I've always been uneasy about browsers capability to store passwords for sites you visit. Seems no one talks about this, but I've always restrained from using it, seeing how this kind information would be the motherload for any curious wannabehacker.
Today I came across the tools to do just this, extract stored passwords, in plaintext.
The accused are Nirsofts;
Protected Store PassView - http://www.nirsoft.net/utils/pspv.htmle
Network Password Recovery - http://www.nirsoft.net/utils/network_password_recovery.html
IE7 Password - http://www.nirsoft.net/utils/internet_explorer_password.html
All of the above works on XP, though only IE Passview paidoff with Vista. It returned a networklogon password onto a network computer and the google password. And this without any administrative privileges! Now, obviously this requires local access but imagine an intruder has gained access to your work computer while your at home or something like it. He would only need plainuser access to run this! From that he/she could extract your company network logon username and password. Easy enough to use this as an bridgehead into given companynetwork.
What do we learn from this? Never save passwords in any form of credentials manager!
Monday, March 24, 2008
Saturday, June 02, 2007
Virtual visions visualises with Vista
My first dust with Vista was short. Had it for a day. a lot of bling bling and then bac k to xp and ubuntu. Well since I bought a stronger computer I thought it was time to actually get to know the "new os of tomorrow". I suppose we all have to, at some point. Well, at least they implemented a nice event manager in Vista now. Really nice with filtered searches, possibility to save them och so on.
Anyway, that's not really why I posted this.
Well, im running Vista. Got 2GB memory. What can do with this? The answer is, run my own private virtual network. That's right, perfect conditions to set a couple of virtual clients and servers, maybe try out Server 2008, see how that's working. But here is the big "but", finding a virtualization software that runs on X64 Vista isn't a walk in the park. MS own Virtual Server R2 kept shutting me down, wouldn't even run installer. Xen Virtualization complained about my x64 bits processor, that was obviously, not, ok. Vmware was my first choice, knowing I would wanna run the machines from my linux systems, but that also had a... mysterious... teasing ability. I would run the installer, make my installation choices and entered installpath, the installation would run, almost finishing then ROLL BACK in last seconds. Without any warning or explaination!
Well I thought MS own virtualization software would run, so I left vmware alone and tried the other softwares. And they failed also. So I searched the net for solutions to Vmwares, and I found it. Enjoy.
1. Download VmWare Server 1.0.3
2. Open a cmd windows with admin rights
3. />Bcdedit.exe /set nointegritychecks ON
4. />bcdedit -set loadoptions \”DISABLE_INTEGRITY_CHECKS
5. Run VmWare installation program with admin rights
6. Ok unsigned drivers.
This will remove driver signing, supposedly forever, I had to "ok" a few unsigned drivers to complete the Vmware installation. So the startup-configuration program ( bcdedit), denied access to installer before. Strangely enough it claimed that the drivers was useless and incomplete after the installation. But the program still worked to my satisfaction.
Vista just worries too much, kinda like my mother... computers just got a little less cool...
Reference:
http://www.vmware.com/community/thread.jspa?threadID=79979&tstart=0
Anyway, that's not really why I posted this.
Well, im running Vista. Got 2GB memory. What can do with this? The answer is, run my own private virtual network. That's right, perfect conditions to set a couple of virtual clients and servers, maybe try out Server 2008, see how that's working. But here is the big "but", finding a virtualization software that runs on X64 Vista isn't a walk in the park. MS own Virtual Server R2 kept shutting me down, wouldn't even run installer. Xen Virtualization complained about my x64 bits processor, that was obviously, not, ok. Vmware was my first choice, knowing I would wanna run the machines from my linux systems, but that also had a... mysterious... teasing ability. I would run the installer, make my installation choices and entered installpath, the installation would run, almost finishing then ROLL BACK in last seconds. Without any warning or explaination!
