Dаrren Kitchen

Ok, I wrote a text article awhile back on it, but now some of the free tool are being updated to handle Vista's changed SAM and SYSTEM hive structure. Cracking Windows Vista Passwords With Ophcrack And Cain http://irongeek.com/i.php?page=videos/crac...hcrack-and-cain This time the tutorial uses free tools. Hope it helps someone.

Looks like these guys did some tests, and over all FAT16 is the winner: http://www.anandtech.com/printarticle.aspx?i=2549

I did some more test, this time with my 1GB Apacer UFD. I copied Torpark 1.5.0.7 (27 MB in 275 files, 83 directories) to the UFD as a more organic test: Fat32 1:05 fat16 0:55 NTFS 1:35 1:23 These new, longer results gave me pause, thats why I ran it twice. I also test NTFS under the following conditions: No AV live protection 1:11 AV on, using XCOPY 1:38 Compression on 1:17 Seems like turning compression on (less total data to write to the disk) and AV off seems to help. Over all, seems like FAT 16 is the best choice for faster thumbdrive file systems. Edit: After testing some of my other drives: 1GB XP FAT16 Result: Write time: 11.0596 Sec. 9.04191833339361E-02 MB/s Read time: 0.1406 Sec. 7.11237553342816 MB/s Result: Write time: 10.5154 Sec. 0.095098617266105 MB/s Read time: 0.1376 Sec. 7.26744186046512 MB/s 2GB FAT16 Result: Write time: 3.528 Sec. 0.283446712018141 MB/s Read time: 0.1282 Sec. 7.8003120124805 MB/s 4GB FAT16 Result: Write time: 27.4376 Sec. 3.64463364142636E-02 MB/s Read time: 0.1 Sec. 10 MB/s Result: Write time: 23.7406 Sec. 4.21219345762112E-02 MB/s Read time: 0.1094 Sec. 9.14076782449726 MB/s 1GB XP FAT32 Result: Write time: 11.4752 Sec. 8.71444506413832E-02 MB/s Read time: 0.1124 Sec. 8.89679715302491 MB/s Result: Write time: 11.6156 Sec. 8.60911188401804E-02 MB/s Read time: 0.122 Sec. 8.19672131147541 MB/s 1GB XP NTFS Result: Write time: 5.4874 Sec. 0.182235667164777 MB/s Read time: 0.122 Sec. 8.19672131147541 MB/s Result: Write time: 5.6312 Sec. 0.177582042903822 MB/s Read time: 0.1156 Sec. 8.65051903114187 MB/s I did the Tor test again and with the 1GB and it took 1:24, so something must be wrong with my synthetic tests.

Damn, the $GB UFD is much slower than the 512MB: FAT16 on the 4GB Result: Write time: 24.2908 Sec. 4.11678495562106E-02 MB/s Read time: 0.1502 Sec. 6.6577896138482 MB/s

The idea that it could be cached came to mind, but I'd still like some other folks to do some testing as well. Anybody else get results like this?

Ok, even more interesting test results. I used a tool from http://oette.info/ for benchmarking different files systems on a 512MB Thumbdrive. I set it to write five 1 MB files. Here are the results: Fat16 16kb allocation unit size Result: Write time: 3.4228 Sec. 0.292158466752366 MB/s Read time: 0.0862 Sec. 11.6009280742459 MB/s Fat16 64kb allocation unit size Result: Write time: 3.3486 Sec. 0.298632264229827 MB/s Read time: 0.0842 Sec. 11.8764845605701 MB/s Fat16 default allocation unit size Result: Write time: 3.3108 Sec. 0.302041802585478 MB/s Read time: 0.0862 Sec. 11.6009280742459 MB/s Result: Write time: 3.3208 Sec. 0.301132257287401 MB/s Read time: 0.0762 Sec. 13.1233595800525 MB/s Fat32 default allocation unit size Result: Write time: 23.81 Sec. 4.19991600167997E-02 MB/s Read time: 0.08 Sec. 12.5 MB/s Result: Write time: 23.7444 Sec. 4.21151934771988E-02 MB/s Read time: 0.1202 Sec. 8.31946755407654 MB/s NTFS default allocation unit size Result: Write time: 0.8712 Sec. 1.14784205693297 MB/s Read time: 0.0682 Sec. 14.6627565982405 MB/s Result: Write time: 0.9174 Sec. 1.09003706126008 MB/s Read time: 0.0882 Sec. 11.3378684807256 MB/s To cut to the chase, NTFS seems to be the fastest, FAT16 (just called FAT in the dialog) next and FAT32 was dog ass slow. I used the HP UFD format tool to do the formating. Any good reason not to use NTFS on the thumbdrive besides compatibility with other OSes?

