Government Security
Network Security Resources

Jump to content

Photo

Tips :)

security windows
  • Please log in to reply
91 replies to this topic

#16 Guest_ElCapitain_*

Guest_ElCapitain_*
  • Guests

Posted 02 September 2003 - 03:09 AM

Another way of getting around the lack of run command in the start menu is to open a command line shell (C:\%windows%\%system32%\cmd.exe or C:\%windows%\%system32%\command.com ) and then type 'start' without the quotation marks followed by a space and the the path and name of the executable you want to run.

Ill try and see if i can find any more tips.

#17 RELiC

RELiC

    Corporal

  • Members
  • 163 posts

Posted 13 September 2003 - 06:07 PM

Pathping:

Windows 2000 and Windows XP includes a command-line utility called "pathping," which is a useful network diagnostic tool that combines and enhances the powers of "ping" and "tracert".

Entering a remote address (either a machine name or an IP address) results in a listing of all network addresses between your machine and the destination address. It then sends a series of pings to each of the listed nodes and compiles a packet-loss report. With the default settings, this will take a few minutes to complete.

To speed up the process and still get a representative report, you can use the -q parameter to set the number of pings (default is 100)
and -p to set the time between pings (default is 250ms, or a quarter second).

Open the command window by clicking Start and then Run, and open cmd. Then in the command window, type:
pathping -p 100 -q 20 www.remoteaddress.com substituting the remote address you want to test.

The first thing you will notice will be a fast traceroute followed by an estimated wait time for the report to generate. The report will detail number of pings sent and returned. Since pathping shows the degree of packet loss at any specified router or link, you can pinpoint which routers or links might be causing network congestion.

to check a block of IPs you could use the following :
echo off & for /l %n IN (1,1,254) do ping 192.168.1.%n

Let's dissect the command. The first three elements (echo off & ) are actually the first of two commands and are optional. It simply makes the output a little neater. The for loop has the following structure: FOR %variable IN (set) DO command

The /l parameter specifies the type of number set used by the loop (in this case, a series of numbers defined by the contents of the parenthesis (1,1,254) ). What this tells the for loop is to number a series from 1, incremented by 1 and through number 254.

The ping command is the action taken by the for loop. The for loop substitutes a series of number variables as the last part of the IP address through each loop.

So hope you find this tip useful, if you are going to make a batch file out of it. remember to use double percent signs on the variables.

#18 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 16 September 2003 - 06:20 AM

great tip relic, never knew that.

#19 Guest_happydud_*

Guest_happydud_*
  • Guests

Posted 23 September 2003 - 08:13 PM

Just one more way to get around those pesky security features windows puts in. It's an easy one, but it's also easy to cover up, and doesn't require any advanced know-how.

You click on start, but all that's there is programs, settings (and all that's there is printer stuff), and shutdown. I want to run my DOS prompt!! But they disabled right click, and disabled everything.. you can't even see your own C drive!! (Yet..) (like a lot of schools do)

Go to any folder (preferably out of the way..), and go File --> New --> Shortcut. From this point, you can do almost anything. In about 5 minutes, I found several hidden network drives, my C drive, command prompt (type: command into the shortcut thing), allllll sorts of goodies. The irony of this was, the folder I found a lot of grades and stuff was called "Goodies on U" (U is the drive letter). Irony is a cruel mistress.

#20 agamemnon

agamemnon

    Sergeant

  • Members
  • 200 posts

Posted 24 September 2003 - 06:32 AM

Another way, which I descovered before using your method. Was to open notepad (or any program for that matter) and go: File-->Open and then keep pressing backspace and you'll return to the C: drive. To run programs all I had to do, was drag right click from the program to the desktop, and then run the newly created shortcut.

Same result. Probably takes longer. But always good to know several ways of doing one thing :)

Cheers

#21 RELiC

RELiC

    Corporal

  • Members
  • 163 posts

Posted 31 October 2003 - 01:31 PM

You've probally done it a dozen times today: pressed the Caps Lock key when you really wanted the Shift key. To stop this bother, turn on an alarm sound that alerts you whenever you press Caps Lock, Num Lock, or Scroll Lock.

1. Click Start, Settings, Control Panel.
2. Double-click the Accessibility Options icon
3. Click the Keyboard tab and then click to put a check mark in the Use ToggleKeys box.
4. Click OK.


That oughta slow down any wayward fingers.

../

#22 Guest_wicked_*

Guest_wicked_*
  • Guests

Posted 30 November 2003 - 12:16 PM

A Wealth of information there Dissolutions :D

Very , Very interesting Read Indeed...

Saved to archives for future Refference.


wkd..

