Infiltrator

Not sure what you are asking?

2) How long have you had the server for? 4) Not sure how well an OS would perform, if its running off an USB stick. Performance may slightly be degraded.

I would definitely upgrade the encryption on your router to WAP or WAP2. Use very long and complex pass-phrase for your wireless encryption, as Digip suggested turn DHCP off or limit the pool of IP addresses from say 254, to the number of devices you have on your network. AP isolation would be a good form for stopping wireless users from accessing your wired devices. If your wireless router does not support AP Isolation, you could look into upgrading the routers firmware to DD-WRT or Tomato or upgrade to a router that supports it. Or if you have a switch capable of creating Vlans than use that, to segment and secure your network. Another way to maximize your wireless security, would be using WAP2 Enterprise and setting it up with Radius authentication server, where once uses have been authenticated and associated to the access point, they will be prompted for a username and password. That will give the attacker a hard time and resulting his attacks less effective, as he will need to crack the two layers of security, the WAP2 and the Radius Authentication. As long as you have WAP2 Personal enabled with a strong pass-phrase you should be secured.

I would do the following: 1) Run a memory diagnostics? To see if there are any errors in RAM. 2) When the server stops responding, is there any process that it taking up all CPU cycles? 3) Check all cables inside the case, make sure they are firmly connected. 4) I would also run a HDD test, just to make sure its running normal.

Nice work, wasn't so hard wasn't it?

He is going to be uploading other videos on metasploit and other related security topics eventually.

In my virtual lab I have the following set up, a Windows Server 2003 installed in a VM, with DHCP disabled but DHCP enabled at the router end, so any machines on my network can retrieve an ip address. Moreover, I have set my server with a static IP address instead of dynamic and have set up an additional VM running XP, so that it could be joint to my new domain controller, which has worked without any problems.

How did you install Windows Server 2008, on a physical machine or Virtual machine?

When setting up a domain controller, a couple of things you need to configure first, before workstations are able to be joint to the domain. 1) You will need to run DCPromo, to promote your server to a domain controller. 2) You will need at least 3 services configured and running DNS, DHCP and ADS (Active Directory Services). 3) You will need to disable DHCP on your router, since the domain controller will be the main DHCP server for your network. 4) Go to DHCP in your DC and create the following scopes, DNS Servers, Router, DNS domain name and last not least Name servers. Once the scopes have been created, you will need to authorize your DHCP server to lease ip addresses or otherwise no machines on the network will be able to obtain IP addresses. If you stuck these articles should help you http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm http://helpdeskgeek.com/how-to/configure-windows-server-2003-as-a-domain-controller/ http://www.utm.edu/staff/nathant/domain_setup.htm Edit: Once your domain controller has been set up, you will need to restart a workstation and verify if its obtaining an IP address from the DHCP server in your Domain Controller. If the workstation has obtained a valid IP address from the new DHCP server, try joining it to your domain again.

Would be nice to see Vikiv as guest in the show!

I agree, these are things that as a customer you will have to consider, what can you do in this circumstance? What are your available options, say if the cloud went down or how to prevent it from happening in the first place.

I would still use it, even tough it may not have been adopted widely. I've used it before for signing/encrypting files and emails and have to say, if its been implemented correctly, than there is not much to be concerned about. Plus you and the person on the other end can always verify the integrity of the message to see if its been tempered or not.

Wireshark or TCPDump will work, you will need to save your captures as a pcap file and import into Elcomsoft.

Just finished watching the last video and have to say its a complete guide to wireless security. Anyone who's really into wireless security or wants to know more about it, should with no doubt watch it.

According to this text, this Dell printer supports post script drivers, which supports PJL http://en.community.dell.com/support-forums/peripherals/f/3528/t/16934383.aspx

You need to have a higher post count, to be able to post links. At the moment you have only 1 post count, I'd say around 10 posts, before you can post links.

Another reason to rethink twice before migrating your data to the cloud "Reliability"

NEW YORK (CNNMoney) -- Amazon on Friday issued a detailed analysis and apology on last week's massive crash of its cloud service, an event that brought down dozens of websites. The disruption to Amazon (AMZN, Fortune 500) Web Service's Elastic Compute Cloud, or EC2, limited customers' access to much of the information that was stored in the company's East Coast regional data centers. About 75 sites crashed because of the outage. Until now, Amazon had stayed relatively silent about the cause. But after completing a post-mortem assessment of the mess, the company issued a technically detailed, 5,700-word explanation of what went wrong. The event -- the first prolonged, widespread outage EC2 has suffered since launching five years ago -- was a technical perfect storm. A mistake made by Amazon's engineers triggered a cascade of other bugs and glitches. "As with any complicated operational issue, this one was caused by several root causes interacting with one another," Amazon wrote. On April 21, AWS tried to upgrade capacity in one storage section of its regional network in Northern Virginia. That section is called an "availability zone." There are multiple availability zones in each region, with information spread across several zones in order to protect against data loss or downtime. The upgrade required some traffic to be rerouted. Instead of redirecting the traffic within its primary network, Amazon accidentally sent it to a backup network. That secondary network isn't designed to handle that massive traffic flood. It got overwhelmed and clogged up, cutting a bunch of storage nodes off from the network. When Amazon fixed the traffic flow, a failsafe triggered: The storage volumes essentially freaked out and began searching for a place to back up their data. That kicked off a "re-mirroring storm," filling up all the available storage space. When storage volumes couldn't find any way to back themselves up, they got "stuck." At the problem's peak, about 13% of the availability zone's volumes were stuck. But why did a problem in one availability zone ripple out to affect a whole region? That's precisely the kind of glitch Amazon's infrastructure is supposed to prevent. Turns out EC2 had a few bugs. Amazon describes them in detail in its analysis, but the gist is that the master system that coordinates all communication within the region had design flaws. It got overwhelmed, suffered a "brown out," and turned an isolated problem into a widespread one. Interestingly, those bugs and design flaws have always been in place -- but they wouldn't have been discovered if Amazon hadn't goofed up and set off a domino chain. Amazon says that knowing about and repairing those weaknesses will make EC2 even stronger. The company has already made several fixes and adjustments, and plans to deploy additional ones over the next few weeks. The mistake presented "many opportunities to protect the service against any similar event reoccurring," Amazon said. Of course, Amazon's customers aren't so thrilled to have been guinea pigs in this cloud-crash learning experience. Amazon offered a mea culpa, and said it would give all customers in the affected availability zone a credit for 10 days of free service. "We want to apologize," the company said in a prepared statement. "We know how critical our services are to our customers' businesses and we will do everything we can to learn from this event and use it to drive improvement across our services." Source: http://money.cnn.com/2011/04/29/technology/amazon_apology/index.htm

C and Java would be good languages to learn. That's what I did when I was at the university.

Communicate in what way? As a hard drive or internet access?

Would it be possible for a DPI (deep packet inspection) to look into an encrypted traffic?

A lot of things, in these forums are broken. IT will take them some time to get fixed. For instance, there are times when I can't access Hak5.org at all, I receive some errors like not enough memory or something along the lines.

Youtube, Irongeek and Google (no offense) has lots of information on pen-testing and network security, they will be a good place to research and learn more. On the other hand, if you feel like you struggling with something, just create a thread in here and I will be more than willing to assist you.

I liked how C&C has being mentioned several times. I have played all C&C games and highly recommend it as a Strategy War Game.

I would say around $50.000 to $68.000 a year. With experience that would easily go up to $70.000+++