| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13
Comments:
<0> it wouldnt be able to logon to the AD
<0> hopefully the AD admin would have set only the nessicary services to run
<0> however from personal experience they dont
<1> well what if one of those where compromised?
<1> becuase I can control services remotely w/o AD
<0> you mean turn them off and on?
<1> right
<0> right.. i'm talking about changing one
<0> it's because of ITs like you that makes me wanna burry my money in my back yard
<1> your silly attempt at an insult is irrelevent to this argument
<2> And then bofh shows up... great :PD
<2> ?? humiliation <<<--- Oh this one better be in there
<0> i've already proven my point.. from get go.. you cant check every computer constantly no matter what.. and with out ad you're behind before you even start moving
<1> are you not familiar with WMI?
<0> lets say you have 3 to even 15 it's possible.. but after that you're just working your *** off
<1> you've proven nothing to me
<0> i guess we'll see
<1> see, your problem is, that you are so set in your ways, that you won't even consider that there is more than one solution
<0> no no.. listen.. i understand what you're doing
<0> im telling you from a security point of view
<0> it's just not even closely as secure
<0> from an IT view.. sure it's fine you get the stuff done
<1> first, i'll admit, i'm still trying to verify some things - the SAM issue is at or near the top of the list.
<0> yes
<0> let me tell you
<3> found my problem guys
<0> if the auditors cant get in.. and i guarentee they will get admin in under an hour.. that's what they'll use
<0> but let me tell you
<3> the cpu fan thermal heat sink is just a poor design, the fan conceals the top of the heatsink
<3> so it looks very clean
<0> if you're updating soley on windows updates.. then you're behind constantly
<0> because they are slow as **** at releaseing
<3> but i removed it and the top of the heatsink was just totally muffed with dust making it suffocate
<0> you would've been 4 days behind when the WMF exploit came out
<0> did you go muff diving jupitar?
<3> about too :)
<0> hehe
<1> well, okay - that acdtually is something i'm looking into .. i was wondering about that today
<1> what kind of lag is there before it gets to AU
<1> it did get announced today, that WMF thing, and it was released.. though i'm not sure what time. I have the machines set at 12 noon to check
<0> what?
<0> wmf was like 3 weeks ago
<0> maybe more
<1> wait, let me pull it up, so i'm sure we talking about the same thing
<0> lol k
<1> i'm talking about this: http://secunia.com/advisories/18852/
<1> but what, you are saying that sometimes they don't release hotfixes and security updates until later.. for the automatic updates?
<1> like getting it to people who have SUS .. they get it beforehand?
<0> no that's not even a quarter as dangerous as the other one was
<4> anyone heard of www.computertraining.com?
<0> not i dj
<0> sarbanes no what i'm saying is that windows is just slow *** at getting fixes out
<0> like a person/group may release an exploit today.. **** microsoft deffinatly wont have it fixed for the next 2 days
<4> windows server 2003 certification is highly valued in the industry
<1> what do you mean? as soon as I get hotfixes, I can just put them on samba, and execute scripts on all machines to silent install them
<0> right.. but how often do you go and check for them?
<0> you were telling me you left windows update do it
<0> let*
<1> that's the manual way, i have the automatic updates set too
<0> you mean vice versa
<0> alrite.. first of all. tommorow. when you go to the place.. i want you to open up a security template snap-in and compare 5 computers to the securews template see what comes up
<4> encrypt u know anything about firmware hacking?
<4> for dvd drives?
<0> a little but im not into it
<0> there's all kinds of forums about that stuff though
<4> oh ok
<0> check google
<4> i thought you might live up to your name "encrypt"
<1> i've not messed with the security templates, i could try it
<0> haha
<1> though I have the MSBA running on them and they at least are compliant to that
<1> i mean MBSA
<4> encrypt u know anyone in the biz of firmy hacky?
<0> not the biz but i know some people that do it
<4> thats what i mean lol
<1> what i am looking into is how secure/insecure the sam file is.. it looks like you can crack it easily with weak p***words .. and loooking it up in a rainbow table
<1> but what about a long p***phrase
<4> i need someone to teach me how to hack the xbox 1 firmware
<0> sarbanes you can crack it with the longest p***word possible lol
<0> dj there's about 10,000,000,000 forums about that
<4> xbox 1 firmware?