#23 RELiC

RELiC

    Corporal

  • Members
  • 163 posts

Posted 06 December 2003 - 02:47 PM

Restricted to full extent on a Win2k/Xp System and you want to get a command prompt.
But you cant get to run cause it's not listed in any folders or anything (full restrictions).

open notepad, and the first line should just say "cmd /t:02" .
save it as "prompt.bat" somewhere and then double click it.

If the "cmd" is disabled by admin, you can use "command"

../

#24 as0l0

as0l0

    Sergeant

  • Members
  • 248 posts

Posted 07 December 2003 - 05:13 PM

In Windows 2000, when you open My Network Places and expand the Entire Network tree, the directory icon would provide the ability to
browse the Active Directory.

This feature is missing in Windows XP.

You can add support for Active Directory browsing in Windows XP by copying the %SystemRoot%\System32\dsfolder.dll library
from a Windows 2000 installation that is running Service Pack 2 or higher.
After you copy the library to the %SystemRoot%\System32 folder on your Windows XP computer, you must register the library:
regsvr32 dsfolder.dll

credit to http://www.mike-tech...nxp&article=226

#25 gman24

gman24

    Specialist

  • Sergeant Major
  • 643 posts

Posted 09 December 2003 - 09:03 PM

Public Database:

Public databases constantly have holes in the way thier system is set up, allowing private record access with little or no work. I have been able to get alot of information on someone (A freind) from private records being put in public record databases by mistake as well. Information in public records is one way to gather information for a social engineering attack.
This site contains a list of public records.
http://www.searchsystems.net/


Detecting simple spoofed headers and gaining the Ip of the e-mailer:

Received: (qmail 25587 invoked from network); 10 Dec 2003 01:51:10 -0000
Received: from unknown (HELO xxx.xxx.com) (xx.xx.xxx.xx) by xxx.xxx.xxx with SMTP; 10 Dec 2003 01:51:10 -0000
Received: (qmail 32157 invoked from network); 10 Dec 2003 01:51:06 -0000
Received: from unknown (HELO xxxx) ([xx.xx.xx]) (envelope-sender <xxx@xxx.xx>) by xxx.xxx.x.xx (qmail-ldap-1.03) with SMTP for <xxx@xxx.xx>; 10 Dec 2003 01:51:06 -0000

Make sure that the (envelope-sender <xxx@xxx.xx>) matches with the e-mail address that is in the from portion.

Received: from unknown (HELO xxxx) ([xxx.xxx.xxx]) (envelope-sender <xxx@xxx.xx>) by xxx.xxx.x.xx (qmail-ldap-1.03) with SMTP for <xxx@xxx.xx>; 10 Dec 2003 01:51:06 -0000

Also make sure the portion @xxx.xx matches with the "(HELO xxx.xxx.com)" from the below portion. Basically making sure it came from that network.

Received: from unknown (HELO xxx.xxx.com) (xx.xx.xxx.xx) by xxx.xxx.xxx with SMTP; 10 Dec 2003 01:51:10 -0000

The Ip of the person who e-mailed can be obtained from the X- Originating ip header. Some mail programs don't have that header though. In that case you can get it from the last recieve " (xx.xx.xxx.xx) by ".

Received: from unknown (HELO xxx.xxx.com) (xx.xx.xxx.xx) by xxx.xxx.xxx with SMTP; 10 Dec 2003 01:51:10 -0000


If these headers are present they make things easier

X-Originating-Email: [xxx@xxx.com]
X-Sender: xxx@xxx.com


Look if they match with
From: "xxxxx" <xxx@xx.com>

#26 Guest_akis_*

Guest_akis_*
  • Guests

Posted 10 December 2003 - 04:48 AM

:lol: a nice game you can discover if you have excel http://www.eggheaven...jump.cgi?ID=148 it's actually working!

#27 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 10 December 2003 - 07:17 AM

now that is cool

#28 m0n

m0n

    Private First Class

  • Members
  • 38 posts

Posted 19 December 2003 - 10:11 PM

For windows XP Pro, How would I add the "Open With" option to ANY FILE after right clicking it. I see the option is available with most programs but something without an extension (*.) the option is not available. Thanks in advanced.

#29 as0l0

as0l0

    Sergeant

  • Members
  • 248 posts

Posted 21 December 2003 - 04:49 PM

hold down shift and right click.

#30 Buluemoon

Buluemoon

    Specialist

  • Members
  • 116 posts

Posted 21 December 2003 - 07:21 PM

This is a great thread, a ton o f great tips that actually work. Keep em coming. :D





Also tagged with one or more of these keywords: security, windows