NetBIOS Null Sessions are elementary and a first stop for anyone performing system recon. They should always be turned off, and this link is a nice reminder of the issues, the dangers, and the fixes.
Month: June 2006
cracking wep on windows
Wow, just wow! This is one of the hottest and best links I’ve seen in a long time. I HAVE to try this out. I’ve worked on cracking WEP before on my neighbors, but I always had to resort to using a livecd Linux install (since I don’t have a permanent Linux box around). Cracking WEP with Windows XP is a huge, detailed, complete article which I am tempted to actually copy/print just to make sure I always have it.
This was found whilst checking out a site I’d not seen before: wardriving.com.
im lock to lock down im apps
IM Lock sounds like it can lock IM programs from operating in Windows. I think this can be better solved with software policies and audits, and removing admin rights for users. And the method to get around all of the above, using stand-alone, non-installable “underground” apps for IMs still works regardless of any of these methods. So…might be interesting in case someone wants something like this.
windows xp firewall gui tool
A GUI for the Windows XP firewall sounds like a wonderful idea…if there weren’t better firewalls out there that I trusted more, like ZoneAlarm or Sygate. Still, might be cool to try out.
roguescanner
RogueScanner is a rogue wireless access point detection tool. Pretty cool…and it’s free! Also peek at the other free tools available here, Packtyzer (Ethereal front-end, as if there needs to be another one…) and BlueScanner which scans for BlueTooth devices. To be honest, both of the scanner tools are pretty nice for being free tools!
winsshd: windows ssh server
WinSSHD is not a free app, but is still one of those rare Windows-based SSH servers. A few other tools to download on their site as well.
spaceobserver and treesize
Spaceobserver and Treesize are some interesting and well-equipped tools for storage utilization analysis on systems. Free evaluations are well-worth it.
honeybot: honeypot for windows
HoneyBot has been released and is a honeypot app for Windows. This is pretty downright cool, and I need to find a box/place to put this up sometime…link found through Darknet. There’s two systems I’ve wanted to have for sometime: a honeypot to play with people/apps that break in and a firewall/sniffer that just collects traffic and statistics.
end-point security tools
Security Wizard/Talisker/NetworkIntrusion.co.uk has a site up giving a round-up of end-point security tools. This is especially popular due to the heightened emphasis on end-point security lately, in particular laptops and other mobile devices.
This site is more than just a host for their radar, but also compiles huge lists and summaries of a lot of security tools, in as non-biased a way as they can.
external attacks – overview
This is a monster article on external attacks, largely from the point of view of Linux since this was in a Linux magazine. Many books cover this entire spectrum in hundreds of pages, but this article condenses it down nicely, albeit it is really packed with info.
rrdtool to monitor wireless link
This is an awesome article on how to use RRDTool to monitor a wireless network.
create own services in windows
Creating services in Windows is one of those frustratingly annoying things that many people would love to do, but is typically difficult to find information on how to do it. In fact, you can’t really do it unless you’re a programmer or you have some extra tools from Microsoft. I guess this prevents every John Doe Idiot from completely screwing up their computers with crappy service lists. I am happy to have found this quick post on how to create your own services.
managing the prefetcher
Not many people realize there is a component to Windows XP called the Prefetcher. Even fewer desktop/system support people realize the significance of it. This prefetcher for Windows keeps a cache of a lot of programs downloaded by Windows, and acts independently of IE. So if you clear your cache in IE, your downloaded files might still be found in the prefetcher. Most people are tipped off to this location only after a piece of malware has been downloaded (automatically or by accident) and a copy was saved in the prefetch area of Windows, generating an AV alert pointing to this location. This short link is a start to managing the prefetcher cache.