How to Crack a Wi-Fi Network’s WEP Password with BackTrack

July 2nd, 2009

Lifehacker has a great articale on how to crack a Wi-Fi Network’s WEP Password with BackTrack.  So head on over there and take a look:

http://lifehacker.com/5305094/how-to-crack-a-wi+fi-networks-wep-password-with-backtrack

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

Shutdown and Restarting Windows via Command line

June 18th, 2009

Start -> Run:

Shutdown

The options available for shutdown are:

No arguments : Display this message (same as -?)
-i : Display GUI interface, must be the first option
-l : Log off (cannot be used with -m option)
-s : Shutdown the computer
-r : Shutdown and restart the computer
-a : Abort a system shutdown
-m \\computername : Remote computer to shutdown/restart/abort
-t xx : Set timeout for shutdown to xx seconds
-c “comment” : Shutdown comment (maximum of 127 characters)
-f : Forces running applications to close without warning
-d [u][p]:xx:yy : The reason code for the shutdown

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

Java default keystore password

May 21st, 2009

The default password for the Java default keystore file $JAVA_HOME/lib/security/cacerts is ‘changeit’

VN:F [1.1.7_509]
Rating: 7.5/10 (2 votes cast)

How to define mime types on my Windows/IIS based site

May 15th, 2009

You can use a web.config file with the following:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<configuration>
    <system.webServer>
        <staticContent>
            <mimeMap fileExtension=".EXTENSION" mimeType="MIME/TYPE" />
     </staticContent>
    </system.webServer>
</configuration>
 
Example:
<configuration>
    <system.webServer>
        <staticContent>
            <mimeMap fileExtension=".test" mimeType="text/html" />
     </staticContent>
    </system.webServer>
</configuration>
VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

How do I force SSL on a PHP site

May 15th, 2009

Below are two samples of what you can use in a .htaccess to force SSL on your PHP4 or PHP5 site:

#Force SSL on entire site
RewriteEngine On
RewriteBase /
RewriteCond %{ENV:HTTPS} !on [NC]
RewriteRule ^(.*)$ https://(YOURDOMAIN)/$1 [R,L]

#Force SSL on a specific directory
RewriteEngine On
RewriteBase /
RewriteCond %{ENV:HTTPS} !on [NC]
RewriteRule ^(.*)$ https://(YOURDOMAIN)/DIRNAMEHERE/ [R,L]

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

How to disable PUT, DELETE & TRACE HTTP requests on my Application Server, Apache Tomcat 6.0.

May 14th, 2009

Inside your WEBINF, add you can add a security constraint:

1
2
3
4
5
6
7
8
9
10
11
12
<security-constraint>
     <web-resource-collection>
          <web-resource-name>Forbidden</web-resource-name>
          <url-pattern>/*</url-pattern>
          <http-method>PUT</http-method>
          <http-method>DELETE</http-method>
          <http-method>TRACE</http-method>
     </web-resource-collection>
     <auth-constraint>
          <role-name>empty_role</role-name>
     </auth-constraint>
</security-constraint>

Alternatively, you can do these two things:

In server.xml, edit the element, add an attribute: allowTrace=”false”. Then edit the DefaultServlet: $CATALINA_HOME/conf/web.xml

1
2
3
4
5
6
7
8
9
10
11
     <servlet>
        <servlet-name>default</servlet-name>
        <servlet-class>
          org.apache.catalina.servlets.DefaultServlet
        </servlet-class>
 
        <init-param>
            <param-name>readonly</param-name>
            <param-value>true</param-value>
        </init-param>
    </servlet>
VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

