• the dark side of powershell

    due to its pure awesomeness, i have been doing a lot of powershell for work and recently presented about it. here is the slides from my most recent presentation: here is the presentation from a few months ago about bsides huntsville:
  • mounting a windows share in linux from the command line

    i needed to mount a windows share from my ubuntu box the other day, and while this is quick and easy from the gui, i wanted to do it from the command line (just in case). to mount a windows share from the command line (this is on ubuntu 10.04), you can running the following command: sudo mount -t cifs //$ /media/smb_mount/ -o username=domain/user,iocharset=utf8,file_mode=0777,dir_mode=0777 obviously your mount point of /media/smb_mount would have to exist.
  • extreme makeover: network edition

    recently i spoke at a conference about a network upgrade i did at a previous job. the upgrade was a very difficult, but rewarding process, and has become one of my favorite topics to speak about. topics i covered included the basics/easy stuff: anti-virus content filtering password policies firewalls all the way to the not so common or more complex: egress firewall rules patching (system & OS) running with user rights software restriction policies/GPO’s here is the prezi from the talk:
  • vlan abuse

    this is a quick post about vlan hacking abuse.

    specifically, this post will cover how to abuse cisco switches and the DTP (dynamic trunking protocol).

    why is this important? typically, most environments segment out servers, workstations, management, etc, into different vlans. if they (mis)configure the switch, you could potentially jump onto the management subnet (where things are usually much less protected) from a user subnet.

    in a nutshell, we are taking advantage of a misconfigured switch, not really doing any “hacking”.

  • truncating/shrinking microsoft sql logs

    every once in a while i run into an issue where i have some log file on a microsoft sql server that has not been properly configured and is taking up a hundred gigs. and inevitably, i end up spending the next 20 minutes to find a proper example of how to truncate the logs. so, instead of searching again, i am posting it on my site 😉 WARNING: don’t do this unless you have backups or you really, really don’t want to roll your database back.
  • netoptics: a review

    recently i was asked to implement a solution to mirror a massive amount of traffic (2-8Gbps of sustained traffic) to several different locations for further analysis.

    after comparing gigamon, netoptics, and network critical, i opted for netoptics to fill the roll (because of time i could not do a proof of concept, so the evaluation through reading specs, talking to a few techs, and some googling).

    i have spent time over the last few weeks configuring the netoptics and thought it would be worth sharing my experience for someone else’s benefit.

  • passwords: you can’t do it right

    i was recently asked to do a presentation for a local conference. i like coming up with new things to research and investigate and decided to pursue passwords (and how bad they are). below is my presentation and code for the talk: title: passwords: you can’t do it right description: some say you’re doing it wrong. i argue you can’t do it right (but some do it better than others). see how ineffective passwords are at protecting your accounts and ways of decreasing the chance of anyone using your passwords to achieve total domination.
  • learning to code (on the cheap)

    in the time that i have been in IT (almost 6 years) i have become very proficient at hacking together code to do what i need. from vb scripts to do simple network administration to customizing some python to send over an exploit, i have found a way to make it work. what i miss and don’t know is how to do is code correctly. in my search for learning how to code proper i ran across some great courses from stanford university and thought i would share.
  • networkminer on backtrack 5 r1

    i have recently been working through some network forensic challenges from a few locations (http://forensicscontest.com and http://ismellpackets.com/category/pcap/) and wanted to do some network carving (parsing a pcap and getting the files like .exe’s, .jpg’s, etc). to answer some of the questions i wanted to load networkminer on my backtrack 5 r1 box.

    fortunately there was a tutorial on how to get networkminer up on linux, but it didn’t fix everything for the newest version of backtrack (specifically, the fonts were off and the menu didn’t show up correctly).

    to get networkminer 1.0 up and running on my backtrack 5 r1 VM here is what i did (summary of commands at bottom):

    1. downloaded winetricks and installed the .NET framework, some core fonts, and the GDI+ package

      cd /bin
      wget http://kegel.com/wine/winetricks
      chmod +x winetricks
      ./winetricks corefonts dotnet20 gdiplus