Mr. Matt
Members-
Content Count
12 -
Joined
-
Last visited
Everything posted by Mr. Matt
-
In some cases, a single layer 2 switching device configured improperly can cause serious connectivity problems, especially on a large network. Problems of this nature behave similar to Denial of Service (DoS) attacks but are slightly easier to track.Most intranets serve a central location where other internal networks are connected. Whether it is a remote off-site location or only accessible by taking an underground railway, it's usually the best place to start disconnecting backbones to find out which physical subnet is causing the problem. Broadcast storms are generally identified by the simultaneous blinking of LEDs spanning multiple switches. By disconnecting its uplink (or backbone), process of elimination can be used to determine if it is a node connected or another switching device.In a typical setup, once a subnet is determined to have caused the problem, trimming down the network hierarchy to the very node causing the problem requires hardly more than taking a little walk and disconnecting backbones to track down the building housing the IDF with suspicious activity.In a recent hunt for the offensive node, we found that a home/office size 8-port Linksys was plugged into itself. Unfortunately, switching devices are apparently incapable of interpreting or ignoring packets that loop back into itself (or the same layer 2 device). Unfortunate indeed...
-
I think the best way to learn anything is exactly the way you're doing it: hands-on. Most of us who shun the whole go-to-college wave for technical education find the same knowledge accessible on the Internet. You will seldom retain everything you've read regardless of how many times through you read a book. A better approach to this would be to take anywhere from half of a chapter (if you must use a book) to a full chapter in your PHP learning material. Don't study and don't read it. Type out the code yourself in the code listings (don't copy/paste). Use common sense to understand why what you're typing must be done in the outlined structure. By the time you get it loaded onto a PHP supported server and view it in your web browser, you will have understood what you're typing did, why it did and things you can do to modify your results and tailor it to your specific needs. These findings are the endless paragraph explanations you'll only read about but never find out for yourself if all you do is read the book. Bottom line being, you'll learn more by applying a little about PHP than reading a lot about PHP. There's an unlimited number of tutorials for any programming language, trade or profession if you just keep an eye out. For beginners, I would highly recommend W3Schools (PHP): http://www.w3schools.com/php/default.asp Also, a few other tips to keep the overall learning process easy! Use plenty of whitespace. This will help you to logically understand your own PHP code. I personally wouldn't write code so close together when the amount of whitespace being used between assignments, etc won't affect what you're trying to write. For example, a rewrite of sparkx's code would be: <?php // Get the contents of var query string (http://forums.xisto.com/no_longer_exists/) $var = $_GET['var']; // Is it numeric? if(is_numeric($var)) { // Does it have a value of 1? if($var == 1){ echo('var is 1!'); } else { echo('var is not 1! It is: ' . $var); } } else { echo('var is not a number!'); } ?> You will be doing yourself a favor in the interim by generously spacing out your code and documenting them. Also, find yourself a good text editor that supports syntax highlighting for PHP code. My favorite to use on Windows platforms is Notepad++ which is an Open Source Software (OSS) you can download by searching with Google or Sourceforge.net. Here's another example for accepting and printing form input: <?php // // Check if form has been submitted // if(isset($_POST)) { // // Collect data from POST variables // $get_fname = $_POST['first_name']; $get_lname = $_POST['last_name']; $get_bio = $_POST['biography']; // // Print a summary of posted data // print " <h1>Summary</h1> <p> First Name: {$get_fname}<br /> Last Name: {$get_lname}<br /> Biography:<br /> {$get_bio} </p> "; } ?> <!-- The action specified in this form element uses $_SERVER['PHP_SELF']. This is the equivalent as the filename of this script. --> <form action="<?php print $_SERVER['PHP_SELF']; ?>" method="post"> <p> First Name:<br /> <input type="text" name="first_name" /> </p> <p> First Name:<br /> <input type="text" name="first_name" /> </p> <p> Biography:<br /> <textarea cols="75" rows="7" name="biography" /> </p> <p><input type="submit" value="Submit" /></p> </form> This PHP script is fairly easy to understand if you use some common sense when reading PHP functions. How do we find if the $_POST variable (or any of its variables) are set? Let's ask the same question using PHP. // Is the $_POST variable set? isset($_POST); If it is, then let's do something! if(isset($_POST)) { // Code to be executed if the $_POST variable is set } Also, keep in mind that while using any conditional statements, loops or functions that require the use of brackets, try to indent them on the level they're used to make it easier for you to read and go back to troubleshoot if you should run into problems. // // Conditional statements indented on a single level // if($condition) { // Execute these statements } // // Conditional statements indented on multiple level // if($condition) { // Execute these statements if($condition) { // Execute these statements if($condition) { // Execute these statements } } if($condition) { // Execute these statements if($condition) { // Execute these statements } } if($condition) { // Execute these statements if($condition) { // Execute these statements } } } Let me know if that helps any!
