hexophrenic

I can't help you as to why this is occurring, but it happens on my newest 2 machines as well. I just ignore it. Hopefully that is not problematic...:)

Yeah, most of the stuff I have played with in the past can be set to use 5ghz only. 802.11n does not require dual bands. I was hopeful someone on there was using 5ghz and had a good idea what equipment might have good performance/range for it. I choose 10 because it had the least overall overlap. At 40mhz channel spread, it uses 2 channels, 10-6 IIRC. Kind of a d*ck move, but it is still a little better performance (for me) than running strictly 20mhz (single) channels. I had been running dd-wrt on channel 14 for WDS, but managed to get some cable pulled and did not need that anymore so it is decommissioned. Most of my equipment did not work at 14mhz and I did not have the desire/time to mess with it to change the country codes, etc.. It all works, I just want it to work better; as such, I will just Try Harder!

Digip, I understand those things. My current radio is 2.4ghz, is set to greenfield, 802.11n only. I did try mixed mode for a while to see if it would play nicer with the congestion, but it did not. It is a matter of congestion on the 2.4ghz spectrum that is causing my issues. I can see about 35 networks with my onboard wireless from my house and my neighbors are all savvy enough to use 1-6-11 already, so I am using 10 for now but getting a lot of retransmits/collisions. I understand networking and wireless pretty well.

I am in a bit of the same pickle. I have a cheap TrendNet AP that runs 802.11n 40mhz channels, but my area is congested to the point that I am not getting as much throughput as when I first put it in. I have been looking at some of the higher end dual-band boxes like Cisco/Linksys E4200, Netgear n600, and then comparing it to rolling my own with some spare parts I have. My biggest issue is streaming 1080p between the first and second floor of my house (living room to bedroom) and it is just not stable enough at 2.4ghz. I tried powerline network adapters (I have 3 I can sell someone, they work great - not). When someone finds the perfect router running at 5ghz with tremendous range and bandwidth for $25 (or even up to $100 I guess) please let me know...

I think my little Jetway nettop runs about 13w peak and is a lot more powerful (and unfortunately more expensive) than the consumer routers running *-wrt.

I am only speculating, but I wonder if you created multiple hardware profiles for your win 7 instance and assign the physical disk to the VM for booting within ubuntu but also be able to use win7 natively at boot by selecting a different hardware profile. I have never tried this and have never looked at using a physical disk instead of a vmdk of sorts. Anyone have any experience in this?

Or replying to a thread that has been brought back from the dead by the previous poster before noticing how old it is.

Yeah, I understand that is the purpose of the green + and red - on the lower right corner of posts, but when I reviewed several of my more recent posts they show 0. Undoubtedly I should look harder, but I would like to know what constitutes rating down a post or what the implications of the rating are. Not too worried about it, just curious.

How can we tell what caused us to get rated? I don't necessarily care WHO, but I would like to know WHAT prompted a rating. How can we "improve" if we are spanked but not told why...?

If they had access on the laptop, while it was connected to the VPN, then they would have access to everything the user has access to, and anything else they can compromise on the far end of the VPN connection potentially. A lot of smaller companies have their VPN endpoint appliance sitting on their corporate network and hand VPN clients an internal corporate DHCP address. Therefore, VPN clients would have the same level of access over the VPN that they have while in the office. Therefore, hacking a laptop that is connected via VPN is essentially the same as compromising a host inside the corporate network. If the XP box can be compromised, then the XP firewall is trivial to disable. That being said, it is far more time consuming (this is the WIN, by the way, for security folks) to gain access to a system with little or no open ports, which is how the firewall *should* be configured when off network (on as well, but that is a different story). Bottom line, XP firewall (especially SP3) is far better than nothing and arguably more than enough to thwart script kiddies if properly configured. Are there better products out there? Absolutely. Is XP firewall good enough? Most likely.

