Windows Server - add DC to domain
- Details
- Category: technical
- Published on Wednesday, 08 February 2012 20:48
- Hits: 160
Over the past few weeks, we have consistently had an hour or two free each day. As efforts to get some online training haven't yet been approved, we've decided to take matters into our own hands and train ourselves as best as possible.
Around my work area, there are a number of "disposed" workstations and old servers. I have taken the initiative to salvage what can be salvaged, and to turn these workstations into a training server environment. The object was to create a Windows Server 2008 environment, which would be a hands on area to learn and practice server administration. It should simulate real client networks, but be effectively isolated from the real world. (read: a safe place to make mistakes, and to learn both what happens when the mistake is made, and how to correct the mistake, without actually knocking down a client site).
In light of this, I can share a few lessons already learned.
- don't add your dhcp & dns server to Network Load Balancing clusters, unless you really know what you're doing. I added the first two servers to an NLB cluster, and before I realized what went wrong, both servers became inaccessible from the network. (these two servers were serving different roles, and were not identically configured).
- you need to run "dcpromo" from command prompt in order to promote a server to domain controller.
- you'll probably need to run "adprep /forestprep" and "adprep /domainprep" as well, and you'll need more than just domain admin rights to do it.
- DFS (Distributed File System) is just a fancy way of putting a bunch of network shares into one logical share name. Eg. \\serverone\shareone$ & \\servertwo\sharetwo$ & \\serverthree\sharethree$ become visible all in one folder: \\dfsnameservername\folderwithlistofshares$
- If you want these folders to replicate so that each server has an uptodate copy, you'll need to set up replication in addition to DFS.
Are you ready?
- Details
- Category: blog
- Published on Tuesday, 10 January 2012 18:09
- Hits: 271
A thought that flowed through my mind recently, is how do you know when you are ready to start developing? How do you know if you're ready to start hacking?
Some might be tempted to start spouting requirements:
- you need to know 'n' programming language(s)
- you need to know programs 'x' 'y' and 'z'
- you need to understand principle 'abc'
While those dependencies certainly have their place, the best answer I have found (and I admit that it isn't original):
you will know that you are ready when you stop asking "am I ready", and start doing it.
Just do it.
How to crack WPA wireless passwords
- Details
- Category: grey hat
- Published on Monday, 09 January 2012 16:52
- Hits: 546
Quick and dirty guide to cracking WPA wireless networks. Find more details, instructions and information at:
http://www.aircrack-ng.org/doku.php?id=cracking_wpa
Get live-cd or live-usb of Backtrack 5 here. You have a choice of Gnome or Kde, 32 or 64 bit.
Boot from the live-cd, which will automatically login as root. Type "startx" to load the gui. Open a terminal, from the applications menu.
The simplest method, but not necessarily the fastest, uses the aircrack-ng program suite.
Identify your wireless card. Type in "ifconfig" in the terminal, and read the output. Your wireless card will probably be either wlan0 or ath0. For the rest of this guide, we will assume wlan0.
Put your wireless card into monitor mode.
# ifconfig wlan0 down
# iwconfig wlan0 mode monitor
# airodump-ng wlan0
If all goes well, you should see airodump start listing visible wireless networks, and displaying information about them. If you get an error, check google for assistance.
Press "ctrl+c" to close airodump once you see the name of the wireless network you are trying to crack. Run it again, with these changes to the command.
# airodump-ng wlan0 -c <wireless channel> -b <mac address of wireless AP> -w capture.cap
At this point, you will only be capturing packets related to the network in question. Wait until a station connects to the wireless network, and you capture the 4-way handshake. When this happens, airodump will display a message on the top line.
You can force any active stations to disconnect, at which point they will probably automatically reconnect. When they do, you can catch the handshake. To do this, you will use option #0 of aireplay. In another tab, run:
# aireplay-ng -0 60 wlan0 -b <mac address of wireless AP>
If your laptop's signal is strong enough, this will disconnect the station, forcing it to reconnect, and allowing you to capture the handshake. Go back to the first tab, and check on airodump's progress, where you should see the note that a handshake has been captured. If not, try the aireplay command again a few times. If you still don't see a handshake, try getting closer to the access point, a bigger wireless antenne, and double check that there is an active station connected to the wireless network.
Okay, so you've capture a 4way handshake. Now you can pass this to aircrack, which will perform a dictionary attack on the handshake. Depending on the size of the dictionary, this can take a few hours to run through the dictionary.
# aircrack-ng -w <password list> capture.cap
Backtrack has a decent password list at: /pentest/passwords/wordlists/darkc0de.lst
How to crack WEP wireless passwords
- Details
- Category: grey hat
- Published on Tuesday, 03 January 2012 17:35
- Hits: 485
Wireless is ubiquitous. That means it's almost everywhere in the developed nations. Thankfully, most people have been educated about the dangers of using WEP encryption on their wireless networks. WEP encryption has a number of weaknesses, which are well known. The result, is that a mildly interested person can look up steps and guides on how to crack a WEP password, and be able to understand and perform them.
This article demonstrates somebody can break a WEP password in under 30 minutes.