Well I thought MS own virtualization software would run, so I left vmware alone and tried the other softwares. And they failed also. So I searched the net for solutions to Vmwares, and I found it. Enjoy.
1. Download VmWare Server 1.0.3
2. Open a cmd windows with admin rights
3. />Bcdedit.exe /set nointegritychecks ON
4. />bcdedit -set loadoptions \”DISABLE_INTEGRITY_CHECKS
5. Run VmWare installation program with admin rights
6. Ok unsigned drivers.
This will remove driver signing, supposedly forever, I had to "ok" a few unsigned drivers to complete the Vmware installation. So the startup-configuration program ( bcdedit), denied access to installer before. Strangely enough it claimed that the drivers was useless and incomplete after the installation. But the program still worked to my satisfaction.
Vista just worries too much, kinda like my mother... computers just got a little less cool...
Reference:
http://www.vmware.com/community/thread.jspa?threadID=79979&tstart=0
Thursday, May 17, 2007
Firefox going up in flames
Everyone who is in into computers and internet today have seen how the browser is getting more and more power. Rich applications are being developed by the dozen and standard programs are getting less and less spotlight. Well, unless you're a gamer then. Many professionals are saying the browser is becoming more and more like an OS. This is nice and all, but now I'm gonna get to the point. For the last 6 months or so, firefox has been acting kind weird when it's running under XP. It's behaving more and more like explorer.exe, that is hogging all the memory doing... what does an OS do on a saturday night? I dunno, but it shouldn't do stuff when I'm not.
To the point, I've been using Ubuntu the last year so I haven't been so disturbed by the fact that I've fixed it. Now however I've looked into it.
It seems that a LOT of people are having the same problem on the net. One would think it would be easier for me just to point towards the right direction. One would think...
Here's how it supposed to be solved. Doesn't do much, but it does something.
1. In firefox addressbar: about:config
2. Add new integer, name it "browser.cache.memory.capacity"
3. As value type -1
4. Depending on how much RAM give above new value:
RAM 128-512 : 5000
RAM 512-1024: 15000
To the point, I've been using Ubuntu the last year so I haven't been so disturbed by the fact that I've fixed it. Now however I've looked into it.
It seems that a LOT of people are having the same problem on the net. One would think it would be easier for me just to point towards the right direction. One would think...
Here's how it supposed to be solved. Doesn't do much, but it does something.
1. In firefox addressbar: about:config
2. Add new integer, name it "browser.cache.memory.capacity"
3. As value type -1
4. Depending on how much RAM give above new value:
RAM 128-512 : 5000
RAM 512-1024: 15000
Wednesday, January 31, 2007
The case of the mysterious dns
My internet connection has been acting strange lately. Internet is working fine when I start the computer, but I can't access my internal network. So I do an />dhclient and I can access the internal network, but not the WAN. Truly annoying. First I explored the option of this being a problem with the ipv6 protocol, so I disabled as far as my abilities could handle. But this only made it work temporarily. Then I noticed that my standard gateway was pointing to an, to me unknown, dns address, 192.168.200.2 when my real dns is 192.168.0.1. I change this, and everything is working again. But it just keeps coming back. I try to make /etc/resolve.conf read-only, and again, it's only working for a short while then it's right back at that mysterious dns.
After surfing around www.ubuntuforums.org for a while I finally find something that so far seems to be working. Here's what needs to be done:
in file "/etc/dhcp3/dhclient.conf" look for this segment :
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, host-name,
netbios-name-servers, netbios-scope;
Remove "domain-name-servers,"
and at the line "#prepend domain-name-servers 127.0.0.1;
I changed 127.0.0.1 to my DNS 192.168.0.1 and removed the commenting sign #.
This procedure tells the system not to ask the router for it's dns information and what dns it SHOULD use. Apparently this is a problem that's not uncommon with routers from certain companies that begin "D" and end with "Link". See I can keep a secret!
