At first I thought this was a lame story since I figured you could just password rover the routers and switches but... It is possible... even with password recovery that is on by default, can be changed so that the boot break process in all the routers and switches could not accessible.. In highly secure networks you might want to turn off the boot break process and this prevents access to the confreg commands that can allow you to reset the password. So if the City really wanted in they would have to wipe all the devices and reset them. To re build a large network from scratch it could take weeks to months since 90% of the people on the network do not know the per-port design and how the VLAN's and links are routed. Now I am not agreeing with the administrator for locking other officials out but with sensitive records like HR he really could of been protecting the city to meet compliance like PIC,SOX, hippa & more...

Interesting little story...


Brian

Wow... Interesting post Rich. It just goes to show you the community is very open to both traditional and non-traditional ways of life. I do not think I could deal with more than one woman but for those that can more power to them.

Cheers,

Brian

Depending on the requested service it could be LM or NTLM with a challenge hash. Cain can also brute force and dictionary attack this kind of hash.

Brian

same here!

I have seen the OQO and I have to say it's nice but the price will get you, and the battery life is not the best. I would also say go with the Nokia but not the N810 since it only has 1 micro SD slot but get the N800. The N800 is the same as the 810 but dose not have a keyboard or GPS but it does come with (2) SD (Full size) slots that support up to (2) 16 Gig SDHC cards. I have one with (2) 8 GiG cards and it is too cool. It also takes a normal Nokia cell phone battery so you can get extra battery's cheap on e-bay for like $4.00. My N800 last for 4-7 hours with wifi and 8 hours just with music. I would highly recommend the N800 and you can use a bluetooth GPS and keyboard if you want. All in all I am very happy with the N800 and as a side note it is hackable and can run custom Linux distros and have a full open source community making all sorts of cool apps and tools for it!

my 2 cents

Brian

Aka Slimjim100

I recently took a job where I could work from home to make sure I had more time for the wife and kids. Let me tell you one thing working from home is soooo much harder than going into an office as there are a billion more distractions at home and 3 year olds do not understand daddy is in his office so we have to keep it down. I have to say I actually get more work done and have more time with my kids but I do feel I have to work alot harder to get things done. For some time I was just carrier focused and it almost cost my marriage so I had to sit down and find a balance.  Trying to find that balance sometimes puts you in a place where you have to make real hard decisions.

my 2 cents...

Brian

BTW: Don that was a awesome talk. I was going to listen to it while working but I found myself not working and just listening.

It's all good sorry to flame I just took the post the wrong way.

Cheers,

Brian

shakuni,

 inherently flawed???

 I just gave my option and just because I said I used this software and did not have problems does not me I was 100% secure and I think just about everyone here knows this... The original poster was asking about peoples opinion on AV software.

Yes we all know if a computer is turned on it's possibly vulnerable to many security risks...

Sorry to reply in a flame like manor but the whole "got my point?" thing just rubbed me wrong.

Brian

I have used AVG for years and I upgraded from the free version to the paid version to support them. AVG has not let me down yet but I also understand no one vendors product will 100% secure you.

Brian
aka Slimjim100

Hey MillWall Welcome abroad!

  Here is a post to some real good Wireshark training posted by Manu Zacharia. http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,2185.msg9196/#msg9196

I would highly recommend watching all the presentations listed in his post as they are easy to follow and can be downloaded for later viewing. The
Man-in-the-Middle ARP Interceptions one was awesome and I recommend every here to look at that one as it is similar to what I presented at Chicagocon a few months back. Anyway you are in the right place to learn just make sure to search the forums before asking questions as many questions have been answered in the past threads.

Regards,

Brian
aka Slimjim100

I have an N800 but I use it for a MP3/Video toy. I also have an Nokia E61i phone I use with the N800 to have Internet anywhere. It's a nice toy but hacking from such a small device would prove to strain your eyes. Anyway I would highly recomend the N800 over the N810 since the N800 can support Two full size SD cards up 16Gig in size each. It's like a 32gig touch screen tablet but a lot smaller. I also use it as a VoIP Cell phone to call all over the world. Anyway it's nice but it is also a little slow so do not expect a 2Ghz PC.

I got the N800 after looking at spending $250 or less on a toy and I decided on the N800 over the EEEPC.


Brian

Well funny you should ask as not all the domain mis-spells are bought. Since i have the inside on how some ISP's work I will let you know that if your DNS is from the ISP it is sometimes an extra revanew source to redirect the non-existing domain names to a paid service to point you too ads. I am not saying your ISP is doing this but try a whois on the domain that comes up and if it is not registered them you know the redirect is being done at the DNS server you are using.

Brian

Works now Registration free!

Thanks Chris!

Brian

I will see yall there!



Brian

I do work for an ISP (I see tons of phishing calls for help to the Abuse@myisp.com) and I would like to see an e-mail address from the real domain before offering too much help as Yahoo e-mail addresses are free. If you truly need help with security you might want to post a real e-mail address you can post it like bob.smith (at) Mikrotik (dot) com to avoid spam. But till you show a way to prove you do work for the ISP it would be hard for most of the members here to help you ethically.

Brian