different than the find command in that it uses a previously built database. The database is updated periodically via a cron job, but it can be updated manually by the sudo updatedb command.
The –b option allows search criteria to be specified.
The which command returns the absolute path of the executable that is called when a command is issued. The default only displays the first matching executable; the –a option all matching entries.
The whereis command returns where the binary, source, and man page files for a command are located.
Wednesday, July 11, 2012
One disadvantage of Server Core with versions prior to Windows Server 2012 was an option was not available to switch back and forth; once a server was configured to use Server Core, it had to be re-installed to restore the GUI. Windows Server 2012 introduces the option to enable or disable the GUI with a reboot. A few different methods are available, but below are the PowerShell commands to accomplish the task.
Either line below will remove the GUI from a non-Core installation of Windows Server 2012. A reboot will be required.
Remove-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra
Uninstall-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra
Either line below will restore the GUI with a Core configuration. A reboot again will be required.
Add-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra
Install-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra
NAS4Free is an embedded Open Source Storage NAS (Network-Attached Storage) distribution based on FreeBSD. This project is a continuation of FreeNAS 7 series project. FreeNAS 8 is based on nanoBSD where as NAS4Free is based on FreeBSD 9.x, hence the name change.
NAS4Free supports sharing across Windows, Apple, and UNIX-like systems. It includes ZFS v28, Software RAID (0,1,5), disk encryption, S.M.A.R.T / email reports etc. with the following protocols: CIFS (samba), FTP, NFS, TFTP, AFP, RSYNC, Unison, iSCSI (initiator and target), UPnP, and Bittorent which is all highly configurable by its web interface. NAS4Free can be installed on Compact Flash/USB/SSD key, Hard disk or booted from a LiveCD with a small USB key for configuration storage.
Tuesday, July 10, 2012
This tool detects and tries to fix some frequently occurring issues with the setup of or with updates to the Microsoft .NET Framework.
Calibre is a free and open source e-book library management application developed by users of e-books for users of e-books. It has the option of converting from different file formats as well as syncing with some e-readers.
Monday, July 9, 2012
The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes the replication status for domain controllers in an Active Directory domain or forest. ADREPLSTATUS displays data in a format that is similar to REPADMIN /SHOWREPL * /CSV imported into Excel but with significant enhancements.
Sunday, June 10, 2012
PowerShell version 3 that is included by default with Windows 8 and Windows Server 2012 offers a new DNS lookup cmdlet. The Resolve-DNSname can resolve DNS information, and offers options such as DNS record type and which server to use for the query.
AES Crypt is an open source file encryption software product available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files. For the Windows platform, separate versions are available for GUI or command-line.