Never go to bed mad. Stay up and fight!
Archive for March, 2007
User Account Control – Vista
Mar 27th
During the first looks, the most annoying thing that I felt with Vista is the new UAC feature! Yeah, the traditional ‘Do you really want to go nuts?’ thingy.
Even if you’re in administrators group, Vista pops-up a confirmation window on whether you want to do it or not for
actions. Which is good but I don’t like it though. So here is how you disable it;
1. Start->Run and launch MsConfig
2. Go to the tools tab
3. Go down until you reach ‘Disable UAC’
4. Just click on the launch window
It will popup and command prompt saying that is is disabled. You need a reboot to complete this process so that
you don’t get that annoying thingy anymore.
Basically what it does is disable in the registry. There are other ways (at least 4 ways to achieve the same)
to do it but this seems to be easy in 4 steps.
Now the security center is going to sit with a red alert icon on your task bar if you did this, but anyways…
Tini – Backdoor
Mar 25th
If you understand the attacks, then you would also understand the difficulty of placing a backdoor on some machine/server.
Lets meet ‘tini’ ; as the name is, it is tiny (only 3kb in size) and can run without dragging attention.
So here is the behavior, Tini is an executable which listens on port 7777.
Since it is not a true backdoor it doesn’t execute by itself, someone has to execute it. Now by execute what it means is a simple ‘double click’.
On Host A run Tini
On Host B, open up a command prompt and do this ‘telnet <Host A> 7777′, you will be presented with the command prompt of Host A.
Beware that most of the AntiVirii/AntiSpyware products will identify this one and may cause problems so use it with due diligence. This is more of a useful tool than a destructive tool.
Also it is possible to change the port, all you need is a hex editor to open up the Tini binary
If some one would like to know, I would post that as well.
Finally Vista on AMD Turion
Mar 25th
I got myself another laptop; Compaq Presario V6211 AU with Vista on it.
So this would be my first hands on on Windows Vista - Looks are cool but it eats memory like hell. I don’t know,
I do have 1 Gb of RAM though, still not enough… The wide-screen laptop is cool and had a gist of HDTV
Gotta do more research….
So much of an Appraisal!
Mar 25th
There is this advertisement in Star Network by Times Job Ltd. Where-in a cool dude walks in big and tall, makes his marks on everything he does, on each such event he is elevated! Then finally the paycheck comes, he shrinks like a baloon… with a caption of ‘Salary makes you feel small?’ 
It is pretty funny watching that ad everytime whom I was seeing in an International Television Channel…
Got me thinking big time
Smoke 2.0
Mar 19th
Now that I’m a smoker, I don’t understand if I smoke for the smoke or the Nicotine and since Nicotine patches that I tried didn’t work, I’m going to assume that smoke for smoke is a factor as well
Well, seems like there are Cigarettes now in Italy which doesn’t produce smoke but instead it vaporizes the nicotine. Along with that it is said not to have none of the tar, arsenic, cadmium and formaldehyde of regular cigarettes; Didn’t understand ‘em? , Well I don’t either.
So much for the innovation;
{Click here} to follow more on Wired News…
Ownership vs Availability
Mar 17th
Is Application availability better than Ownership of the application ? Good Question. With the Web 2.0 changes, now google is providing free online document editing solutions. So want to create a word document/save as PDF or RTF ? or create a spreadsheet for your personal finance?
No hazzle using applications for the purpose, no worry buying expensive application packages or download and fiddle with freeware/open source stuff.
Checkout docs.google.com
All Whois…
Mar 17th
Domain Registration Lookup information – on information such as who it is registered to and other details needs a Whois tool. Every network professional do know this one!
Now, all around the world there are so many REGISTRARS and you need different servers
to find the information. First of all that could take some time;
So here is a tip;
www.allwhois.com -> This is a site, you can check the information regardless where/whom it is registered…
Good one for the bookmarking.
Bloody Traffic…
Mar 17th
Excuse my words but I have to say it and I’m sure this one has been on every Bangalorian’s blog discussed over and over again but I have my part to say.
The traffic is so horrible, going to a place takes 15 minutes and come back in the evening
at 7.00, it takes 1.15 hours. I am not much of a roam-around guy, so haven’t noticed it
till now. Going for Sans’ training was horrible I must say, it is only 7 Kms stretch but
the time it takes would for sure take you to hell.
Now is there hope of improvement on this one? I heard someone say the infrastructure
Bangalore has right now can only afford to have 30 percent of vehicles that is there now!
So no hope, as well on both sides of the road there are shops /malls and think of every damn thing it is there.
I do acknowledge the fact that it is mostly driven by the prevailing conditions here.
I own a car and 90 percent of the time I travel ALONE! A 5 seater car with one guy in it, now if you look at every IT park roads, this would be the condition. If you were to sit down there and take a count of vehicles and people travelling, you could eliminate about mostly 50 percent on the vehicles itself.
Now you ask me why did I buy a car then while there are Autorickshaws still present still on Indian roads. Oh yeah, you want me to pay 40 bucks to go 1.4 Kms precisely??? I’m not game, more or less it ain’t a prestige problem but convenience. I am okay if somebody cheats me without telling me but not with my knowledge – Nobody would want to be an idiot, one would presume…
SANS-504 DayVI…
Mar 17th
Last day of the training, winded with RootKits and Revealers…
So altogether for the money that is paid in India for SANS 504 course if worth spending on!
NTFS Alternate Data Stream (ADS)
Mar 16th
Ever heard about this ? I’m sure some of the network admins have gone haywire on this one!
Well, windows NTFS has a feature called Alternate Data Stream. In simple words, if I have
a file that I want to hide, how would I do it?
Well, hackers do it pretty well :-)
Scenario:
1. Hacker wants to use somebody else’s machine for storing his huge files. Now if he access it
and store it in there, the owner at some point would delete it for sure. Without Owner even
noticing that, how do they do it? -> You have alternate data stream as your answer :-)
So say there is a text file (Owner’s file) called Personal.txt of size 32 kb and the huge file that needs to be hidden is Movie.mov, then this is how you do it on an NTFS partition;
type Movie.mov > Personal.txt:Movie.mov
Then delete the file Movie.mov; Done
If the owner/administrator looks at that file, it will show the file size as 32kb itself.
Now, how does the hacker take it when he wants? Say he wants to play that file, then;
start Personal.txt:Movie.mov
Done, his movie file will be launched.
How is this done? Well, the data is stored in streams and you basically redirect the ’wrong’
stream to the ’Personal.txt’….
There were pandamonium created by this some time back on ISP’s servers or so I heard.
How do you detect it as a Network administrator ? Because you have 1 file of 32kb size and
your whole disk of 10 GB is full :-(
Even the ’dir’ command will show only the parent file’s size.
There is a command line tool called ’LADS‘ which will list it!
Not just that, Microsoft realized it and now has a provision to do it; { Read }