Comments for TechScrawl.com http://blog.techscrawl.com TechScrawl is a technology blog focusing on a wide variety of technology related areas including enterprise IT, information security, penetration testing, networking, virtualization, and Windows & Linux administration. Wed, 03 Mar 2010 23:32:25 +0000 http://wordpress.com/ hourly 1 Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Faiz http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-330 Faiz Wed, 03 Mar 2010 23:32:25 +0000 http://clayshek.wordpress.com/?p=175#comment-330 define "permissions to unlock"? because using the LockOutStatus tool or active directory, we are able to unlock those accounts which are still locked, even though reported by the scripted to have been unlocked. define “permissions to unlock”? because using the LockOutStatus tool or active directory, we are able to unlock those accounts which are still locked, even though reported by the scripted to have been unlocked.

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Clay http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-328 Clay Wed, 03 Mar 2010 17:35:22 +0000 http://clayshek.wordpress.com/?p=175#comment-328 Are you using an account with permissions to unlock? There is no error checking in the unlock portion of the script, so for example if you run the script with an account that does not have the unlock account permissions, it will report the accounts as unlocked, even when they aren't. Are you using an account with permissions to unlock? There is no error checking in the unlock portion of the script, so for example if you run the script with an account that does not have the unlock account permissions, it will report the accounts as unlocked, even when they aren’t.

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Faiz http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-327 Faiz Wed, 03 Mar 2010 04:39:32 +0000 http://clayshek.wordpress.com/?p=175#comment-327 i ran the script, but double checking the same accounts that was reported to be unlocked, using the LockOutStatus tool, it still shows the same account as locked. any ideas what's going on? i ran the script, but double checking the same accounts that was reported to be unlocked, using the LockOutStatus tool, it still shows the same account as locked. any ideas what’s going on?

]]> Comment on NTPasswd Password Recovery on Vista/XP by dannydee http://blog.techscrawl.com/2008/09/11/ntpasswd-password-recovery-on-vistaxp/#comment-325 dannydee Sun, 21 Feb 2010 15:25:54 +0000 http://clayshek.wordpress.com/?p=154#comment-325 Once you sort this problem, the best thing to do is set up another user account (with Admin rights) with either a simple to remember or no password. That way you will be able to log-on using that account and reset the password for the account you have forgotten the password for. Or you can goto Microsofts support website and create yourself a password recovery disc at the same time you change the password and you will never have this problem again. http://windows.microsoft.com/en-us/windows-vista/Create-a-password-reset-disk Remember though if you dont have a password recovery disc and you have forgotten the password for the ADMIN account (and that is the only user account) you will probally have to re-install windows Once you sort this problem, the best thing to do is set up another user account (with Admin rights) with either a simple to remember or no password.
That way you will be able to log-on using that account and reset the password for the account you have forgotten the password for.
Or you can goto Microsofts support website and create yourself a password recovery disc at the same time you change the password and you will never have this problem again.

http://windows.microsoft.com/en-us/windows-vista/Create-a-password-reset-disk

Remember though if you dont have a password recovery disc and you have forgotten the password for the ADMIN account (and that is the only user account) you will probally have to re-install windows

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Matthew http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-324 Matthew Tue, 16 Feb 2010 14:28:00 +0000 http://clayshek.wordpress.com/?p=175#comment-324 @Ben/Clay: The script currently only scans the domain of the account that runs it. If you want to run this script against any other domain than the account you're using to run it, it will require modification. @Ben/Clay:

The script currently only scans the domain of the account that runs it.

If you want to run this script against any other domain than the account you’re using to run it, it will require modification.

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Clay http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-322 Clay Thu, 11 Feb 2010 20:54:09 +0000 http://clayshek.wordpress.com/?p=175#comment-322 No, it does not need to be run from a DC, and no, it needs no modification. No, it does not need to be run from a DC, and no, it needs no modification.

]]> Comment on BackTrack 3 Tips by Beni http://blog.techscrawl.com/2008/07/16/backtrack-3-tips/#comment-321 Beni Thu, 11 Feb 2010 20:43:18 +0000 http://clayshek.wordpress.com/?p=22#comment-321 Awsome. Well Done. You'll be helping a lot of people figuring out static addressing on BK3 Awsome. Well Done. You’ll be helping a lot of people figuring out static addressing on BK3

]]> Comment on Enabling DNSSEC on BIND by Tom Dickson http://blog.techscrawl.com/2009/01/13/enabling-dnssec-on-bind/#comment-320 Tom Dickson Thu, 11 Feb 2010 07:51:41 +0000 http://blog.techscrawl.com/?p=539#comment-320 I tried getting this setup, but it wouldn't work. I used dnssec-signzone -N INCREMENT -a -t -g -o example.com example.com.zone and that seemed to work fine, but once I added trusted-keys to my caching resolved, it refused to do anything, insisiting that it was "not insecure resolving". I tried getting this setup, but it wouldn’t work.

