Trajik

You will generally find with any sort of Server you open up to the Internet (FTP or WEB) that you get a lot of random access attempts from around the world. You are right in saying these are usually automated scripts or bots doing this. Best thing to do is make sure that the server is fully up to date with latest patches and your passwords for it are strong. (Most ideal solution would be to have that FTP server behind a firewall and VPN in to get to it or something similar, but we can't always have perfect solutions for every situation) One thing to do is if these login attempts are all coming from the same IP range, you could block that on whatever firewall you are using. But like I said, you will notice a lot of this kind of thing if your server is accessable on the Internet. One thing you could try to limit the attempts is to change the default port the FTP service listens to by default. So no doubt this is still on port 21. If you change it to something high and random you will get less hits.

Are you sure your hosting provider doesn't block 2525 aswell? Get one of your friends that is on an external network to 'telent <your-test-exchange-server> 2525' and see if they can reach it. This would be for testing purposes but not practical... Also, you can't set up an MX record which tells the querier what port it should use. All it is, is DNS. DNS is hostname to IP lookup... and in case of MX.. has a priority. If your host doesn't allow port 25 traffic, then you might be in trouble... at the end of the day.. all SMTP traffic will be knocking on your door on port 25... you could always set up a NAT that translates that 25 to another port number internally to your network.. but if that 25 isn't even reaching your network because of your provider, i don't think there is much you can do.

Symantec Enterprise is good... with the central distribution and monitoring... but it doesn't change the fact it is Symantec. I've used this in one company... worked OK... but with another company i deployed Mcafee Epolicy Orchestrator. Now that had some really cool stuff like distributing updates in a tree like distributed manner to other servers and workstations to save on resources. Probably nothing the latest Symantec can do... but Mcafee is a lighter load on workstations and seemed to work for me. If i was to do a deployment again, i'd probably do Mcafee... only because i know how to set it up and it worked. (i have a feeling the latest offering from Symantec for enterprise would probably have more features... but you might have to weigh up the $$$$ v $$)

Yeah oxit.it is the legit home of C+A. Thanks for the tip about a VM. That actually does make sense. I'll be sure to test it out. On a side note, JTR bruteforced this hash which was 8 random characters in 2 days!! haha, wish i had that VM up....

Ok that clears things up. Thanks guys. It is unfortunate that programs that rely so intensely on CPU calculations can't utlise the full power of a CPU. On that note, does anyone know of any cracking apps that do?

Hey guys, I have a vista machine that has some pretty beefy specs. I believe its a quad core. Now i was running Cain doing a bruteforce attack on an NTLM hash. When i watch the Vista processes. CPU is at 25%. I start up John the Ripper and start cracking it aswell. Look at the processes, and JTR is at 25% and Cain is at 25%. I want to use as much processing power as possible. Not being limited to 25% per process. Is this a thing with Vista just using each core for each process or whats happening? I'm not savvy with how Vista handles business. And i've never used any of these apps on a quad core so i am pretty clueless. Has anyone got some insight? Cheers.

Was reading this blog. This dude goes on a work trip in Adelaide (Australia) and ends up getting pretty wasted. I'm from Adelaide so represent! http://sleazeempire.com/?p=475 (oh and there is a spot of nudity towards the end, so NSFW warning may apply)

LOL..... Zelda??? Hmmm interesting. I can see it now. Sitting in a meeting... all of a sudden you hear this tinny zelda music coming from somewhere. People are looking around the room at each other with confused looks on their faces.

I concur. Me, i am wearing my pedobear approves tshirt. Most people don't get it. Although... i did notice a few strange old men following me to work thismorning.

Haha don't you love that. Glad you got it solved. I was going to throw in my 2 cents anyway. The best way i found was to yes... find what MAC address is associated to a switch port, then trace it to your patch panel and find exactly where it is. If you have numerous switches it could be a daunting task, i wonder if there is a way to dump running config of the mac address table from a switch. There probably is. If there was, you could dump the logs off all of your switches into a directory and run a grep or search through them all for the offending MAC address. (If anyone knows of such a tool to use for cisco switches let me know :) im curious )

I actually set up the exact same scenario a couple of weeks ago. I had never heard or seen of freeNX before i found it. I fucking love it. It is so stable and fast. Also good for giving users terminal acess. Shits all over VNC. Glad you got it working :)

Ok cheers. Pretty sure that was the case. I was looking at some documentation on our network and it was in Megabytes, then i got confused haha. Thanks.

Hey guys. We have a few remote sites that have got new data services installed. These are 6MB/s (megabyte) ethernet services. We need to upgrade our routers so we can not only route our traffic at the appropriate speed, but have provision for QoS aswell. Now i was looking at the Cisco product sheets at the switching speed of different router models. I don't want to get a router that won't forward the data quick enough. Here is the Cisco performance matrix with speeds. http://www.cisco.com/web/partners/download...performance.pdf Now i keep confusing myself. Are they showing the speeds in Megabyes per second or Megabits? If it is Megabits, am i right in assuming that the lowest router i would opt for would be the 2811. Or am i wrong and this is represented as megabytes? And in that case a 1701 would suffice. (i know i have to take into account bi-directional and QoS stuff. but i just want to figure out what speeds these are being represented as so i can make a choice) (i also know i could get a layer 3 switch but management doesn't want to pay the costs) Any help appreciated.

Ahh what a waste of breath :P I've never used OpenDNS. It should be pretty simple to add sub domains to it. Surely there is a configuration page, find your domain name, and add 'A records' for your sub domains there. Maybe google for 'Adding A records to OpenDNS' or something along those lines. SHould be pretty straightforward from there... now that you know what you are looking for :P

You have it set up with DynamicDNS at the moment. What Dynamic DNS provider are you using? Log into your Dynamic DNS provider and go to the section where you can configure your domains or change your domain name etc. This is where you will have to add your subdomains. SO at the moment, on whatever DynamicDNS you are using. You should have something similar to... <your DynDNS external IP> IN A domain.net (or it might be simplified. And just show you your login against what your domain name is. It all depends on your provider) Anyway, you need to add subdomains to that. So it would be like this... <your DynDNS external IP> IN A subdomain1.domain.net. <your DynDNS external IP> IN A subdomain2.domain.net. Now this all depends on what Dynamic DNS provider you use. I can't recomend any as i don't use them. But log into their website and have a look at your settings and see if you can add any subdomains to your current domain. Now that was for external. And it would also work for anyone internally trying to browse to it. Because i assume you aren't on a big LAN and you don't have an internal DNS server? If you don't have an Internal DNS server on your LAN, then the only way to get this to work is to 1) configure your dynamic DNS to also host your subdomains or 2) Add an internal DNS server (you wouldn't bother if you were on a small network) or 3) Just keep those entries in the host files for now. But basically, you need external DNS set up correctly if you want other people to view these websites. So have a look around your DynamicDNS provider and see what you can find. Good luck.