-
How Many Background Processes Do You Have Running
Mr. Matt replied to ronalddarcey's topic in Software
Windows Server 2008 Core (Longhorn) launched within Microsoft's Virtual Server kills the host system but only uses up a handful of processes. It's Core, however, so that means you don't get a Desktop environment, just a command prompt for installing and configuring basic server roles :-) Although, it appears that Microsoft's VHD has mood swings in determining when to allow you a Desktop and when not to. Must be a configuration issue...*blinks at a Desktop being constructed right before his very eyes in Server 2008*Hmm...I wonder what button I pushed. -
It's a deployment solution, for installing OS images or software packages remotely. It is not, however, independent from any particular operating system (in other words, it doesn't come preloaded with server versions of Microsoft Windows). For example, if you have a lab of 50 workstations, rather than using an installation disc at each physical workstation, you can simply set up and configure one system with the operating system and software suite of choice (don't forget Deep Freeze ;-). A typical setup would include Microsoft Windows XP Professional SP 2, Microsoft Office, anti-spyware/anti-virius and other productivity software. Altiris allows you to install a network bootable partition on remote clients so that when you've finished imaging the first prototype, you can deploy that image remotely; usually two or more clients at a time. Cloning is perhaps the best way to describe it. The amount of work/time it would take to setup, install and configure 50 workstations, you could do on one system, set it and forget it. There are other free disk cloning solutions out there, but Altiris is great for doing a lot of remote administration tasks on the software level (eg. remote control, permissions, visual how-to demonstration for the end-user, etc).
-
This was a script I wrote for automating the creation of over 1000 some accounts within Active Directory over summer before the new fiscal year in 2007. It is not intended for direct use. Please make changes necessary to reflect your user management or production environment. #!/usr/bin/perl use strict; # use Tk; # use Tk::DialogBox; # use Tk::Carp qw/cluck warningsToDialog fatalsToDialog/; use Win32::FileSecurity qw(MakeMask Get Set); use Win32::OLE; /* my $adp_acct = 'USERNAME'; use constant ADP_DOMAIN = 'DOMAIN'; use constant ADP_PARENT_OU => 'ou=Sub Organizational Unit, ou=Organizational Unit, dc=' . ADP_DOMAIN; use constant ADP_GROUP_OU => 'cn=Group Name, dc=DOMAIN'; use constant CHANGE_PASSWORD_GUID => '{ab721a53-1e2f-11d0-9819-00aa0040529b}'; # User cannot change password use constant ADS_UF_DONT_EXPIRE_PASSWD => 0x10000; # Password does not expire use constant ADS_CUSTOM_ACCOUNT_ENABLED => 0x512; # Account is enabled use constant ADS_RIGHT_DS_CONTROL_ACCESS => 0x100; use constant ADS_ACETYPE_ACCESS_DENIED => 0x1; use constant ADS_ACETYPE_ACCESS_ALLOWED_OBJECT => 0x5; use constant ADS_ACETYPE_ACCESS_DENIED_OBJECT => 0x6; use constant ADS_ACEFLAG_OBJECT_TYPE_PRESENT => 0x1; my $ADP_USER_OU = "ou=Container, " . ADP_PARENT_OU; my $adp_domain = 'DOMAIN'; print LOG "Adding $adp_acct...\n"; my $objDomain = Win32::OLE->GetObject("LDAP://$ADP_USER_OU;); my $objUser = $objDomain->Create('user', 'cn=' . $adp_acct); $objUser->Put('sAMAccountName', "$adp_acct"); $objUser->Put('userPrincipalName', "$adp_acct\@" . ADP_DOMAIN); $objUser->Put('userAccountControl', ADS_UF_DONT_EXPIRE_PASSWD); $objUser->SetInfo; my %current_acl; mkdir $adp_homedirectory; my $acl_admin = MakeMask(qw(GENERIC_ALL FULL)); my $acl_user = MakeMask(qw(CHANGE GENERIC_WRITE GENERIC_READ GENERIC_EXECUTE)); $current_acl{Administrator} = $acl_admin; $current_acl{$adp_acct} = $acl_user; delete $current_acl{Everyone}; Set($adp_homedirectory, \%current_acl); my $objGroup = Win32::OLE->GetObject('LDAP://' . ADP_GROUP_OU); $objGroup->Add("LDAP://cn, " . $ADP_USER_OU); my $objACESelf = Win32::OLE->new('AccessControlEntry'); my $objACEEveryone = Win32::OLE->new('AccessControlEntry'); $objACESelf->{Trustee} = 'NT AUTHORITY\SELF'; $objACEEveryone->{Trustee} = 'EVERYONE'; $objACESelf->{AceFlags} = 