I used dnssec-signzone -N INCREMENT -a -t -g -o example.com example.com.zone and that seemed to work fine, but once I added trusted-keys to my caching resolved, it refused to do anything, insisiting that it was “not insecure resolving”.

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Ben http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-318 Ben Tue, 09 Feb 2010 11:54:39 +0000 http://clayshek.wordpress.com/?p=175#comment-318 Hi all, Just a few questions i need answering: Does this script need to be run from the DC? Does the script need altering? eg. domain name needs entering. Thanks Ben Hi all,

Just a few questions i need answering:

Does this script need to be run from the DC?

Does the script need altering? eg. domain name needs entering.

Thanks

Ben

]]> Comment on Enabling DNSSEC on BIND by Alan Clegg http://blog.techscrawl.com/2009/01/13/enabling-dnssec-on-bind/#comment-314 Alan Clegg Sat, 30 Jan 2010 14:00:48 +0000 http://blog.techscrawl.com/?p=539#comment-314 Thanks for the shout-out. :) If you have any questions or comments on the "DNSSEC in 6 minutes", please let me know. Also, be aware that the newly available BIND 9.7 (featuring "DNSSEC for humans") makes DNSSEC much easier to manage (from the authoritative side). The first bits of the root being signed have now hit the world ("dig @l.root-servers.net . ns +dnssec") but are not yet able to be used for validation. Thanks for the shout-out. :) If you have any questions or comments on the “DNSSEC in 6 minutes”, please let me know.

Also, be aware that the newly available BIND 9.7 (featuring “DNSSEC for humans”) makes DNSSEC much easier to manage (from the authoritative side).

The first bits of the root being signed have now hit the world (“dig @l.root-servers.net . ns +dnssec”) but are not yet able to be used for validation.

]]> Comment on Mystery “Free Public WiFi” Access Point by wifi security http://blog.techscrawl.com/2008/10/21/mystery-free-public-wifi-access-point/#comment-313 wifi security Tue, 26 Jan 2010 23:40:45 +0000 http://clayshek.wordpress.com/?p=298#comment-313 just seen this on twitter cheers for the info. just seen this on twitter cheers for the info.

]]> Comment on Server 2008 Domain Rename by John http://blog.techscrawl.com/2008/11/03/server-2008-domain-rename/#comment-312 John Sun, 24 Jan 2010 00:22:08 +0000 http://clayshek.wordpress.com/?p=343#comment-312 Great article. Clear and to the point ! Planning a rename like this. Good to have your step by step. Do you have a similar step by step for an exchange running on the domain being renamed? much appreciated /John Great article. Clear and to the point !

Planning a rename like this. Good to have your step by step.
Do you have a similar step by step for an exchange running on the domain being renamed?

much appreciated
/John

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by Burton Haynes http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-311 Burton Haynes Wed, 20 Jan 2010 05:57:33 +0000 http://clayshek.wordpress.com/?p=175#comment-311 Hell yeah, this post is really what I am looking for. I am really lucky today. Thank you admin! Hell yeah, this post is really what I am looking for. I am really lucky today. Thank you admin!

]]> Comment on AD Account Bulk-Unlock, or: Active Directory Denial of Service Attacks by lucky worlock http://blog.techscrawl.com/2008/09/16/ad-account-bulk-unlock-or-active-directory-denial-of-service-attacks/#comment-309 lucky worlock Mon, 11 Jan 2010 05:58:17 +0000 http://clayshek.wordpress.com/?p=175#comment-309 Thank you very much... it save me a lot.. Thank you very much… it save me a lot..

]]> Comment on Analyzing Windows Crash Dumps in 3 Easy Steps by Daniel Roberts http://blog.techscrawl.com/2008/06/10/analyzing-windows-crash-dumps-in-3-easy-steps/#comment-308 Daniel Roberts Sat, 09 Jan 2010 22:43:31 +0000 http://clayshek.wordpress.com/?p=16#comment-308 Great looking Blog! Found it through Yahoo. Just as an FYI, it didnt display right when I opened it in the Opera Interet Browser. Great looking Blog! Found it through Yahoo. Just as an FYI, it didnt display right when I opened it in the Opera Interet Browser.

]]>