Comments for Cupfighter.net

Comment on The ABAP Underverse – Risky ABAP to Kernel communication and ABAP-tunneled buffer overflows – By Andreas Wiegenstein by Peder Rice

Peder Rice — Wed, 25 Jan 2012 15:13:39 +0000

I think the key here is that, if running custom code, you have to be able to trust it and/or the people developing the code. From what I’m gathering here, it’s not as if C_MOD_TABLE is remote enabled.

Comment on vSphere 4.0 bug on HA with dvSwitches by MartinSvec

MartinSvec — Tue, 27 Dec 2011 12:32:44 +0000

@Brian Hi, I can confirm that vSphere 5 has this issue too. I hit this bug today while I was stressing our cluster by repeated vMotions of all VMs between randomly chosen hosts. I'm not convinced it is related to HA as in vSphere 4.0 because according to the logs there was no HA restart of the affected VM. I'll try to reproduce it.

Comment on vSphere 4.0 bug on HA with dvSwitches by Brian

Brian — Wed, 30 Nov 2011 18:05:06 +0000

@Peter Peter I'm having the same issue on vSphere 5. This is used with View and is causing issues when View is provisioning new desktops. After it clones the NIC is not connected, therefore my desktops don't properly provision. I can fix the issue also by manually changing the port group then changing it back and connecting.

Comment on vSphere 4.0 bug on HA with dvSwitches by Peter

Peter — Tue, 29 Nov 2011 20:36:41 +0000

A year later…..I have vSphere 5.0 since three weeks and experiencing exactly the same problem with the device ’0′ issue. C’mon VMware this needs to be fixed else it is no longer adviced to run vCenter in a VM when using dvSwitches. highly inconvenient.

Comment on Cloud security considerations by Scott

Scott — Tue, 08 Nov 2011 13:27:10 +0000

Wait till your cloud based storage provider suffers RAID failure because no-body could be bothered to check the state of the RAID array disk storage for the last three years and when you find you can not recover your documents, then you may be singing to my tune.

Comment on Cloud security considerations by Scott

Scott — Tue, 08 Nov 2011 13:21:23 +0000

Cloud computing is not a treat to our business model.. Don’t you mean not a threat to our Business Model… Actually I would beg to differ, cloud computing is nothing new, people have had their own private cloud networks for a very long time, OpenVPN and other so called Darknets provide an excellent example, it all depends on how much information your prepared to share about your business model with your competitor, if your busy hosting all your documents on another providers cloud based storage then what prey tell prevents that same cloud provider from reading your documents at their leisure.

I for one have no interest in sharing everything about my business model with a third party provider, especially ones that have a history of failure to deliver. As an example I used to use Nortons Anti-Virus but when that product failed me miserably and left my computer network vulnerable to attack I then decided to move to a totally different solution. So would I buy and use the Symantec Cloud Based security service. No I would not, because once I find your product fails in one department or area to which I have assigned it some measure of control I have no desire to watch it perform a repeat performance of failure with even more dire consequences.

Comment on Does XKCD or Jason Kendall get “it”? by Justin Elze

Justin Elze — Mon, 24 Oct 2011 23:20:55 +0000

Part of the concept is helping users memorize passwords with out storing them on sticky notes, notepad files, etc

A lot of technologies employ password salting anyways which throws rainbow tables out the window.

Comment on IVIL : An XML schema to exchange vulnerability information by Vasant Rao

Vasant Rao — Mon, 24 Oct 2011 21:18:22 +0000

I completely agree with the concept, but how different is IVIL from SCAP (specifically OVAL). OVAL language (schema) defines the representation of configuration information of systems for testing; the checks to conduct the analysis of the system for the presence of vulnerabilities, configuration issues, patch states … and reporting the results of the assessment.

While the representation of configuration information and checks (inc vulnerability related plug-ins) may be propreitary to each configuration / vendor, the aim is to standardise the reporting or output of each tool.

Sorry I might have missed something about IVIL, so would be really interested in knowing why IVIL not SCAP ?

