average admins

I use the MMC for various system management jobs but I’ve never thought about blogging about it. It’s just one of those things that I’ve never given a second thought.

Rob, from confessions of a freeware junkie, posted about how he has his setup. I have to say, his looks a lot more useful that the one I created.

http://maximillianx.blogspot.com/…-extending-power-of-your-management.html

One thing I do differently than Rob is that I launch the entire MMC with my domain admin credentials. This is what the Target: field of my shortcut looks like:

C:\WINDOWS\system32\runas.exe /user:domain\my-admin-acct “mmc C:\Chris\Microsoft Management Consoles\Domain Management.msc”

Note: If you want to save your password so you don’t have to type it in every time you launch the MMC add /savecred right after /user:domain\my-admin-acct.

Also, in order to add Active Directory Users and Computers, you’ll need the Windows Server 2003 Administration Tools Pack available here:
http://www.microsoft.com/downloads/…

While you’re at his site, take a look around. I monitor his RSS feed on Bloglines and he’s always posting cool stuff.

Have any of you started planning, tried, or considered a Vista rollout.  I know it is still early in the game and I personally will wait about another year before doing it in my company since I am still a one man IT department, and with that said R&D time is hard to find, also. I’ve seen a few local businesses here in Huntsville/ North Alabama try to use Vista in a tech support roll to much frustration on their own part.  I’ve had a 3rd party technician try to help me trouble shoot e-mail trouble on his Vista staion and he finally gave up and RDP’ed my XP station so he could help effectively.  I’m mostly wanting to hear a voice from a group of intligent people that I know I can trust an opinion from since the internet is full of opinions of questionable value.  I hope to scrape up enough budget to buy one Vista Business station for testing purposes, but I work for a small company and I don’t konw when that will be.

Later on I might create one big entry with my little Windows shortcuts, but for now I’m always wishing I had written these instructions down.

For the original article by Jeff, click here: http://www.averageadmins.com/blogentry.php?id=61

For now, I’m going to keep it simple and just add the two commands that, if you want, can be easily changed to match your situation.

netsh interface ip set address local static 192.168.1.254 255.255.255.0 192.168.1.1 1
netsh interface ip set dns local static 192.168.1.1

For a DHCP-enabled interface:

netsh interface ip set address local dhcp

Other resources include:
http://support.microsoft.com/?kbid=242468
http://www.microsoft.com/resources/…

http://www.security-database.com/toolswatch/Nipper-version-93-released.html

This software works both in Windows and Linux.

(more…)

We just recently rolled out about 60 new desktops at work and none of those systems were showing up on our WSUS server.

I spent the better part of today addressing the issue.

(more…)

I use this link often when setting up new computers or helping a friend or family member secure theirs. Since I’m always searching for this site, I decided to mirror a copy of it here.

If someone knows of a better suite of tools please let me know.

So how did I get infected in the first place?
http://www.castlecops.com/postlite7736-.html

(more…)

Originally posted on cocoacrusty.com on Monday, April 16th, 2007.

This post is the reason I posted my previous blog entry on installing the Metasploit framework on my Apple MacBook. Chris sent me a link to this movie showing someone exploiting a vulnerability in Microsoft’s Windows. The .ANI Header Stack Overflow vulnerability allows a remote attacker to send a malicious e-mail to an unsuspecting user with an unpatched Windows machine and gaining remote shell access.

After Metasploit was installed on my MacBook, I followed the steps in the movie as they were shown and it worked like a champ. The recipient of the e-mail has to be viewing the e-mail in HTML. I was only able to exploit this vulnerability when using Microsoft Outlook or Microsoft’s Outlook Express e-mail client’s when the client was setup to view messages in HTML. Either way, I gained access to one of my own machines using this exploit and it showed me just how easy it would be for someone with malicious intent to really wreak havoc on a novice or unsuspecting user.

I am impressed at the whole concept behind the Metasploit framework for exploiting known vulnerabilities and delivering payloads with basically the push of a button. The interface and command logic is easy to understand, for this exploit anyway, and I look forward to learning more about the framework, the exploits, and the payloads in the near future.

Until next time…

Originally posted at cocoacrusty.com on Monday, April 16th, 2007.

I have known about the Metasploit framework for quite some time but have never really known how to use it or taken the time to learn. Recently, Chris inspired me to try it by showing me a movie explaining how to exploit a vulnerability in Microsoft Windows related to the .ANI Header Stack Overflow Vulnerability (more on this in my next post).

Before I could begin working with this nifty little exploit in Metaspolit I had to get the framework installed on my MacBook. Metasploit is a suite of Ruby scripts and will run on virtually any Unix based operating system and Windows (with some minor tweaking). I checked the MacPorts for Metasploit and it was available as a port install but the latest version in the ports tree was 2.7. I needed at least version 3.0, and later determined I needed a development version, version 3.1, from the trunk to get the exploit I was after.

The first thing I did was upgrade my Subversion client on Mac OS X. I got the universal binary from here and installing and upgrading my Subversion was pretty painless. It installed like most other Mac applications from a package.

(more…)

These guys have put together the ultimate list of software. It’s not all free and it doesn’t all run from a USB drive, but if there’s not a piece of software on here you can’t use then, well, then you have a lot of software!

http://www.anova.org/software/index01.htm

Originally posted at cocoacrusty.com on March 27th, 2007.

I first saw this nice little trick a year or so ago. A fellow admin and friend of mine, Tommy, used a Bluetooth® headset to automatically lock his Windows machine whenever he stepped away from his computer and his headset was no longer in range of his PC’s Bluetooth® dongle. I don’t remember how I stumbled upon this blog post yesterday, but I am glad I did. This post shows you how to implement a similar solution using an application called Proximity and some Apple Scripts to achieve the same result.

The cool thing about this solutions for the Mac is that the events that are triggered when the specified Bluetooth® device enters and leaves the Mac’s Bluetooth® proximity are Apple Scripts. Apple Scripts allow you to easily program for the Mac. Apple Scripts are pretty much the same thing as shell scripts for any other operating system and command line environment, like batch scripts for Windows and Bash or C Shell scripts for Unix based and derived operating systems like Linux and FreeBSD. Basically, with a solution like this, you aren’t tied to the developer’s ideas of what should happen when you step away from your machine. The ball is totally in your court and your goal is only limited by your creativity and your programming ability.

(more…)