If you’re like me that test pretty much any os and apps in some sort of virtual environment. In my case I use VMware Workstation, so when I decided to test Backtrack 4 final, I needed to install the vmware Tools, and here I go over the commands needed to install the vmware tools.
1- First go to VM->Install Vmware Tools (the figure shows as Reinstall VMware Tools because I had previously installed it) but yours should say “Install”
After you have created users accounts, and let those users loose on your somputer, there are different commands you can use to keep track of how they are using your computer. There are commands for checking such things as who is logged into your system and getting general information about the users with accounts on your system. Here are some of these commands.
last #list the most recent successful logins
root@ubuntu-box:~# last -a smbuser pts/2 Fri Sep 25 06:37 still logged in windows-box jorge pts/1 Fri Sep 25 06:35 still logged in windows-box jorge pts/1 Fri Sep 25 06:34 - 06:35 (00:00) windows-box wtmp begins Fri Sep 25 06:34:52 2009
lastb #List the most recent unsuccessful logins
root@ubuntu-vbox:~# lastb smbuser ssh:notty windows-box Fri Sep 25 05:36 - 05:36 (00:00) jorge :0 Fri Sep 18 17:28 - 17:28 (00:00) jorge :0 Fri Sep 18 17:28 - 17:28 (00:00) jorge :0 Fri Sep 18 17:27 - 17:27 (00:00) jorge :0 Fri Sep 18 17:27 - 17:27 (00:00) jorge :0 Fri Sep 18 17:27 - 17:27 (00:00)
who -u #List who is currently logged in (long form) Read the rest of this entry »
Windows Vista contains a handy hint mechanism for helping you recall you password if you’ve forgotten it. But what about if you’ve completely forgotten both your password and the interpretation of the hint. In that situation your work and email will be locked inside your computer (Well, ok, probably your administrator could recover it for you or reset your password). Fortunately, Windows Vista still offers a solution to this problem. Note that this only work before you actually forget your password; in other words, you have to make the disk while you still have access to your computer. In this case Vista will be saving your password to a usb disk or cd that you will insert in case you forget your password. Should I mention that you should put this key in a save place! Although the key is not stored in clear text inside your cd or usb key, it can be read by someone with some serious know-how.
To create this disk: Read the rest of this entry »
Some times you need to keep a close watch on a machine that has been compromise; therefore, you might want to see the logs in real time. Well, ”tail” allows you to watch the logs in real time. Most systems related messages are logged to the “messages” log file, and security related messages are send to the “secure” log file. In the later you can find successful and unsucesful login attemps. So the “secure” log file is a good place to start when you are trying to identify whether someone has tried to break in to that box.
tail -f /var/log/secure
or
tail -f /var/log/messages
Now you can try login from a remote box or locally and watch the logs scroll down in real time. These are some logs file that might be of interest.
tail -f /var/log/secure #security related messages tail -f /var/log/messages #system messages tail -f /var/log/maillog #mail server messages tail -f /var/log/httpd/access_log #web server messages
Moreover, the “grep” command can be quite useful for parsing through logs files. In this case, the grep command is use to search the “secure” log file for the string “jorge.” The -R switch is to specify the string, and the -n switch for displaying the line number.
[root@Fedora11-vbox ~]# grep -Rn smbuser /var/log/secure 81:Sep 26 11:55:04 Fedora11-vbox useradd[2233]: new group: name=smbuser, GID=501 82:Sep 26 11:55:04 Fedora11-vbox useradd[2233]: new user: name=smbuser, UID=501, GID=501, home=/home/smbuser, shell=/bin/bash 83:Sep 26 11:55:26 Fedora11-vbox passwd: pam_unix(passwd:chauthtok): password changed for smbuser 85:Sep 26 12:00:37 Fedora11-vbox passwd: pam_unix(passwd:chauthtok): password changed for smbuser
The “grep” command can also be used to search multiple files recursively. This command searches in the “/etc/httpd/conf” and “/etc/httpd/conf.d” directories for the string “VirtualHost.” Read the rest of this entry »
VNC is considered to be an insecure protocol. The password is sent using fairly weak encryption, and the rest of the session is not encrypted at all. For that reason, when using VNC over an untrusted network or internet, I recommend you tunnel it over SSH.
To forward VNC port 5900 on localhost to remote host port 5900
ssh -L 5900:localhost:5900 vncserver
If your ssh server is listening on other port like: 222
ssh -L 5900:localhost:5900 vncserver -p 222
The same procedure can be done on a window$ machine using putty Read the rest of this entry »
These steps apply to both Linksys wireless access points (WAPs) and Linksys DD-WRT wireless routers. Of course, DD-WRT wireless routers have additional security precautions that need to be taken on the router and wireless side.
1-Change the password – With all Linksys routers and access points, it is extremely important to change the device’s default password. Login to your router and enter the default password. The version of the firmware or the router that you are using will determine where the Change Password button is located. Make sure you find it. This is the single most important step. Change the default password and choose a password that contains both numbers and letters. This will reduce the possibility of your password being guessed or hacked.
2-Change your SSID – The SSID is the shared network name that all devices run on a wireless network. The name is case sensitive and should be no longer than 32 characters. You can use any keyboard character you choose when renaming the SSID. The default SSID of the Linksys access point or wireless broadband router is set to Linksys. It is highly recommended that you change the SSID to a unique name other than the default. Read the rest of this entry »
Ophcrack live cd is by far the best windows password recovering/cracking tool out there, because of its simplicity and how fast it cracks relative complex passwords, it cracked my 11 character password in less than 3 minutes, and if you are a Network Administrator or computer users in general, you could absolutely appreciate the usefulness of this tool. The tool is open source and free to download and use (at your own risk )… the technology it uses for breaking the windows password is “Rainbow Tables” and is a Time-Memory trade off. An easy way of describing this would be that Tables of possible Hashes are precomputed so that you can iteratively compare the windows hashes to precomputed bits and piece together the hash and its value more quickly than brute-force guessing. Well in this article we will go over the process of cracking a Windows XP password. (The process is the same for Vista except you would download the Vista live cd). Read the rest of this entry »
Subscribe
Designed By :
