• Resetting Windows Administrator and the Linux Root passwords with Pictures!!

    Resetting the Windows administrator’s password or Linux root account password is a common troubleshooting practice when faced with systems infected with mailware, data corruption, and system recoveries. This article does not prompt malicious use, but instead stress the point that an account password does not protect your data.
    In principle, passwords are stored locally, anything stored locally can be obtained and modified by slaving that physical data. For example, a hard drive can be removed, added to a different computer already running it’s own OS. That drive will now show up as a slave drive and the contents easily accessible. The following tutorial does not use any third party tools, and only relies on the initial media used to install the OS.

     

     

    [Read More…]

  • Creating a Public DNS Server and advertising an Authoritative Domain

    Hi All, so you’ve probably heard of goDaddy.com to register DNS names publicly. However have you ever done a dig or nslookup on your registered name? It probably returns the name you queryied and the IP address just as you expected, however this is because dig is by default recusive. This means that it will ask it’s known DNS server if it knows the DNS resolution for your query, if not, forward it on and on and on until it is found through the DNS hiearchy or it times out. See the diagram below.

    DNS Hierarchy

    DNS Heiarchy

    Let’s walk through this.

    • TLD (Top-Level Domains) — These are the highest level on the DNS hierarchy. You can find a list here.
    • SLD (Secondary Level Domains) — These are they domain names you are most familary with, like google.com, slashdot.org, thejimmahknows.com. Notice each of there suffix’s
    • Sub Domains — Logically grouped resources, such as mail.google.com and linux.slashdot.org. Can have multiple prefix subdomains (i.e. a.b.c.d.google.com)
    • Resource Records — There are several different types. The most common are A reocrds, MX records, and CNAME records.

    [Read More…]

  • BIGIP F5 iRule — Block URI for external Client’s only

    So, I had a cool question asked to me today regarding an F5 VIP used by a web application.
    “Can we block a certain URI from external client’s but allow internal client’s to visit it?”

    Of course there is!! Now there are probably a billion different ways to do this, but this is what I came up with. First the condition, we want only 10.0.0.0/8 hosts to be able to access this restricted URI. Anyone else should be dropped. I say dropped and not denied, because that way if a user tries to navigate to the URI that shouldn’t it just timesout, and doesn’t give them any more information then they need. Second, I want to log blocks, so I can see it working and get an idea of how many times it gets hit. Lastly we need to know the Virtual server to apply the iRule to.

    Here is the finished iRule, hope it helps!

    when RULE_INIT {
    	set static::drop_notallowed 0
    
    }
    
    when CLIENT_ACCEPTED {
    	if {not [IP::addr [IP::client_addr] equals 10.0.0.0/8]} {
                    log local0. "[IP::client_addr] does not match 10.0.0.0/8 AND access URI = /restricted-URI/"
    		set static::drop_notallowed 1
    	}
    }
    
    when HTTP_REQUEST {
    	if { [string tolower [HTTP::uri]] starts_with "/restricted-URI" }{
    		if {$static::drop_notallowed==1}{
    			drop
    		}
    	}
    
    }

     

    [Read More…]

↓