Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.






Lost Password?
No account yet? Register
Who's Online
We have 19 guests and 2 members online
EH-Net Donations

Enter Amount:
$

Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations





 
Advertisement

You are here: Home arrow Forum
Ethical Hacker Community Forums
December 02, 2008, 09:09:13 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1] 2
1  EH-Net / News Items and General Discussion About EH-Net / Re: EH-Net Storefront Beta on: August 26, 2006, 09:31:12 AM
Great idea! Are we going to see some EH swag?  Cheesy
2  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: is this WLAN being hijacked? on: August 22, 2006, 06:26:06 PM
Maybe I wasn't clear enough.

If he's connected via ethernet, enabling encryption won't effect HIS speed at all and will give him the answer. If he is connected only through wireless his problem probably has more to do with interference from other devices operating in the spectrum and killing his through put being nothing is showing up on the router.

3  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: is this WLAN being hijacked? on: August 22, 2006, 03:45:00 PM
Encrypt your wireless! One, that would answer your question immediately. If you the slow down goes away, problem solved (although I doubt that's the problem). Two, the wireless and wired networks on that router(and most default home routers) are automatically bridged. So everyone in your neighborhood has access to everything you send over the wire.

If you don't, it's just a matter of time before you are 0wn3d (not to mention broke). Point being, someone leaching your bandwidth is the least of your worries.
4  EH-Net / News Items and General Discussion About EH-Net / Re: "Free Monthly Giveaways" - Details on: August 16, 2006, 12:19:29 PM
I don't have a problem with being out of the competition for 12 months although I will admit getting motivated by prizes. Before winning I tried to evaluate everything I posted to make sure it had value and I wasn't just trying to fill the board crap so I don't see any harm in keeping it open either. I'm seeing more and more talented contributors lately so hopefully it won't be an issue.
5  Resources / Tutorials / Re: Rainbow Tables/Crack whitepaper on: August 14, 2006, 04:59:16 PM
I think I'm going to try to go to dual purpose cards. We use prox cards for physical access control. If I make them dual purpose then they have to take them out to go anywhere in the building. Hopefully that will help them get used to the idea of removing them when not in use. LOL@myself. Wishful thinking I'm sure.
6  Ethical Hacking Discussions and Related Certifications / Malware / Re: Microsoft Braces for Worm Attack on: August 14, 2006, 03:00:14 PM
I've seen about ten of these in the wild so far today. Symantec reports it as W32.Wargbot with the newest definitions and Backdoor.IRC.Bot with definitions older than August 13th. The Common Malware Enumeration number is CME-482.

So far I have only seen it attack W2K machines on networks comprised of XP and 2003 Server also. All infections appear to have been contained by antivirus, even with out of date definitions.

The payload appears to be a typcial IRC bot that listens for instructions on port 18067 although I can't confirm that being no machines have been infected.
7  Ethical Hacking Discussions and Related Certifications / Certification / Re: What do you think of NGSEC Security Certification? on: August 14, 2006, 12:10:00 PM
Looks interesting but I must be inept because I couldn't find any information on it. What's the cost, how do you sign up, what's the depth of knowledge? Seems like they had a good idea then never really followed through with it. LOL
8  Resources / Tutorials / Re: Rainbow Tables/Crack whitepaper on: August 14, 2006, 09:26:41 AM
No problem. It actually spurred some more research for me actually which is very timely being I'm rolling out EFS. The biggest weakness being authentication.

It seems after spending hours and hours reading and testing that NTLMv2 passwords over 14 characters seem pretty strong even with a minimum of complexity. I've read it before but never really taken the time to try and crack something that long. Beyond my technical ability for sure but that may only be for a short time. Still going to stick with two factor though. I think if you get into passwords that long you are almost forcing your users to put it on a sticky note. Of course they'll probably just leave their smartcards in their laptops all the time anyway.  Roll Eyes
9  Resources / Mass Media / Re: The IT Crowd on: August 11, 2006, 02:45:05 PM
If you work in IT, this is hands down the best sitcom ever. I've seen all six episodes multiple times and laugh everytime I see it. Great stuff.
10  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: What is the Modes Operandi for an ethical hacker while dealing with new expl on: August 04, 2006, 09:03:42 AM
I recently listened to a podcast rountable that was made up mostly of security professionals and a couple security vendors. This exact question came up and the pannel was split down the middle. Some of the security pros said they wanted to know about the problem immediately so they at least had the information and possibly could put in some type of safeguards to mitigate it. The vendors, not surprisingly, said they should know first so they can start working on a solution.

I don't believe any of the certifications deal with this issue because they all come from the practisioner or manager perspective. New exploits usually come from researchers and real crackers. Completely different animals.
11  EH-Net / News Items and General Discussion About EH-Net / Re: [Article]-July `06 Free Giveaway Winner on: August 02, 2006, 10:58:56 AM
Congrats Kev!
12  Ethical Hacking Discussions and Related Certifications / Other / Re: Challenge on: August 01, 2006, 03:49:17 PM
Most services, even the commercial ones, only have NTLM tables for up to 9 characters max. So basically if you want to use rainbow tables, you're going to have to create your own. I've tried a multitude of available resources and tools. It's an interesting practical exercise that's for sure.
13  Ethical Hacking Discussions and Related Certifications / Other / Challenge on: August 01, 2006, 02:59:48 PM
Have you seen this?

http://weblog.infoworld.com/securityadviser/archives/2006/07/win_money_and_b.html

The guy is offering prizes for cracking his NTLM passwords. The catch is they are long passwords 10-15 characters with varying complexity.

The question I have for you all is what strategy would you use to start cracking these passwords?

I was thinking the best way would be to start generating simple lowercase alpha rainbow tables with a length of exactly 15 characters. The second one just seems like it should be the easiest to tackle first. Am I way off?
14  Ethical Hacking Discussions and Related Certifications / Network Pen Testing / Re: LOA Samples on: August 01, 2006, 01:30:43 PM
Sounds like a good project for the members of EH...
15  EH-Net / News Items and General Discussion About EH-Net / Re: Are you an Obi-wan? on: August 01, 2006, 01:27:12 PM
Oh I motivated her alright!  Wink
Pages: [1] 2
Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Page created in 0.053 seconds with 21 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
During the most recent election, I:
 
Support EH-Net


Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.