0; $objACESelf->{AceType} = ADS_ACETYPE_ACCESS_DENIED_OBJECT; $objACESelf->{Flags} = ADS_ACEFLAG_OBJECT_TYPE_PRESENT; $objACESelf->{ObjectType} = CHANGE_PASSWORD_GUID; $objACESelf->{AccessMask} = ADS_RIGHT_DS_CONTROL_ACCESS; $objACEEveryone->{AceFlags} = 0; $objACEEveryone->{AceType} = ADS_ACETYPE_ACCESS_DENIED_OBJECT; $objACEEveryone->{Flags} = ADS_ACEFLAG_OBJECT_TYPE_PRESENT; $objACEEveryone->{ObjectType} = CHANGE_PASSWORD_GUID; $objACEEveryone->{AccessMask} = ADS_RIGHT_DS_CONTROL_ACCESS; my $objACEUser = Win32::OLE->GetObject("LDAP://cn, $ADP_USER_OU"); my $objSecDescriptor = $objACEUser->Get('ntSecurityDescriptor'); my $objDACL = $objSecDescriptor->DiscretionaryAcl; $objDACL->AddAce($objACESelf); $objDACL->AddAce($objACEEveryone); $objUser->Put('ntSecurityDescriptor', [$objSecDescriptor]); $objUser->SetInfo; */
-
Adding Content (Part 2) Using the same Photoshop document, you can preserve the style of this new feature area by applying some Blending Options to a small rectangular image. I've used a cropped image measuring 75px width by 75px height in size. Apply an Inner Glow using a Normal Blend Mode. Set the Inner Glow's opacity to 100% and the color to solid white (#FFFFFF). Set the Technique element to Precise and leave the Source as Edge. The size should match the number of pixels contracted used in the original Container selection (in this example, 2px). Applying this Inner Glow will create for us an inner white border about 2px thick. We also want to apply a Stroke of 1px positioned on the Outside using a slightly darker shade of gray than what we used for the Container's Stroke border (e.g. #CCCCCC). Hit OK to apply changes made to the image. Add some text and formatting. You could also divide the feature area with two horizontal lines one on top of the other using the same color scheme of grays to match the Container's border. You can also create bullets to match your styles or color scheme by using the Elliptical Marquee Tool (M) and filling a small bullet with the same color as one of your header titles. Apply to each bullet (or a single one to duplicate) a solid White Inner Shadow with a Normal Blend Mode at 100% opacity. You can fine tune the bullet's style by adjusting the Distance and Size values (I've used 2px for each, leaving the Choke set to 25%). Experiment with different fonts, colors and of course Layer styles to enhance the overall appearance of your new feature area. Drop this little widget on an HTML page and you're set to go!
-
Production Environment: Debian Stable or firewalled Windows platform Server: Apache HTTP Server + mod_ssl Database Management: MySQL Database Server with phpMyAdmin Scripting Language: PHP + MySQL support (XHTML 1.0 Strict DOCTYPE) Editor: Notepad++ / Quanta plus Image Manipulation: Adobe Photoshop 7.0 (even works with Win32 application layer under Linux - e.g. WINE) or GNU Image Manipulation (GIMP) Platforms: Mozilla Firefox, Microsoft Internet Explorer 6.x - 7.x, Opera and Lynx Network: Router firewall with port forwarding FTP: PureFTPd or Filezilla FTP Server for Win32 platforms Remote Administration: SSH or OpenSSH for Win32 platforms Monitoring: Snort IDS with ACID or other OSS IDS for tracking web exploits targeting poorly designed PHP code. Apache HTTP Server Testing: M****ploit *****work Website Validation Tools: W3C and Website Optimization Analyzer (see Google)
-
A Better Container Corner Shadow (Part 1a) The Brush Tool method for creating a shadow underlying the Container Layer might take a few tries. The method I'm about to illustrate here is a bit more uniform and will replace the "peel" effect layer completely (hence, we'll need to start out by deleting that layer and creating a New Layer in its place underneath the Container Layer). CTL+Click the Container Layer to make an active selection with it. Click on the Rectangular Marquee Tool (M) and tap the down and right arrow keys both four (4) times. This will nudge the active selection 4px down and 4px right. On the new "peel" effect layer that was previously the shadow we created using the Brush Tool, create a Radial Gradient using the same gradient settings as before. Or you may use Black and set the layer's transparency to 50%. Rename this layer to Corner Shadow for future reference if we need to make changes to it.
