HackThisSite.org shows you how you can employ a number of hacking tricks to do bad stuff, but hopefully it will serve to show developers how to avoid these common avenues of attack.
Category Archives: Security
Effectiveness of CAPTCHA
CAPTCHA screens help keep bots from flooding sites like this one with spam.
I use a very basic CAPTCHA on the comments section.
Here are 2 articles talking about the effectivness of CAPTCHA, and ways that people can beat it.
Resetting Domain Admin Passwords
I have been researching ways to reset a domain admin password for a client who forgot what they typed in when they set the password.
Most password crackers work only on local accounts, not for anything on a domain. It seems like the way to go about this is to reset the local admin account, then login using Directory Service Recovery Mode to reset the domain admin account.
Here are some of the articles I have been reading:
http://www.jms1.net/nt-unlock.shtml <– this idiot won’t let you view his pages if you are running IE, so use firebox, but again, that’s just stupid
http://www.nobodix.org/seb/win2003_adminpass.html
http://home.eunet.no/~pnordahl/ntpasswd/
http://www.loginrecovery.com/about.html
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
Backup/Restore Cisco Pix Configuration
To do this you
- Need a TFTP server running (solarwinds)
- Need to telnet into the device
- Need to be in enable mode
First to make the backup:
write net 192.168.1.2:MyBackup.pixconfig
where the IP is the IP of your TFTPserver
Then to restore it later, you need to enter config terminal mode first and then restore the file:
config term
configure net 192.168.1.2:MyBackup.pixconfig
and there you have it…
The changes will take immediate effect, but you will still need to write them into the non volatile memory, or the changes will be lost when you reboot the device.
Resetting a PIX password
Here is a quick trick for resetting a pix password:
http://www.tech-recipes.com/cisco_firewall_tips639.html
You need console access to do so.
Some Good Links For Updating Cisco PIX Devices
Problem getting PDM running:
http://www.experts-exchange.com/Security/Firewalls/Q_21611023.html
Installing PDF on a Pix Firewall:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/pdm_ig/pdm_inst.htm
Upgrade/Update/Flash a Cisco Pix:
http://www.windowsitpro.com/Article/ArticleID/20281/20281.html?Ad=1
Change Password on Pix:
http://www.linuxhomenetworking.com/cisco-hn/dsl-pix.htm
Backing up Cisco router settings
Working with Cisco products is not an everyday event for me, but when I do work with them I want to make sure I backup the config files before I do anything.
To do this you can follow the instructions on this page:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_tech_note09186a008020260d.shtml#tftp
You can also download a free TFTP server at this location:
http://www.solarwinds.net/Tools/Free_tools/TFTP_Server/
Free Anti Virus Software Options
Slashdot recently posted a question from a user asking what the best free anti virus options are.
The response can be seen here:
http://ask.slashdot.org/article.pl?sid=06/05/22/1310211
Moving a Network
This weekend I helped a client of mine move their computer system to a new factility. In the new location I racked up and configured an HP Procurve switch, and 2 Cisco APs.
All in all the move went well. I had some problems getting into the Procurve at first. I think the problem was a bad serial cable, but in the end I got it working right.
We didn’t quite have enough ports on Procurve, so I uplinked a couple of their old switches until I could procure some more modules for the HP.
The Cisco 1100 APs had great range. I was able to blanket the entire facility with WIFI access. Pretty nice!
Chris May 