Brian Sierakowski

Seems to me that posting "someone please introduce me to hacking" on a forum called hak5 might be a misinterpreted request :). My personal recommendation is to get as much coding experience as you can, among the many things I'm not good at coding is paramount, and it's every so important if you want to separate yourself from the script kiddies and actually write and edit things yourself. -B

Do both of the networks have the same gateway? I think we have a similar setup to what you're trying to do, we have a local site, then secondary office over a point to point T1. Both share internet access, and use a common set of DHCP, DNS, etc servers. How we've done this is plugged both scopes into our DHCP (.69.5), then we have identical scope options EXCEPT the router, which is different for our device over ppp. For example, the scope options for .69.x are: Router - 69.1 DNS - 69.5 Time Server - 69.5 WWW - 69.6 And then for 96.x (the remote network) Router - 96.1 DNS - 69.5 Time Server - 69.5 WWW - 69.6 I hope that's helpful, for further advice how are the two sites connected? What sort of DHCP server are you running (win2003?) How many workstations on each site? If you don't have very many computers on one end, you could keep your dhcp running using classid or mac address reservations. Good luck! -Brian

Ok guys, seriously, I need to have admin rights to edit a database file in a police station computer. I downloaded this great math program, but I can't even play world of warcraft on this thing!! Can you believe it?! Anyway, if someone could hack this thing for me, that would be great. Thx, -B

Can you tell us a bit more about what you're trying to prevent from happening?

Have to agree, according to Sec+, you're supposed to: 1) Document what's on the screen 2) Create a bit for bit image 3) Copy whats in the memory From there, you can run any forensics on the backup, leaving the hard drive untouched. Creating a hash any important file is a good idea, since if you have to go to court you need to prove that it was unaltered. If you wanted to use any logs in court, you have to prove that you discovered the information in a scheduled check of the logs. THAT SAID: I do agree with everyone else above. If there is any recourse you can take against the Russians (sorry, but 'lol'), look into it, but consider how expensive it would be to conduct a trial against Russian citizens. The only hope you have is that they're extradited to the US, and depending on how legit this company is, they could disappear. Also, have you considered that it actually ISN'T the company? You said you've used them before, and they did the work just fine. They also mentioned that the login info you sent them was no good, sound like this could potentially be a MITM attack. I don't know how built up Russia's infrastructure is, but it may be easier to tap networks then it is here. Did you determine what they uploaded? Did they know where to go to get the user info? Here's what I would do: 1) Take the server down, restore a backup done before the compromise 2) Notify all the users of what happened, might lose some, but you'll lose ALL of them if they're CC gets maxed out and it gets traced back to you 3) If you made any copies, use them to perform forensic analysis to see if you can tell wtf they did 4) Don't give out admin credentials over a potentially unsecured medium, and to potentially untrustworthy recipients. 5) Learn from the painful experience, and get better at what you do from it :). Good luck!

There's also the unintended consequence (or benefit) of Intels popularity, and that's support. While many people love the AMD/ATI monolith, the fact that Intel/nvidia are in such a larger portion of machines will inevitably lead to a better user experience for the intelers. When games and apps are being created, and QA time frames get squished, I'm sure the focus is to "at least get it tested on intel/nvidia," potentially leaving the other folks in the dark. I have an nvidia card in this machine, and an ATI in the other, and I can say from personal experience that games tend to be more compatible with THIS machine, with the exception of when this one is too slow (the other machine is a good bit faster.) I suppose my point is that a superior product may not always lead to a superior experience, sometimes its better to go with the "worse" product because it works better :).

One technique I've seen for creating long memorable passwords is to us a phrase that the persons remembers for one reason or another. For example: I have a dream that one day this nation will rise up and live out the true meaning of its creed: "We hold these truths to be self-evident, that all men are created equal." Or: All truly wise thoughts have been thought already thousands of times; but to make them truly ours, we must think them over again honestly, till they take root in our personal experience. I've see a lot of people use long phrases that they've possibly have to memorize in school, and while they are all plain text and dictionary, the sheer length makes them very difficult to crack.

Thank you very much sir!

What is this 3DES plaintext attack you speak of? Perhaps we can reverse engineer it for DES. But actually, DES keys are only what, 56-bit? You could crack that pretty quickly.

If you go into computer management and assign a lower level, your USB drive should always grab that same letter. IE, I changed my USB drive letter to "U:", and ever since then it shows up as U: on my computer (but auto assigns on others.) Give that a try and let us know if it works.

Passed :).

Are people going to say "Oh yeah! I've seen this laptop before." or are they going to say "Oh yeah! That's the butt laptop! EVERYONE COME CHECK OUT THE ASSTOP!" ?

I think motion graphics is more after effects then premiere.

Don't know exactly what you're trying to accomplish, but have you tried the low tech way? What you can do is use an audio recording suite (audacity, or sound recorder even), set your input to "stereo mix", hit record on the program, then hit play on myspace. You can grab any audio that comes through your speakers this way, making it handy for when I was looking for some sound effects not to long ago. Let me know if you think this suits your need and you'd like a bit better guidance.

Well, I don't think anyone in 2009 is surprised by a netbios exploit, but I understand what you're saying :). One thing I've done to protect myself is to dual home all of my machines, keeping a "local" VLAN and an "internet" VLAN, that way we can do file sharing and generally insecure things on our class A network, and just keep strictly TCP/IP on our class C network.

Back in my day, we actually exploited systems to grow our botnets... not this lame ass attempt at.... whatever it is you're trying to do.

You might find this interesting: http://www.tazforum.thetazzone.com/viewtopic.php?t=3613

It's the whole field of motion graphics, which according to my girlfriend the film major is "Really hard." Perhaps try searching for some motion graphics how-tos on google and see if you get anything useful, seems to me like you basically have to have the ability to do 10 or 20 different manipulations, then it's up to you to be creative with it.

Sort of reminds me of that one website icy hot stunnaz (or something similar), anyone remember that? People basically shit their pants flaming them, and then it turns out that they were doing the page as a joke... made a lot of people feel real silly (including myself.) Makes you think that even if they weren't joking, is it really worth it to get so worked up over basically nothing? If you start ripping up someones grammar and spelling (atrocious as it was), you're just opening yourself up to getting replies about using "your" instead of "you're", etc. It's just wasting time, don't you think? Don't we all have important jobs that could use that extra 15 minutes of focus we spend on something that's not going to accomplish anything?

Yeah, I think there is a subtle difference between "Viral" and "Marketing." I don't know that this worked, unless their slogan is "MSI; stick it up your butt!" I'll admit that I watched the whole thing, but this was not like the macbook air in the courier envelope, this did not have me marvel in the thinness of the laptop. Plus, I did go to the site they advertised, only to be accosted by the shrill digital squawks of seagulls. I think poor MSI has a way to go, but they have their heart in the right place.

If you're looking for an easy bootable environment, you may want to consider something like puppy linux. It's whole point is to run off of a CD, so you can probably get your feet wet there first. http://www.puppylinux.org/

Unless you are a sysadmin legitimately trying to recover a password :).

Wow, that's some great info! Love the drop downs on the bottom that give you stock price-esque up and down ratings, like with RAM you can see the smaller amounts on the decline :). I don't know if you've heard, but Intel is getting into all sorts of crazy trouble by getting stores to not carry AMD for a long time now. Sort of makes sense, as the last time I saw an AMD cpu in stores was a LONG time ago. Not that that makes AMD better or vice versa, I think it just skews the usage vs quality aspect when they aren't playing on a level field.

Wait, curvature? You mean the earth is round?

Lol, I appreciate your hustle, you really went for that typing them both up ;).