mirrorshades

Agents of the Revolution
  • Content count

    941
  • Joined

  • Last visited

Everything posted by mirrorshades

  1. Bah.
  2. Just wondering who out there is a licensed ham? No need to drop your callsign... but there seems to be a pretty good level of interest and experience here. I've been licensed since 1991, but once I left high school I never really did much with the hobby. Trying to get back into it now. Extra points for including your license class. I have a "real" General ticket... back from the days of the 13 wpm code test (though I couldn't do it today, even if threatened).
  3. Interesting write-up (if a bit lacking in detail) on the National Security Agency's "Red Team" of penetration testers: http://www.popularmechanics.com/technology...aw/4270420.html
  4. In my neck of the woods, it is mainly AIX, Solaris, and RHEL.
  5. You will need to do this with some sort of scripting language; you can use client-side scripting (i.e. JavaScript, JScript) or server-side scripting (ASP, PHP) for that kind of effect.
  6. Subject more or less says it all. Anyone know a decent way to evaluate the %PATH% environment variable on a Windows box, remotely? (Like, in such a way that would be practical to script it and execute against a large number of machines at once.) I have banged my head on this for several hours now and have not come up with a useful solution... has to be able to run against a default install of the OS, not an option to install a third-party app. And a follow up for extra points... Windows 2000/2003, anyone know a magical way to "fix" the upper limit of 1024 characters in the path? (Again, in a manner that would suit bulk maintenance instead of one at a time clickey-clicking.) If anyone can provide a decent answer/solution for either or both questions, I will officially drink a beer in your honor.
  7. Well, no... it depends on what is installed on each one.
  8. Even though it's been done, I feel the need to respond to a couple points: Welcome to the Big Leagues. This is for my job, where I am in fact a part of a team that maintains several thousand servers. And, in fact, the company I work for is probably midsized technology-wise compared to some of the big behemoths out there (how many servers do you think IBM, Google, or Microsoft have running?). Well, again... these are servers, so they don't just restart every single day. In fact, it would be a Very Bad Thing if some of them did. There are some that only reboot 3 or 4 times a year under highly controlled conditions. Also when considering servers (as opposed to desktop/workstation PCs), a startup script is not a reliable means to execute something since an interactive logon may happen rarely, if ever. We do have a tool that allows us to run arbitrary commands on-demand, so that part isn't an issue. (It was just a problem with getting the remote value locally.) The network share idea is decent, but the problem there is that the network is so segmented there is no way to guarantee that our internal firewalls will allow Windows filesharing traffic from any given point to any other given point on the network. Enterprise-level network administration is a peculiar beast; a lot of the conventional wisdom or best-practice guidelines either can't be practically adhered to or were beat down by middle and upper management politicking. It is a fascinating world for someone like me, who cut his teeth on smaller Mom and Pop type networks.
  9. Problem with a startup script would be the need to restart the server. Also, that's not very bulk-friendly since I would have thousands of files to sift through. I have found a workaround that gives me what I need... it doesn't look like there's an in-built way to get at it with 2000/2003.
  10. http://fastmail.fm/ Edit: Actually, I lied. The free service doesn't offer POP3, but they do let you do IMAP. Should work just as well, I had one I used with Thunderbird for a long time.
  11. I'm guessing you've got some sort of financial interest in this project -- either someone has hired you to write this kind of proxy server, or you've written something that you're hoping to market at large. As you'll probably discover or have already, there's not a lot of love on the Internet for spammers. Most people abhor spam and go out of their way to get as little as possible. (Of course, there is still money to be made, so I can understand where you're coming from.) The problem you're likely to run into is that, because most people are violently anti-spam, there are a lot of resources put forth to blocking/removing spam and also retaliating against spammers -- and a lot of people/companies will do this without financial compensation, simply because they hate spam so much. To offer some (admittedly unsolicited) advice, you are probably going to end up in a losing battle. Spammers must constantly be "on the run" -- open relays are shut down or blacklisted, ISP accounts are locked or terminated, IP addresses are blocked. You will need to ask yourself if you think that whatever financial gain you expect to make is worth the hassle and headaches. I'd also suggest, as a moderator, that you please do your best to keep your interaction on this topic civil in the BinRev forums. What you are asking has extreme potential to begin large-scale flame wars, which is not what we want to see happen. I'm sure there are other forums out there that may be more open to discussions on these topics -- if you see this thread deteriorating, it may be better for everyone involved to move this topic elsewhere. (Though you are absolutely welcome to post about other topics here that may be of interest to the community.) Hope this was useful. Oh also, if you simply *must* get involved in unsolicited mass email, please do your best to ensure proper spelling and grammar. Spam is annoying enough on its own.
  12. Been a few years, but I seem to recall having more success with TCP instead of UDP. I guess it slowed it down a teeny bit, but I didn't really notice most of the time. Was significantly better at maintaining the connection, though. Not sure if that's what the problem is, but you might give it a shot just to see.