Anyways this has been a truly annoying problem I can't for the life of me see WHY the company would construct such a designflaw. Well, I suppose it could be Ubuntu, but hey, why blame them, they're free!
I'm sooo loking forward to getting my new Linksys router! Cheap stuff always mean more work, unless it's Cisco that is, thats a lot of work anyways.
Now but most current problem is avoiding those godforsaken DOS attacks and little scriptkiddies who keep scanning me. Couldn't they at least try to hide it? Now I have to after them. Well my first move in this defence stance is going to be finding a way to handle all my firewall logs. As of now I'm sending them to my email, and there no great way of screening them there... If only there were some sort of online syslog server I could deliver them to, and filter there too then obviously. I'm starting to consider building a phpscript that can filter them for me. Only problem is that I have to find some way to handle emaildeliveries. I could leave a computer on round the clock to handle these things, but since I'm living in a very small apartment I'm not too happy about the idea of having a server humming all night long just to keep track of the firewall logs.
Sigh. I will have to look into this further...
References:
http://ubuntuforums.org/archive/index.php/t-140225.html
http://www.ubuntuforums.org/archive/index.php/t-231965.html
After surfing around www.ubuntuforums.org for a while I finally find something that so far seems to be working. Here's what needs to be done:
in file "/etc/dhcp3/dhclient.conf" look for this segment :
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, host-name,
netbios-name-servers, netbios-scope;
Remove "domain-name-servers,"
and at the line "#prepend domain-name-servers 127.0.0.1;
I changed 127.0.0.1 to my DNS 192.168.0.1 and removed the commenting sign #.
This procedure tells the system not to ask the router for it's dns information and what dns it SHOULD use. Apparently this is a problem that's not uncommon with routers from certain companies that begin "D" and end with "Link". See I can keep a secret!
Anyways this has been a truly annoying problem I can't for the life of me see WHY the company would construct such a designflaw. Well, I suppose it could be Ubuntu, but hey, why blame them, they're free!
I'm sooo loking forward to getting my new Linksys router! Cheap stuff always mean more work, unless it's Cisco that is, thats a lot of work anyways.
Now but most current problem is avoiding those godforsaken DOS attacks and little scriptkiddies who keep scanning me. Couldn't they at least try to hide it? Now I have to after them. Well my first move in this defence stance is going to be finding a way to handle all my firewall logs. As of now I'm sending them to my email, and there no great way of screening them there... If only there were some sort of online syslog server I could deliver them to, and filter there too then obviously. I'm starting to consider building a phpscript that can filter them for me. Only problem is that I have to find some way to handle emaildeliveries. I could leave a computer on round the clock to handle these things, but since I'm living in a very small apartment I'm not too happy about the idea of having a server humming all night long just to keep track of the firewall logs.
Sigh. I will have to look into this further...
References:
http://ubuntuforums.org/archive/index.php/t-140225.html
http://www.ubuntuforums.org/archive/index.php/t-231965.html
Friday, December 08, 2006
a small announcement
I would just like to take this oppertunity and declare my love for 'prototype.js'. Thats all.
Friday, November 24, 2006
Installing Ubuntu - no strings attached
I have a farily old laptop. An old HP Omnibook 6100 with no more than 1Ghz and even less RAM. The thing was that I bought it used, so things weren't exactly tiptop shape. The cd for example, was barely managing it. BIOS didn't support usb-device boot. Now 2 years after that barely justified purchase, the cd has gone to wherever cd:s go when they're not responding anymore. CD heaven, CD hell or just CD gone for ever. On this computer I had installed Windows XP, a good choice at the time since I didn't know better. Safe to say it went slow. I needed a reinstallation, but the cd didn't work and my windows had decided that was not orignal anymore. Kept complaining that I had been fooled and that my OS wasn't honestly bought. So I decided to install ubuntu on it, since everything goes so, so, so slow on windows. Searching the net, the google way I finally found the solution. A Ubuntu installation that didn't require more than 10Megs and an internetconnection. Could this be true?