A few more findings: 1. I thought that my Symantec AV may be the problem, but after removal it made no difference. 2. Read and writes are much faster under Linux than under Vista/XP. 3. It's faster in Vista to mount a Trucrypt volume off the thumbdrive, then run your apps off of it then it is to run the app straight off of the thumbdrive. 4. Changing the device options in control panel from the default "Optimize for removal" to "Optimize for performance".

Maybe I should have stated this in my first post, it is already USB 2 and so is the port.

Anyone know any system tweaks to speed up slow USB Thumbdrives? I've noticed that it's faster to copy one 300MB file than three-hundred 1mb files, is this because of extra edits that have to be made to the file allocation table?

Yeah, I've seen them in quite a few places. I don't mind as long as they ask, but a lot of folks don't ask. If anyone has any ideas for more videos let me know.

Hope some of you find this of use. Video:Using SysInternals’ Process Monitor to Analyze Apps and Malware Process Monitor is a useful tool to see what registry, file system and thread changes processes are making on your Windows system. It should work on currently patched versions of 2k, XP and Vista. Two major uses security professionals may have for Process Monitor for are: 1. Analyzing what malware is doing to a system so it can be countered and removed. 2. Figuring out what registry and files system rights a user will need to run a badly written application. Some apps assume everyone is an admin and won’t run correctly unless they are. By using Process Monitor an admin can figure out the minimum rights needed for an application to work. Also, some software pirates may use the tool to figure out how a shareware application’s expiration function works, but that’s not a topic I will be covering. For simplicity of demonstration, I will be using my own app called MadMACs for this demo. Video: http://www.irongeek.com/i.php?page=videos/procmon1

Maybe, I know from talking to others that the problem is persistent even after a hard reset.

True, and I agree that prevention is better but this seems like a big issue. There are places that let port 21 in by default, in which case someone could use a tool like IPiterator and cripple large numbers of printers on the Internet. The Pauldotcom ( http://Pauldotcom.com ) podcast pointed this flaw out to me. Jetdirects are a very common device.

Reread the question, what I'm wondering is if the box is bricked (in other words the exploit has already be ran so it's too late for disabling FTP) how could it be unbricked if even a hard reset won't fix it? The creator alluded that it will have to be sent back to HP to be fixed, if that is the case I would think HP would take it more seriously.

Anyone else read this?: http://security.nnov.ru/Gnews955.html Looks like the exploit can brick some Jetdirects to where even a hard reset won't fix it. Anyone know of a fix for this if a Jetdirect had been turned into a paper-weight? Anyone have an old Jetdirect they are willing to sacrifice to test it?

An interstitial ad running on my site for IOSCO (oicu-IOSCO.com) seems to be causing the web browser to ask to download a file from lawcons.info called c.wmf that contains malware. I fear this is trying to use the previously know Windows WMF vulnerabilities. I've contacted Adbrite to get the ad campaign paused. Just wanted to let you know that this malware is not from my site. My guess is someone defaced the "International Organization of Securities Commissions" website and inserted the malware.

My WPA key only showed as HEX too, but it let me connect so its all good. Just save the HEX key to a txt file, take it to your other laptop and connect.

Magnum IP emailed be about this tool: http://www.nirsoft.net/utils/wireless_key.html

Hello all. I'm looking for a tool to extract WEP and WPA keys from Registry of a Windows box that has already been configured to attach to a network. Via Google I found: http://evolvedlight.co.uk/?p=10 But it does not work for extracting the WPA key from my laptop. I've also tried asterisk revelers, Protected Storage viewers and the like with no success. Any other suggestions?

Live Headers: http://livehttpheaders.mozdev.org/ And User Agent Switcher: https://addons.mozilla.org/firefox/59/ Are both useful from time to time.

<sitewhore> Got a video for you: http://www.irongeek.com/i.php?page=videos/...cportforwarding The first part show a Linux client, skip ahead and you will see how to do it with Putty. </sitewhore>

I'm pretty sure Sparda's answer is the only way. Sorry man, unless you know how to write your own BIOs.

Man, this really depends on how good the girl is, and how good the pr0n is.

I use Gaim. One app, all my IM and chat needs.

Not quite. Encryption apps should be based on a strong algorithm, not on security though obscurity. If the algorithm is good and implemented right, then seeing the source does not help an attacker any.