  13. Yeah, I didn't mention. This is in a domain, and I am using an account with domain admin rights. (And, thus, local admin on the box itself.)
  14. Yup. Doesn't work. Problem is that it wants to expand the variable locally before passing it to the remote system. Today I actually did find the registry key where the Path variable is stored, which is much easier to get at remotely.
  15. Well, er, yes. But show me a way to do that on a remote box besides logging on and opening a command prompt.
  16. To start at an even "lower" level, you could look at Linux From Scratch: http://www.linuxfromscratch.org/ I've always wanted to set one up, but never quite have the time to dig into it.
  17. Moved to Nubie HQ. In order for something like you have described to work, you would need to run netcat on the remote machine and then initiate a connection from your own machine; you have explained it the other way around. There are plenty of how-to guides on doing something like this -- in fact, I believe the exact process is described in the netcat docs. The "at" command is just a task scheduler for Windows. It has nothing at all to do with what you're describing, at least not directly.
  18. Well the thing is, you're kind of being a bit open-ended. It seems like you're interested in websites/web development -- is that an accurate statement? If that's the context you're looking for, then absolutely HTML, SQL, and some sort of server-side programming would be in order. By counterexample, however, if you're interested in embedded systems, then probably you won't find much use for most of that stuff. Likewise, if you're interested in artificial intelligence and neural networks, or porting linux to strange hardware platforms, or multimedia encoding, you'll need to read up on different areas. Even saying "things a 'hacker' would find useful" is kind of vague, since you'll never get two people to exactly agree on what a "hacker" is. So don't worry about what you "should" learn. What interests you the most? Start there.
  19. Nah... instead of worrying about what someone else tells you to learn, you need to figure out what YOU want to learn and start there. Can't go wrong with HTML, if you're interested in web pages at all. From there, if you still need help figuring out specific topics, just describe the kinds of stuff that you want to do.
  20. Hm... not necessarily. Getting all sorts of certs means that -- 1) You have the time to dedicate to studying, 2) You have some money to pay for the testing, and 3) You are good at memorizing, or you test pretty well in general. Certifications may give you an edge in a job interview, or may get you a few extra bucks in your paycheck, but they don't automatically indicate a given level of expertise in the field. I work in a large (LARGE) IT department, and I can't think of anyone there who is certified. Not to say that they aren't, but it's really not something that gets mentioned on a regular basis. Of course, I work for a massive corporation. May be a different ballgame in smaller companies... I can't say, since I've not really ever worked in one. But overall -- and this is a topic that comes up time and time again on Teh Internets -- I tend to believe that certifications aren't really as fabulous as some folks make them out to be.
  21. Free DIAL-UP??? Not even worth it. The web isn't rigged for 56k anymore. I had a free dial-up account when I attended grad school 10 years ago, and it was only marginally useful even then. Nowadays, I can't even imagine. (I remember once upon a time, though, when 14.4 kilobaud was SCREAMING! Like, the whole BBS screen would load in just 1 or 2 seconds!)
  22. Assuming you run the script as an admin-level user, sure. I haven't looked recently, but I'm pretty sure that either MSDN or just Microsoft.com has lots of documented code samples for various administrative tasks like that. That one, probably not. Normally they don't make it easy to get passwords back out of a system once they're encrypted. (Even as an Administrator, you cannot READ other users' passwords, though you can change them to something new.) Too vague. See my previous comment about code for administration.
  23. pfSense is designed to be a router/gateway... so putting it on a VM would be kind of an odd setup. Not to say it couldn't be done, but you could probably get lost quite easily in the configuration. (It would be good practice for the setup and tweaking stuff, though, if you want to practice a bit.) If you're thinking of it like a desktop/software firewall (ZoneAlarm, BlackICE, that kind of thing), then you're not quite right. Think of it more like a router, or the thing that hooks up the Internet to the rest of your network. I once tried to set up a Smoothwall virtual machine to act as the host computer's firewall -- in other words, set it so that all the inbound network traffic went to the VM first, then "passed through" to the host itself. Didn't work, though... it got bogged down in some sort of weird recursive networking stuff like holding two mirrors up to each other. Regarding FreeNAS, you could have that as a VM, but you would likely experience degraded performance (especially if you had a lot of disk I/O). Really, these applications are designed to run exclusively on one physical box... the trick is, it doesn't have to be a super-massive-high-end-ninja-megacomputer. I put pfSense on an old Pentium III laptop with a dead screen, and it works like a champ. Likewise, I have FreeNAS running on an even older Pentium III desktop (with added hard drives), and it's fine.
  24. Without lots more detail, any advice anyone here could offer would be mere conjecture. My hunch is that someone who *does* have admin access created that account for whatever reason (needed to test something, wanted a secret "backdoor", who knows?) and just never got rid of it.
  25. Not sure what you mean by "along side"... I have both pfSense and FreeNAS running on my network. They do different things; pfSense is my Internet gateway, FreeNAS is my backup server. No real direct relationship between the two. But to answer your question... sure, it's your network, you can do whatever you like!