Downloads

“The LastLogonTimeStamp Attribute” – “What it was designed for and how it works” - Ask the Directory Services Team Warren here. In Windows Server 2003 we introduced the lastLogontimeStamp attribute. Administrators can use the lastLogontimeStamp attribute to determine if a user or computer account has recently logged onto the domain. Using this information administrators can then review the accounts identified and determine if they are still needed and take appropriate action. Intended Use It is important to note that the intended purpose of the lastLogontimeStamp attribute to help identify inactive computer and user accounts. If you are looking for more “real-time” logon tracking you will need to query the Security Event log on your DC’s for the desired logon events i.e. 528 –Windows XP\2003 and earlier or 4624 Windows Vista\2008 . IMO your best bet for near real-time data is to use an event log collection service to gather all domain controller security event logs to a centralized database. How it worked in Windows 2000 How it works in Windows Server 2003 and later Requirements 1. 1.

Learning Lotus Notes clients : Configuring the Lotus Notes Client with Gmail Launch the Lotus Notes Client after installing it: Click Next a. a. a. a. a. a Enter your Gmail e-mail address b. Select Use the Default a. Select Accounts: a. Basics tab: a. Advanced Tab: a. Save & Close. a. Basics Tab: a. Advanced Tab: a. a. Basics Tab: a. Servers Tab: a. Ports tab: No changes (ensure TCPIP is checked) Mail Tab: a. Save & Close. a. Restart the client. Tutoriel flash d'un routeur Linksys WRT54GL avec le firmware DD-WRT Flasher un routeur Linksys WRT54G(L) avec le firmware DD-WRT A travers cet exercice, vous allez apprendre à flasher votre point d'accès linksys WRT54G ou WRT54GL avec le firmware alternatif DD-WRT 1/ Vérification de la version du routeur Pour commencer, relevez le numéro de série de votre WRT54G(L). 2/ Téléchargement des firmwares Nous partons sur la base d'un wrt54gl strictement d'origine , et tout juste sorti de sa boite pour cet exemple. -dd-wrt.v23_mini_generic.bin à télécharger ici -dd-wrt.v23_wrt54g.bin à télécharger ici Le premier firmware, le mini, sert au premier flash, lorsqu'on flash le routeur depuis son firmware linksys d'origine. 3/ Le flash Reliez le wrt à votre ordinateur avec un cable réseau rj45. Par défaut, le nom d'utilisateur est vide, et le mot de passe est admin. Rendez vous dans l'onglet administration, et choisissez firmware upgrade: Cliquez sur parcourir, et choisissez l'emplacement du firmware dd-wrt.v23_mini_generic.bin: Rendez vous dans l'onglet administration.

Tutoriel Rogue AP, hotspots en danger: ettercap, dnsspoof et man in the middle sous backtrack Comprendre ce qu'est une Rogue AP et éviter les dangers liés aux hotspots wifi (man in the middle, ettercap, dnsspoof) A travers ce tutoriel, vous allez découvrir à quel point il est aisé de créer un faux point d'accès ressemblant à s'y méprendre à un hotspot wifi. Vous réaliserez ainsi qu'il est extremement dangereux de se connecter à des réseaux wifi mal protégés, qu'il s'agisse de hotspots ou de réseaux utilisant le WEP. 1/ Vidéo de démonstration Cette vidéo aborde le problème sur un ton humoristique, afin de détendre l'atmosphère. Mais les problèmes liés aux rogue ap (point d'accès pourri ou voyou) ne sont pas à prendre à la légère, car le meme type de scénario est possible si, connecté à un hotspot, vous vous rendez sur le site de votre banque, ou si vous allez consulter vos mails. Convaincus? 2/ L'architecture réseau La victime était à la base connectée à un hotspot légitime. 3/ L'attaque, ettercap et dnsspoof -Ettercap Fonctionnement: ettercap -T -M arp:remote /ip-victime/ /ip-routeur/

Configuration d'une interface - routeur Cisco Configuration les interfaces des routeurs Cisco (vitesse, duplex, adresse IP), afficher la conf, activation et désactivation. Affichage des informations concernant les interfaces La commande suivante affiche la configuration courante d'une interface. R1#sho running-config interface fastEthernet 0/1 Building configuration... Current configuration : 98 bytes ! Et voici la commande pour afficher les valeurs des compteurs d'une interface: Plusieurs infos intéressantes: le port est up ou down, l'interface est de type fast ethernet, fonctionne en full duplex avec un débit de 100Mbit/s. Modification de la description, la vitesse et le duplex d'une interface Ajout d'une description R2(config)#int fastEthernet 0/1 R2(config-if)#description vers routeur R2 Paramétrage de la vitesse et du mode duplex d'un port. Paramètre disponible pour une interface fast ethernet 100Mbit/s R2(config-if)#speed ? R2(config-if)#duplex ? Pour fixer la vitesse à 10Mbit/s puis le mode duplex half:

Online IP CIDR / VLSM Supernet Calculator CIDR Calculator The CIDR Calculator enables CIDR network calculations using IP address, subnet mask, mask bits, maximum required IP addresses and maximum required subnets. Results of the CIDR calculation provide the wildcard mask, for use with ACL (Access Control Lists), CIDR network address (CIDR route), network address in CIDR notation and the CIDR address range for the resulting CIDR network. For classful subnets, use the IP Subnet Calculator. CIDR - Classless Inter Domain Routing - was adopted to help ease the load imposed on internet and large network backbone routers by the increasing size of routing tables. Large routing tables have several adverse effects: Routers require more memory in order to store and manipulate their routing tables which increases operation costs. A solution to these problems was found in CIDR. So what is IP Address Aggregation? Our router needs to route traffic for eight seperate networks through the same gateway (ip address 194.1.1.1):

Deleting a Local User Profile - Not as easy as one Might Assume | sepago In many environments it is a common practice to delete user profiles prior to conducting tests in order to start with a clean slate. However, this may prove more difficult than anticipated. Most people think that a local user profile only consists of the directory %USERPROFILE% typically located below C:\Users on Vista and Server 2008 (and newer). But there is more. Windows keeps track of the local profile incarnations in the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. For each locally stored profile a subkey is created whose name is set to the profile owner’s SID. How Not to Delete a Profile Now, what happens if you simply delete the user profile directory below C:\Users without modifying the registry? The Right Way If you need to delete a profile, use one of these methods: What if I Already Deleted a Profile the "Wrong" Way? Whatever the reason, once you got a temporary profile the SID.bak key lingers in the registry. References

Run Active Directory Management Tools as Another User by Daniel Petri - January 8, 2009 How can I run Active Directory management tools as another user (one with administrative privileges)? As a security best practice, it is recommended that you do not log on to your computer with administrative credentials. Running your computer as a member of the Administrators group makes the system vulnerable to Trojan horses attacks and other security risks. It is recommended that you use a regular, non-administrative user account to perform routine tasks, including running programs and visiting Internet sites. RUNAS allows you to accomplish administrative tasks without exposing your computer or data stored in Active Directory to unnecessary risk. However, using the RUNAS command can turn out as a real bugger when you need to perform regular administrative operations such as adding a new user, resetting someone's password, stopping or starting a system service and so on. In Windows 2000 we welcomed the new addition - the RUNAS command. Click Finish.