Directory of Blog & RSS Directories & Search Engines

May 1st, 2009
URL/Domain
Google
PageRank

Alexa
Ranking

Ranking.com
Rating
2rss.com 7 18,685 67,621
5starblogs.com 5 160,305 550,345
blogarama.com 0 34,287 77,138
blogazoo.com 6 141,735 n/a
blogbib.com 4 243,769 406,154
blogbunch.com 3 711,917 169,951
blogcatalog.com 6 21,578 91,199
blogdir.com 6 185,366 n/a
blog-directory-submit.com 2 462,780 n/a
blogexplosion.com 4 5,170 35,499
blogfuse.com/directory 4 107,304 692,128
bloggerfind.com 5 972,793 692,141
bloggeries.com 5 99,321 557,172
bloggernity.com 7 34,821 66,114
bloghop.com 7 45,354 147,506
bloghub.com 7 50,295 169,709
blogion.com 4 388,039 n/a
blogmighty.com 0 448,537 n/a
blogoriffic.com 6 427,291 323,790
blogpulse.com 7 11,001 53,155
blogrankings.com 7 37,724 126,132
blogsbywomen.org 6 489,033 n/a
blogscholar.com 6 1,334,073 692,216
blog-search.com 2 52,039 114,028
blogsearchengine.com 7 22,692 85,872
blogsforsmallbusiness.com 5 377,071 692,219
blogsoldiers.com 5 72,198 n/a
blogstreet.com 7 34,390 84,399
blogsweet.com 6 199,329 292,635
blogtagstic.com 5 426,353 331,046
blogtree.com 6 121,466 79,401
bloguniverse.com 7 60,849 177,110
blogwise.com 8 20,338 66,969
bloogz.com 6 48,705 68,219
blurtit.com 6 112,685 557,307
bulkfeeds.net 6 38,565 287,623
bulletize.com 5 282,830 178,841
chordata.geckotribe.com/ 4 13,329 214,050
completerss.com 6 58,378 97,088
contentsmatter.com 1 279,436 297,478
deskfeeds.com 5 105996 204,148
dir.blogflux.com 7 8,647 32,662
dir.nooked.com 5 79,852 321,189
everyfeed.com 5 122174 206,873
feed24.com 6 142377 131,982
feedbomb.com 5 109459 180,527
feedcat.net 2 182608 320,135
feed-directory.com 4 147409 332,225
feedmap.net/blogmap 4 90806 202,250
feedminer.com 6 144414 320,136
feedpark.com 5 169,302 746,284
feedpub.com 4 89,580 471,217
feeds2read.net 4 158,475 185,902
feeds4all.nl 6 56736 54,382
feedsfarm.com 6 13,023 8,875
feedshot.com 3 275,361 126,283
feedster.com 8 6,410 30,202
findingblog.com 6 166,650 262019
findory.com/blogs/ 6 14,133 103,694
findrss.net 0 402230 216,616
flookie.net 5 439,357 339,499
fybersearch.com 6 29,663 40,874
getblogs.com 7 111,586 235,906
globeofblogs.com 6 21,408 34,487
icerocket.com 7 3,704 36,962
industry-blogs.com 6 763,736 n/a
jordomedia.com 5 51,364 98,569
kmax.ws/bloglinks.htm 0 245,470 340,565
lsblogs.com 7 44,358 419,539
news-feeds.org 0 767,264 526,422
newsisfree.com 8 12,666 44,148
newsknowledge.com 6 163,367 217,366
newsxs.com 4 176,131 236,246
newzfire.com 4 355,314 321,166
plazoo.com 6 43,281 46,180
portal.eatonweb.com 7 22,739 24,047
readablog.com 3 125,674 60,024
redtram.com 6 2,753 9,687
rssfeeds.com 6 61,179 180,263
rss-feeds-directory.com 5 250,694 869,092
rss-locator.com 0 124,414 78,426
rssmad.com 6 84,148 144,826
rss-network.com 6 33,521 70,858
scienceport.org 6 424,051 n/a
shas3.com 6 76,496 96,544
syndic8.com 6 8,583 48,125
theblogresource.com 3 352,115 901,070
thehouseofblogs.com/en/ 2 194,773 902,143
thevital.net 3 847,168 228,757
yourwebloghere.com 6 68,577 79,556
VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

Microsoft Server 2003 Loopback Check can break SSO

April 29th, 2009

Microsoft’s SP1 for Windows Server 2003 can break SSO.  This is because in SP1 Microsoft implemented a loopback check security feature that was designed to prevent reflection attacks on the system.  In short the FQDN, Fully Qualified Domain Name, or custom header will fail when it does not match the local computer name.