-
The default behavior for creating Altiris boot disks requires the network administrator to be physically located near the deployment server to pop in a floppy disk and right-click to create. However, if the deployment server is running terminal services and you have sufficient rights to access the Deployment Service, the Boot Disk Creator allows you to copy the actual files that are written to the disk during boot disk creation.First, make sure your target location can be browsed as a Windows folder. You might even set up a local writable NTFS share. Within Altiris Deployment Server, launch the Boot Disk Creator and set up a New Configuration or select an existing configuration. From the list of Altiris boot disk Configurations available, expand the configuration you wish to create a new bootable floppy disk from. Connect to your local NTFS share using its UNC path (e.g. \\your_computer_name\path\to\share) and type in your network credentials if necessary. Once you have the Boot Disk Configuration and local NTFS share folder windows side by side, simply right click each file and folder under the selected configuration, copying and pasting into your NTFS share and disconnect.Back on your local workstation, pull up your NTFS share (be sure to turn off sharing on this folder since you're done copying files to it now) and insert a blank floppy disk. In My Computer, format the floppy disk by Creating an MS-DOS startup disk. This will write the systems files to disk necessary to boot from. Once the format has completed, copy the configuration files from your local NTFS share onto the floppy disk.This disk may be used to create or deploy system images by typing the "rdeploy" command at the prompt. You may need to type in the appropriate username/password to connect back to your Deployment Server with a UNC path while booting from this floppy disk. If you run into any connectivity issues, list the directory contents of the floppy disk and type any files to read scripts such as AUTOEXEC.BAT or STARTNET.BAT. You can make changes to the floppy disk and/or its bootable scripts from the local workstation you originally created the boot disk from. Also, don't forget to make additional copies of the disk to deploy multiple workstation images at the same time...Enjoy!
-
How To Bypass Websense? other than using proxy...
Mr. Matt replied to Waleed Dar's topic in Computer Networks
Websense (depending on the license your school district has purchased) is an enterprise level Internet filtration system. In most scenarios, it's deployed district-wide, not just at one particular school, or so it is in our case. I would highly advise against abusing your school or school district's Acceptable Use Policy (AUP) as your Internet activities are still being logged and reported whether or not you're being filtered. Staff and faculty computers are also being logged, even though they may not carry any Internet restrictions.As I mentioned, Websense is deployed district-wide for schools. The way this is made possible is by routing all network traffic through their Websense service and whatever other firewalls and security systems might be in place. You'll have a very difficult time explaining to professionally trained (and sometimes unprofessionally trained) IT personnel and your principal if they find themselves with nothing else better to do than to look through the logs and see who's been where. Additionally, other deployment solutions such as Altiris (another remote administration software we deploy) help to enable a system or network administrator in tracking one or more user's activities across multiple computers and physical locations (e.g. the same student using the same proxy sites in the Library, Computer Lab, Lounge, etc to access the same filtered sites of the same nature).After that, there's very little to prevent them from pulling up your name in a student database software, (e.g. Schoolmaster) along with your mommy and daddy's contact information, giving daddy a call at work to tell of Jr.'s unacceptable behavior. Little Jr. then comes home after a weary day of doing victory dances for all the little network filtration circumventions he's done in the past couple of hours to find a thick, long leather belt in his daddy's hands ready to receive his due reward at the end of the day. Oh, and probably a side of crackers and salt water for dinner.Personal recommendation from experience? As an IT employee, I'd really encourage you not to do what you're doing. Believe me, I've been there as a high schooler and now work for the school district that I tried to get around for months on end. Generally speaking, if an enterprise level network management or filtration software like Websense is put in place, your district's invested a good chunk of money to license it for every workstation in your district - it would be highly unlikely they wouldn't make it worth their while by having already considered and integrated multiple ways of seeing who's getting around their costly software.Hope that makes some Web-sense ;-) -