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Chris

Chris — Fri, 21 Oct 2011 12:30:44 +0000

I am playing around with a dev box with this admin template. I’ve added additional settings to it — Just follow the format in the file and you can add whatever you want. Use google to figure out what help definition to use. When I force a GP update and look at the registry all the settings are REG_SZ types. What I am tring to figure out if REG_SZ and DWORD mean the same thing. I am going to add NUMERIC after VALUEON/OFF to make the settings DWODs. Here is a link I found explaning how to create an Admin Template:
http://www.frickelsoft.net/blog/downloads/howto_admTemplates.pdf

Here is what Microsoft says the types need to be for Server 2008:
http://technet.microsoft.com/en-us/library/dd349797(WS.10).aspx

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Wayne Buhrman

Wayne Buhrman — Wed, 19 Oct 2011 18:40:47 +0000

Administrative template is gone. Can someone provide an updated link?

Comment on Get rid of Event ID 5156: The Windows Filtering Platform has allowed a connection by Emil

Emil — Thu, 29 Sep 2011 14:00:03 +0000

I created a new GPO and set this event “Windows Filtering Platform Connection” to NO AUDITING. I linkes the GPO to my Servers OU but my servers are still logging the event when i look on the Event Log. It shows me the Success/Failure for this audit. If I cannot disable the logging of this event using GPO, do I have to run the auditpol.exe command to each server to disable logging?

Comment on Does XKCD or Jason Kendall get “it”? by Frank Breedijk

Frank Breedijk — Thu, 01 Sep 2011 13:23:12 +0000

The fact that complex passwords are in the rainbow table and weaker passwords are not underlines that, when faced with rainbow tables, complexity doesn’t matter.

Yes, XP LM hashes are weak, and therefore rainbow tables for more complex passwords are bigger, less complete and more expensive.

However a SHA1 hash of a complex password or a weak password stand equal chance when attacked by rainbow tables.

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Stephanie

Stephanie — Tue, 30 Aug 2011 18:53:30 +0000

I want to deploy a classic administrative template (.adm) to many other computers, so I’m looking for an automated way to do it. Does anyone know of a command to add a template programmatically? I know I could use batch commands to add the corresponding registry entries, but I really don’t want to mess with the registry.
Or as an alternative, does anyone know where these settings are stored (besides in the registry), and maybe I could push those files into the appropriate location on the target systems?

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Serhat Sine

Serhat Sine — Fri, 26 Aug 2011 23:53:13 +0000

“Administrative template” link is broken.

Comment on Does XKCD or Jason Kendall get “it”? by sdaf

sdaf — Fri, 19 Aug 2011 08:13:18 +0000

XP LM hashes are always only 7 characters strong (longer passwords get split up). Therefore these results. NTLM hashes used by windows vista and 7 are much stronger and the website given by you does not even crack “hello”.

Comment on Resizing the outlook reminder window? by Frank Breedijk

Frank Breedijk — Fri, 12 Aug 2011 07:38:15 +0000

It seems you would have to wait for the accident to happen and then reverse engineer the value of the registry key. I didn’t do this as I just wanted it to be it’s regular size again.

Comment on Resizing the outlook reminder window? by John

John — Thu, 11 Aug 2011 21:14:55 +0000

Is it possible to resize the Outlook reminder box? How do I go about it.

Comment on Get rid of Event ID 5156: The Windows Filtering Platform has allowed a connection by Quip

Quip — Fri, 22 Jul 2011 22:23:02 +0000

They have added this subcategory logging control (enable/disable) into Group Policy processing for Windows 7 and 2008.

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Manuel

Manuel — Mon, 20 Jun 2011 08:03:06 +0000

@Frank Breedijk When i import the .adm template in Windows Server 2003 R2 SP2 Group Policy Editor there are NO! items in the new Displayed folder. When i import the .adm template in Windows Server 2008 R2 Group Policy Editor there are some items, but the MSS: (AFD [...]) Settings are still not there.

Comment on The mistery of the missing ‘MSS:’ setting on Windows 2008 by Frank Breedijk

Frank Breedijk — Wed, 15 Jun 2011 14:32:23 +0000

After you load the .adm template, you should see that there is a new section in the ‘Classic Administrative Template’ categroy on the left side of the screen. The settings will appear here instead of the normal location.