Oh yes it is, and here is how is was done.
1. First make sure you aquire some unallocated space on your harddrive. I did this when I had XP installed so I used Partition Magic to create some, or a lot in my case since I was planning on removing the windows partition after a successfull installation.
2. Next I downloaded the Ubuntu kernel at
http://archive.ubuntu.com/ubuntu/dists/edgy/main/installer-i386/
current/images/netboot/ubuntu-installer/i386/
Here I downloaded the files : linux and initrd.gz.
I placed these two files in my root, in a directory named boot ( c:\boot )
Next step was to download the grub, so I could boot the installation.
http://sourceforge.net/projects/grub4dos/
The only files we need from this package is "menu.lst" and "gldr"
So extract the package and place "menu.lst" in c:\boot\grub\
and "grldr" in c:\
Next we edit "menu.lst" so it'll find our ubuntu. Open file in your favourite texteditor and add the following at the bottom.
title Ubuntu Installer (hd0,0)
kernel (hd0,0)/boot/linux vga=normal ramdisk_size=14972 root=/dev/rd/0 rw --
initrd (hd0,0)/boot/initrd.gz
Now edit c:\boot.ini, if you don't know where it is, simply open the commandshell ( RUN > cmd ) and enter this :
/> attrib -a -r -s -h c:\boot.ini
Open boot.ini in a texteditor and add the following at the bottom:
C:\grldr="Start GRUB"
3. Reboot, choose "Start Grub", scroll down to Ubuntu installation and live happily ever after.
This is the way all operating systems should work!
References :
http://ubuntuforums.org/showthread.php?t=28948
http://marc.herbert.free.fr/linux/win2linstall.html
Oh yes it is, and here is how is was done.
1. First make sure you aquire some unallocated space on your harddrive. I did this when I had XP installed so I used Partition Magic to create some, or a lot in my case since I was planning on removing the windows partition after a successfull installation.
2. Next I downloaded the Ubuntu kernel at
http://archive.ubuntu.com/ubuntu/dists/edgy/main/installer-i386/
current/images/netboot/ubuntu-installer/i386/
Here I downloaded the files : linux and initrd.gz.
I placed these two files in my root, in a directory named boot ( c:\boot )
Next step was to download the grub, so I could boot the installation.
http://sourceforge.net/projects/grub4dos/
The only files we need from this package is "menu.lst" and "gldr"
So extract the package and place "menu.lst" in c:\boot\grub\
and "grldr" in c:\
Next we edit "menu.lst" so it'll find our ubuntu. Open file in your favourite texteditor and add the following at the bottom.
title Ubuntu Installer (hd0,0)
kernel (hd0,0)/boot/linux vga=normal ramdisk_size=14972 root=/dev/rd/0 rw --
initrd (hd0,0)/boot/initrd.gz
Now edit c:\boot.ini, if you don't know where it is, simply open the commandshell ( RUN > cmd ) and enter this :
/> attrib -a -r -s -h c:\boot.ini
Open boot.ini in a texteditor and add the following at the bottom:
C:\grldr="Start GRUB"
3. Reboot, choose "Start Grub", scroll down to Ubuntu installation and live happily ever after.
This is the way all operating systems should work!
References :
http://ubuntuforums.org/showthread.php?t=28948
http://marc.herbert.free.fr/linux/win2linstall.html
Tuesday, November 21, 2006
Creating a RIS server
It's been a long day, but finally I managed to get the Remote Installation Service working! So I thought I would try to document the steps needed here for future usage, and because I didn't find any reliant tutorial on the net.
As I sit here now, my laptop next to me is now installing Windows XP. It took some doing but never the less, it was a success. Now the ironi of this is that I'm only installing XP so I can get rid of a GRUB gone haywire, so I can reinstall Ubuntu. My laptop is a bit old now, the cd has gone bad, no usbboot available. In other words, no removeable media is going to do it. PXEBoot was sort of my last option, otherwise I probably would have given up a long time ago I'm sad to say.