<5> Why hack the firmware djc04? What are you trying to do?
<0> yea
<5> www.xbox-scene.com
<4> if u can hack the firmware you can make it play backups
<1> ok please explain, without the irc-lol attitude
<4> without a modchip
<4> xbox scene yes yes
<4> we all know about xbox scene
<0> in reality all you gotta do no matter what you wanna do for xbox is just a softmod hack to the bios
<5> Haha.. djc04, search for ndure softmod
<4> drexyl i have it
<0> too late drexyl i beat you
<5> Hehe
<0> softmod is the way to do
<4> i already have a softmod
<0> mod chips **** me balls
<4> i want to hack the firmware damnit!
<5> Definatgely, I've done about 10 of my mates
<5> TSOP?
<1> you see, the "irc-lol-techie" attitude, is to respond "lol" to every question, because you seem to know the answer. And really, it's about giving yourself an ego boost, rather than offering out a helping hand
<4> DVD firmware
<4> xbox 1 dvd firmware
<5> Oh sorry
<5> sarbanes, go shove it up your ***.
<1> where i come from, i don't boldly state things unless i have confirmed it for sure
<4> if you could hack the firmware, you could play xbox 1 games on live!
<4> backups i mean
<4> but noone here can help me out i dont think...
<5> Probably not, we're not an Xbox channel.
<4> true
<4> but firmware is firmware
<1> EnCrypt: you say you've messed with cracking the SAM file - why would you brute force it if you can get it from a rainbow table?
<5> He's gone.
<3> argh, i cant find my artic silver 5 tube
<1> oh yeah
<1> the more i read about cracking the SAM, the more i believe people overtrivialize it
<1> especially brute forcing - sure launch a dictionary attack against a weak p***word
<2> As many security professionals will say: "It's not a question of how much power is required to break a p***word... it's just a question of 'How much time will this take?' because they can all be broken..."
<1> isn't the ***umption a weak p***word? the SAM itself doesn't seem to be the problem, it's the key length
<1> well, okay then is this true: "you can crack it with the longest p***word possible lol"
<1> sure given enough time, you can for the strongest p***word you can store in the SAM
<1> possible, yes. probable no.
<2> It's that 'probably no.' thing you worry about, not the other stuff, because it's just when you think it can't happen that you're being called in to explain the hows, the whys, and how fast can you clean out your desk
<1> right, what i mean is, given the correct strong p***word .. that probability would be like 1 in some astronomically big number
<2> These days, it's not that tough
<1> well okay, i guess there is no way i can stop someone from copying the sam file off a laptop
<1> that they take home
<1> then given that scenario.. i could say.. "well they don't know how to do it" ... then .. you could say "someone else could like their kid brother"
<2> The basic gist of it is: nothing is secure anymore, anywhere, at any time
<1> then i coudl say "well it's theoretically strong enough for him to not beable to brute force it" .. . but then you could argue " maybe he has access to some distributed, grid network!"
<2> http://www.infosecwriters.com/hhworld/hh9/lmcrack.htm <<<--- Doesn't take a network, one PC is more than enough these days
<1> and BAM, whatever random 48 character string you made that contains a mix of letters numbers and symbols can be cracked!
<1> for weak p***words yes.
<3> system is running cooler at 54 degrees C
<3> that still seems high, what ya think?
<1> "design goal of LMCrack was to identify weak p***words in the shortest time possible"
<2> There are databases of hash files out these days, billions of possible variations of p***words that are fairly easy to just do lookups against, only takes a few minutes most times
<1> possibly, i know of the ones from http://www.antsight.com/zsl/rainbowcrack/ and the tables you can bittorrent from schmoo
<6> BLAH
<1> but each of those are for a certain format
<1> just the old lm p***words right?
<2> Newp
<1> Newp?
<2> Newp = Nope
<6> blah
<6> it's annoying when you cant sleep
<2> Tell me something I don't know :P
<6> not to mention i have this stupid interview tomorrow
<6> of course, the lady got me the exact opposite of what i was looking for.. ****ing call-center
Return to
#winxp
or
Go to some related
logs:
cardiac surjury
#politics
#networking
#nintendo
#stocks
#politics
ztod pass irc
#slackware
#hardware
netsh interface ipv6 add route
|
|