I think you have to protect yourself against 99% of the hackers that cannot easily penetrate a fully patched system with effective controls placed on it (firewall, HIDS/HIPS, anti-malware, whatever). You have to assume that 1% of the hackers can still get in and you have to give yourself enough time and monitoring to catch that 1% before they can do damage. You have to follow the law of diminishing returns and lost opportunity in the business world to really appreciate this I think. You know, the real world, not a contrived theoretical one :). To be closer to 100% secured, unplug and destroy. You should not terminate your VPN on your internal network anyway...it should terminate into a dmz and have a metric buttload of logging and content inspection between the appliance and the internal network. You should also have a VPN solution that is not configured to allow split-tunneling if you are concerned with this. Granted they only hack the local routing table, with good defense in depth (ie, no administrator privs for the remote user) it becomes less trivial to defeat. Force all traffic, while connected via VPN, to the VPN endpoint and subject that traffic to the same inspection methods that internal corporate users are subjected to. I would go another step further and disallow all network traffic on the mobile laptop unless it is connected via VPN or on an internal network if you want to be really tight. It is all about security vs convenience, there is no point in having systems that end users cannot use...kind of like regulating businesses until they cannot afford to be in business...

You don't need anything but 3389. I would definitely not open 135-139 and/or 445 from the internet, unless you tell us what your public IP is so we can help "troubleshoot."

It does not appear if you are logging in via RDP as the same user that is logged into the console. The patch would allow you to be logged into the console has userX, remain logged in and working, and then log in as userY and not interfere with userX's session. Additionally, you could be logged in to the console as userX and then RDP as userX but into a new session rather than continuing the console session. I am not sure if this "patch" allows the /console flag to be set in the mstsc or not. I do not normally enable the multiple sessions as same user functionality.

The benefit to me in the past was not having to wait, if my wife had been logged in, for her to confirm it is okay to continue and bump her offline or just wait until it times out when she did not log off. Allowing multiple RDP sessions was not used, but having an rdp session concurrent with a logged in console session was very useful.

That is similar and works with XP, but there is also a version for Windows 7 out there: http://thegreenbutton.com/forums/p/79427/393664.aspx#393664

I do remember that debacle now that you mention it. It was "fexid" a few days later, but that was a bear. Good thing I had a pre-dist-upgrade snapshot. After a couple of days, though, all was good again. Good catch.

I beg to differ. Every app I use (most but not all of them) work just fine with a dist-upgrade and kernel image update. A solid understanding of the underlying OS and how to upgrade it goes a long way as there is nothing truly magical about BT|4, but it may be quicker to just reinstall. Each to their own.

General attitude that "good enough" is not really good enough. Sense of entitlement that some people harbor. Head in the arse syndrome as though they are the only people who matter in the world. US government's ever increasing regulations, thereby increasing both taxes and the cost of goods and services. Fat people bitching about being fat while they gobble a double quarter pounder. Smokers bitching about their right to smoke anywhere other than their own property or private property where it is acceptable to the owner. Man, I must be in a great mood today :).

Late to the thread, but if you look hard enough there are "hacks" to get Win 7 home editions to allow RDP service and even allow more than 1 user per machine and more than 1 session per user. Google should be your friend.

You need to install the latest kernel image package to get the new kernel.

Assuming this is a home machine, where the hell do you browse/live that you need all of that for protection??? I guess my life is just not that interesting... I use Windows firewall, microsoft security essentials, malwarebytes (used only when I remember to), and vmware. I use adblock plus for firefox and rarely use IE or chrome, and also use Peerblock for advertising and spyware/malware. I require a password to sign in, but nothing on BIOS or hard drive, no drive encryption but I do encrypt some documents as needed (tax returns and the like).

Unlikely to be the case, but the OP may want to have both trunk and stable releases of the framework...i have several different versions of metasploit installed on my box because different versions work better (or worse) than others for different "exercises".

445 should be 443.

Related to a previous recommendation to purchase a DOCSIS 3.0 modem...I did this recently to replace an older DLINK cablemodem (Docsis 2.0) in hopes of receiving the higher tiered service for free (you never know, the crap cable company I have might have not limited the rollout of new configs...had to hope). While I am still "only" getting 20down/2up service, it is fair more stable for transfer speeds now. It may only be coincidence, but I have been getting 20mbps anytime I try (depending on other traffic at the far end of course). I was getting between 2 and 8mbps most evenings with the DLINK, with 20mbps during the late night or work hours. The new modem is using channel bonding on the download side. I think that has improved my performance a lot, although not faster than I was supposed to get, but closer to it more often.

May be late to the game, but Hydra has in the past been known to be very challenged with HTTP-based attacks. Grab the latest Hydra source, recompile, and see if that helps if you are dead-set on using Hydra.