Enough backstory, let get to it!
Step 1. Making sure you ready to RIS ( Remote Installation Service )
What you need:
- Windows Server 2003
- DNS (Domain Name Server)configured and ready
- AD (Active Directory) active
- DHCP (Dynamic Host Configuration Protocol scope authorized - An NTFS partition other than your systempartition.
When installing Server 2003, make sure to save some unallocated diskspace or create a partition other than your systemdrive. Remote Installs need to be installed on a ntfs partition other than the one on which the server is operating on. Depending on how many OS versions you need, make sure the partition is big enough.
I hadn't partitioned my Server drive so I used Acronis Partition Expert to create another partition. Partition magic is usually a good choice, but sadly it doesn't support Server 2003. I only used 900MB for the partition which is a bit low, 2-3GB leaves room for the future.
First of make sure that everything is working correctly. Try to connect to the domain from an xpclient and make sure distributed ipadress is logical to your dhcp-scoope. I myself had some trouble with this in the early stages. I wanted to use my router as dhcp distributor, but that didn't go over at all. In the end I set up my clients and server on a seperate networksegment to avoid conflicts.
Easiest way to set up this services is using "dcpromo" (runs from "run prompt"), it's a wizard that sets up AD for you, and if you haven't installed DNS, this guide does it for you. Really the easiest way to install it, if you're a n00bie with DNS.
But it doesn't do it all for you. You still need to configure an reverse lookup zone. In the DNS management console (msc), rightclick on reverse lookup zone and create a new primary zone. Here you define the subnet on which your dns operates. eg for example if you're dhcp scoope is 192.168.0.2 to 192.168.0.254, your subnet would be 192.168.0 .
Not really sure if this is necessary for the RIS server, but it can't hurt can it?
Next you need to make sure your TCP/IP configuration is correct.
Go to your network connection and check properties on the TCP/IP protocol.
Your default gateway should be the same IP as the DNS server. Same goes for primary dns. So put the DNS IP here, or the loopback address should also work (127.0.0.1).
Another pain is the windows firewall. If your clients can't connect to the Active Directory Server, check that the firewall is turned off. Another good reason to do this on a separate networksegment. You could apply a group policy on the DNS to allow traffic for AD and FRS(File Replication Service), but that's a whole other story. I've seen good guides for this on the net, so go fish.
Also make sure there is a user in the AD you can use when installing from PXEBoot, not sure how much privileges he'll need but I made him a member of Domain Admins and Remote Users, just in case.
Step 2. - Installing RIS
Allright! You're domain is functioning perfect! Time to install Remote Installation Service.
You'll find it in "Control Panels >Add or Remove Programs >Add components > Remote Installation Service"
You'll probably need Server 2003 installation disc at this point.
When it's installed and ready. Run Remote Installation Service from Administrators Tools. Here you will configure where you want to put the remoteInstallation files, eg your second ntfs partition. You'll also be prompted to insert an installation CD for the OS you want to remote install.
Step 3. Why doesn't it work?
After you've rebooted, you're good to go.
Or so they say.
I had used a swedish installation cd for my XP, which caused some problems. Sure enough, the client PXEbooted and started the installation screens. (FYI :\remoteInstall\OSChooser\Welcome.osc) But when it came to choosing language it got grumpy and crashed. What I did was that I copied all the files in \remoteInstall\OSChooser\Swedish to \English (which I created in the samefolder) . This made the installation go a bit further but then it started to complain about User Privileges and OS images.
So I renamed \remoteinstalls\Setup\Swedish to English and what do you know?
Not it works perfectly.
Now I only need to install the grub and get my ubuntu flying again!