The error presents itself as an “HTTP 401.1 Unauthorized: Logon Failed“

Sometimes in the event log you will sometimes see some strange characters on the Logon Process field.

Resolution:

There are two methods to resolve this issue and both involve modifying the registry.
If you are uncomfortable with modifying the registry then follow Microsoft’s registry backup and restore procedure.
http://support.microsoft.com/kb/322756/

Method 1: Specify host names
Note We recommend that you use this method.

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. Right-click MSV1_0, point to New, and then click Multi-String Value.
  4. Type BackConnectionHostNames, and then press ENTER.
  5. Right-click BackConnectionHostNames, and then click Modify.
  6. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  7. Quit Registry Editor, and then restart the IISAdmin service.

Method 2: Disable the loopback check
Follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  3. Right-click Lsa, point to New, and then click DWORD Value.
  4. Type DisableLoopbackCheck, and then press ENTER.
  5. Right-click DisableLoopbackCheck, and then click Modify.
  6. In the Value data box, type 1, and then click OK.
  7. Quit Registry Editor, and then restart your computer.

To resolve the issue you can also change the Website’s FQDN to the Server’s FQDN once they match the system will pass the loopback check.

Further Reading:
You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/kb/896861
Error message when you try to access a server locally by using its FQDN or its CNAME alias after you install Windows Server 2003 Service Pack 1: “Access denied” or “No network provider accepted the given network path”
http://support.microsoft.com/kb/926642/

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

How to find a history of all terminated account in CPanel

April 28th, 2009

Locate the CPanel Access Logs:
/usr/local/cpanel/logs/access_log

and use Grep to locate killacct
grep USERNAME /usr/local/cpanel/logs/access_log | grep –color killacct

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)

Get listed Locally

April 17th, 2009

Any business that’s interested in acquiring customers within their local area should be using local advertising - no matter in what region or country a business is located. Local search works for book-keeping and accounting services as well as it does for real estate agents, financial planners, pizza restaurants, clothing stores and pet shops. Getting prospects or business from far-flung shores through Internet marketing is a bonus, but you would expect that for a company that focuses on serving their local area, much of their business generated online would also have local origins.

So where should a local business get listed online to get more online exposure to local prospects and customers?

Google Local
http://www.google.com/local/add/splashPage?gl=US&hl=en-US
Yahoo Local
http://listings.local.yahoo.com/csubmit/index.php
Yellow Pages
http://www.yellowPages.com

MSN Local
https://ssl.search.live.com/listings/ListingCenter.aspx

Merchant Circle
http://www.merchantcircle.com/corporate/

Insider Pages
http://www.InsiderPages.com

SwitchBoard - SuperPages.com
http://advertising.superpages.com/spportal/landingpages.do?splash=50&campaignId=swbd_addedit&SRC=switchboard

BooRah - Restraunt Listing
http://www.boorah.com/restaurants/insertRestaurant.jsp

GenieKnows Local
http://www.genieknows.com/business/add

Kudzu
https://register.kudzu.com/packageSelect.do

MacRae’s Blue Book
http://www.macraesbluebook.com/pages/free_lst.cfm

Industry Brains - adHere - Marchex
http://www.industrybrains.com/signupgroup/Auctions.aspx?t=1

MojoPages
http://www.mojopages.com/

OpenList
http://www.openlist.com/update/

Tyloon
http://www.tyloon.com/manager/index.php?process=outside_plan

US Yellow Pages
http://www.usyellowpages.com/admin/Listing.aspx

America’s Best Companies
https://www.americasbestcompanies.com/join/Default.aspx

Yellow
http://www.yellow.com/advertise/

Yellow Assistance
http://yellowassistance.com/frmBusinessUpdate.aspx

YellowBot
http://www.yellowbot.com/

YellowPageCity
http://www.yellowpagecity.com/Misc/ManageListing.asp

Yokel
https://stores.yokel.com/

VN:F [1.1.7_509]
Rating: 0.0/10 (0 votes cast)