Web design is a highly competitive profession when you have thousands, if not, millions of other professional web designs to rank up with. This small tutorial will attempt to draw out the simplicity of designing web components for a specific page. We will be creating a simple feature area box that conveys a clean, but professional impression. It is assumed that Adobe Photoshop 7.0 is the image manipulation software being used and that the user understands the basic functions and menu navigation of this application. [Creating The Container] Start out by creating a new 500px by 250px document using 72 pixels/inch in RGB Color mode whose Contents are set to White. If you wish, give it a title. This will start you off with a blank document using a white background. From here, use the Rounded Rectangle Tool (U) with a Radius of anywhere from 5 to 7 and draw a rectangle on your blank document. The default foreground and background colors ought to be white and black respectively; for now, you will want the color of your rounded corner rectangle to be solid white. Once you've drawn the rectangle, right-click on the rectangle's layer in the Layers panel and Rasterize the layer. Rename this Layer to Container Double-click the layer (or right-click and select Blending Options). [Applying Container Styles] Apply a Stroke to the selected Layer that is 1px in size and set the color to #EEEEEE or #CCCCCC (depending on how much you wish to keep the border visible). Click OK to apply the Stroke. Back over in the Layer panel, press and hold CTL on your keyboard while clicking on the layer's preview icon to make a selection using the Layer's shape. You should see dotted lines on your document indicating that the selected Layer has now been made an active selection. Under the Select menu, expand the Modify sub-menu and select Contract. Contract by 2px and hit OK to apply the new active selection 2px smaller than the original selection. Over in Tools, click the Gradient Tool (G), set the gradient type to Linear Gradient, the Foreground color to what you specified earlier as the Stroke color (your current border) and set the Background color to White. Fill the currently active selection with a vertical gradient starting from the top to about 30% down the selection. Pressing and holding the shift key while applying while help guide your linear gradient. Do not deselect the currently active selection just yet as the following steps can be done while the Container layer (-2px contracted size) is still selected. Create a New Layer on top of the Container layer, setting its Blending mode to Multiply. Specify a Radial Gradient using the same Foreground and Background settings. Create a Radial Gradient in the bottom right-hand corner of the currently active selection on the New Layer. Once this is done, you can press CTL + D to deselect the active Container selection. Rename this New Layer to Corner. If you set the Stroke Layer to #CCCCCC or a darker shade of gray, you may find that the border on Container is a little darker than you need. You can go back into its Blending Options and specify #EEEEEE as the new Stroke color on the Container layer to balance the contrast better. Create a New Layer under the Container Layer and use the Brush tool of about 3 - 4px with the Foreground set to a shade of dark gray (or black) from #000000 to #555555. Zoom into the bottom right-hand corner of the Container Layer and carefully brush a shadow underneath the bottom right-hand corner. This will help to create a "peel" effect. Zoom back out to the document's Actual Size to see the overall effect. Here you've created a nice-looking container on top of which you can add text, images or other feature related content. This will be added as a subsequent post as Part 2 as we explain how to keep your feature area looking clean and professional.
-
Where I work, we're having some bandwidth problems with so many clients needing to run Microsoft Updates. I've recently been playing around with some pentest tools targeting a series of testbed platforms running the same software deployed within our network. A lot of this kind of testing presents very alarming results and really brings out the significance behind keeping your Windows system up to date as frequently as possible.However, this is a little cumbersome when you have hundreds of Windows workstations wanting to update and connect to Microsoft Updates all at the same time. To my surprise, Microsoft offers their Virtual Server software free for download along with some Virtual Hard Drive images for (what I've tested), Windows Server 2003 and Windows Server 2008 Core (a.k.a. Longhorn). Additionally, Windows Server Update Services (WSUS) is completely free and installed, configured and ran properly under the Windows Server 2003 virtual hard drive I downloaded.WSUS, however, required a number of dependencies to be installed before working properly. The virtual hard drive images are the completed installations so I had to look for the original installation files. These can be found in the local root of the drive within the virtualized system under WindowsInstallationFiles in the I386 folder. This is where I pointed the Windows Components installer to install a required dependency, Internet Information Services (IIS).Microsoft .NET Framework 2.0+ along with ReportViewer (both available from Microsoft's website) must also be installed before setting up WSUS.Once installed and configured, you can proceed to configure client workstations to now use the WSUS server to download their updates by editing the local group policy on the client workstation and using an intranet server (gpedit.msc: Computer Configuration -> Windows Components -> Windows Updates).The initial synchronization will take a couple hours or so, depending on your pipe. However, you can always schedule subsequent synchronizations to download over the weekend when staff is off work or outside normal business operation hours.