average admins

A co-worker sent these images to me. I thought it would be nice to share.

Click the images below for a larger image.

http://labs.jphantom.com/wpm/

I type a lot faster when I’m not trying to copy something else, however, this site will measure your WPM and CPM based on how fast you can reproduce a paragraph they provide.

I did it three times and got 63.66, 75.24, and 75.48 so each time I gained a bit more.

It’s not easy, especially when you have to go back and fix something you messed up 6 words ago!

Post your scores!!!!

I found this at: http://kaosx.net/?q=node/6

Here’s an excert from the site:

Microsoft released private folder recently, which is something that is commonly asked for by users. “How do I create a password protected folder?” Im normally using fileshares off of a samba box and have permissions set so it’s not something I usually think about, but from those less technically inclined (or those that want some simple protection) this might be just the thing you’re looking for.

I know you 1337$@uC3 guys will be like “just use truecrypt” but if you already have a solution, thats great, rock on. I really do like truecrypt and have a partition on my flash drive so I hear you there.

But I digress.

Microsoft describes private folder as

“Microsoft Private Folder 1.0 is a useful tool for you to protect your private data when your friends, colleagues, kids or other people share your PC or account. With this tool, you will get one password protected folder called ‘My Private Folder’ in your account to save your personal files. Download and have your private folder today!

The following hardware and software are required to run Microsoft Private Folder 1.0:

Microsoft Windows XP Home Edition, Professional Edition and Media Center Edition with SP2
Super VGA (800 x 600) or higher-resolution video adapter and monitor

Please note: Microsoft Private Folder 1.0 is provided specifically for genuine Windows customers, and requires genuine Windows validation in order to download. The software is free, and does not come with product support. ”

Personally, I use TrueCrypt since it offers a lot more features than MS Private Folder, but for the avearge home user, this looks like a great piece of software.

I just started reading an article about Microsoft purchasing Winternals and naming Mark Russinovich “technical fellow - the top technical position at Microsoft with less than two dozen people holding such title.” We have discussed a number of free tools on this blog from Mark Russinovich and Sysinternals. Now the business side of Sysinternals, Winternals, is going to be a part of Microsoft’s team.

From the article:

Jim Allchin, Microsoft divisional co-president, said in a statement: “I’ve had my eye on Mark for some time. The work he and Bryce [Cogswell, Winternal’s other co-founder] have completed in system recovery and data protection illustrates the depth of thinking and skill they will bring to future versions of Windows. The addition of their deep kernel-level expertise to our existing strong talent will help provide us with the edge we need to continue to raise the quality and functionality bar for Windows on both the client and the server.”

When Chris and I were at Black Hat Federal 2006, Jamie Butler, co-author of Rootkits: Subverting the Windows Kernel, told us that the only person he could think of to review the Rootkits book for technical accuracy was Mark Russinovich. If this dude, Mark, is now going to be on the Microsoft team, we may begin seeing some better locked down operating systems and software from them as well as better tools, distributed with(in) the OS, to troubleshoot and monitor system functions and access.

Sounds good to me… Anyone care to comment on this relationship?

This stuff is amazing!!

http://www.biro-art.com/gallery.html

THE Visual Guide To Penetration Testing

As posted on one of my favorite blogs, A Day in the Life of an Information Security Investigator

What’s that? You really want a visual guide to penetration testing? Something that covers:

- Enumeration tools (nmap, firewalk, amap, nbtscan, hping, scanrand, sinfp, etc.)

- General Vulnerability Scanning Tools (nessus, typon, NGS Squirrel, MatriXay, SARA)

- Exploit Engine Tools (metasploit, manual SQL injection, etherape, netwox, hijetta)

- Pre-inspection visit steps (EVERYTHING!)

- Password Cracking (JtR, L0pht, Rainbow, pwdump)

- Network Recon (whois, samspade, google, social engineering, dumpster diving, zone transfers)

- Enumeration results steps (what if a certain port IS open?)

- Command line examples of each tool

Something that could be printed out and be your all-in-one guide to penetration testing?

SHAZZAM!

Behold, your wish has been granted.

This is a must see!

Chief

Anyone watch the 2nd quarter of the Isreal/Lebanon game yesterday? So apparently here’s how it all goes down:

(more…)

…on something.

I started to write a very, ahem, controversial post about something vs. something, but before I can post (and subsequently win the argument), we have to agree on something:

(more…)

I posted a link for screen on the old AA blog, but I found a really cool howto on using screen earlier today when looking for a way to split my screen window into two panes (one for IRC and another for my normal activities).

From my original post:

This article is meant to serve as a quick introduction to using Screen, a linux virtual terminal application.

Here’s a great example of why you need to be familiar with this application. Let’s say that you are interested in participating in the Folding@Home project (http://averageadmins.com/blogentry.php?id=11). With screen, you simply SSH into your Linux box, type screen to create a new session, install, configure, and run the Folding@Home software, and then press “CTRL-a d” to detach your session. If you hadn’t run your Folding@Home software in a Screen session, when you disconnected your program would have terminated. When you’re ready to reattach to your Screen session, you SSH into your box and type “screen -r” to resume.

Screen gives you the ability to keep sessions going, even when you disconnect from the remote host.

Think of Screen as a command-line version of Remote Desktop. Anything you run in the Remote Desktop session will continue to run until you either stop it yourself or you reboot your server. The same thing is true for Screen.

Screen is extremely customizable and offers a ton of features. This is a great URL that describes a lot of the features you’ll find in Screen: http://linuxjournal.com/article/6340

I like to keep a collection of text files that contain quick instructions for the programs I like to use. Here are the contents of my screen.txt file:

Ctrl-a c will create a new screen window
Ctrl-a Shift-m to monitor the current window for output
Ctrl-a _ to monitor for silence (30 seconds by default)
Ctrl-a ” and you will be presented with a list of the current open windows
Ctrl-a Esc to go into scrollback mode. Enter key will exit scrollback mode.
Ctrl-a Shift-a to name the current window
Ctrl-a d to detach from your screen

screen -ls to list screens at a normal prompt (not from within screen)
screen -x will let two people attach to the same screen

http://linuxjournal.com/article.php?sid=6340
a few other examples and a good .screenrc file.

another set of good examples:
http://palm.freshmeat.net/articles/view/581

As you can see, with a quick glance I can find the screen commands I use most often.

I don’t use Screen all the time, so I don’t have a fancy .screenrc to share. I simply use it when I want to run several linux terminals in one SSH session.

You can find the very detailed howto I found earlier today here: http://gentoo-wiki.com/TIP_Using_screen

I’ve become an IRC junkie lately. The problem is that I have no rooms to hang out in - I always feel like I’m jumping into someone else’s conversation, kinda like the smelly guy that no one likes at the party. As I was getting shunned last night in #fluxbox, I thought to myself, “Self, why not make a #texarkana room, or an #averageadmins room so people can chat late at night when they are bored?” We all have something in common, so at least we would have something to talk about.

This would be an easy, zero-cost thing to do - someone just jumps on one of the IRC networks (irc.us.freenode.net is my choice) and creates the room.

Problem is, I don’t know how many of you care or even know about IRC.

Since I can’t do a poll here, I’d like to see how many responses I get to this, so if you like the idea, let me know. I’ll create the room tonight and let it sit up all weekend, and we’ll see what happens. Chris, if you have any advice on how to do this, let me know.

FYI, here is a quick howto on IRC:

Linux IRC Mini-howto

Josh