As I sit here now, my laptop next to me is now installing Windows XP. It took some doing but never the less, it was a success. Now the ironi of this is that I'm only installing XP so I can get rid of a GRUB gone haywire, so I can reinstall Ubuntu. My laptop is a bit old now, the cd has gone bad, no usbboot available. In other words, no removeable media is going to do it. PXEBoot was sort of my last option, otherwise I probably would have given up a long time ago I'm sad to say.
Enough backstory, let get to it!
Step 1. Making sure you ready to RIS ( Remote Installation Service )
What you need:
- Windows Server 2003
- DNS (Domain Name Server)configured and ready
- AD (Active Directory) active
- DHCP (Dynamic Host Configuration Protocol scope authorized - An NTFS partition other than your systempartition.
When installing Server 2003, make sure to save some unallocated diskspace or create a partition other than your systemdrive. Remote Installs need to be installed on a ntfs partition other than the one on which the server is operating on. Depending on how many OS versions you need, make sure the partition is big enough.
I hadn't partitioned my Server drive so I used Acronis Partition Expert to create another partition. Partition magic is usually a good choice, but sadly it doesn't support Server 2003. I only used 900MB for the partition which is a bit low, 2-3GB leaves room for the future.
First of make sure that everything is working correctly. Try to connect to the domain from an xpclient and make sure distributed ipadress is logical to your dhcp-scoope. I myself had some trouble with this in the early stages. I wanted to use my router as dhcp distributor, but that didn't go over at all. In the end I set up my clients and server on a seperate networksegment to avoid conflicts.
Easiest way to set up this services is using "dcpromo" (runs from "run prompt"), it's a wizard that sets up AD for you, and if you haven't installed DNS, this guide does it for you. Really the easiest way to install it, if you're a n00bie with DNS.
But it doesn't do it all for you. You still need to configure an reverse lookup zone. In the DNS management console (msc), rightclick on reverse lookup zone and create a new primary zone. Here you define the subnet on which your dns operates. eg for example if you're dhcp scoope is 192.168.0.2 to 192.168.0.254, your subnet would be 192.168.0 .
Not really sure if this is necessary for the RIS server, but it can't hurt can it?
Next you need to make sure your TCP/IP configuration is correct.
Go to your network connection and check properties on the TCP/IP protocol.
Your default gateway should be the same IP as the DNS server. Same goes for primary dns. So put the DNS IP here, or the loopback address should also work (127.0.0.1).
Another pain is the windows firewall. If your clients can't connect to the Active Directory Server, check that the firewall is turned off. Another good reason to do this on a separate networksegment. You could apply a group policy on the DNS to allow traffic for AD and FRS(File Replication Service), but that's a whole other story. I've seen good guides for this on the net, so go fish.
Also make sure there is a user in the AD you can use when installing from PXEBoot, not sure how much privileges he'll need but I made him a member of Domain Admins and Remote Users, just in case.
Step 2. - Installing RIS
Allright! You're domain is functioning perfect! Time to install Remote Installation Service.
You'll find it in "Control Panels >Add or Remove Programs >Add components > Remote Installation Service"
You'll probably need Server 2003 installation disc at this point.
When it's installed and ready. Run Remote Installation Service from Administrators Tools. Here you will configure where you want to put the remoteInstallation files, eg your second ntfs partition. You'll also be prompted to insert an installation CD for the OS you want to remote install.
Step 3. Why doesn't it work?
After you've rebooted, you're good to go.
Or so they say.
I had used a swedish installation cd for my XP, which caused some problems. Sure enough, the client PXEbooted and started the installation screens. (FYI :\remoteInstall\OSChooser\Welcome.osc) But when it came to choosing language it got grumpy and crashed. What I did was that I copied all the files in \remoteInstall\OSChooser\Swedish to \English (which I created in the samefolder) . This made the installation go a bit further but then it started to complain about User Privileges and OS images.
So I renamed \remoteinstalls\Setup\Swedish to English and what do you know?
Not it works perfectly.
Now I only need to install the grub and get my ubuntu flying again!
Subscribe to:
Posts (Atom)