Archive for July 2008
Google vs. Cuil as a Password cracker
Well, Google is effectively an amazingly powerful data gatherer and indexing tool – check out this article on how Google can be used to check for previously indexed MD5 hashes:
http://www.lightbluetouchpaper.org/2007/11/16/google-as-a-password-cracker/
I thought I’d put Cuil to the test, to see whether they can offer the same “service”….given their bold claims about their number of indexed pages 
Step 1 – think of a password – for the sake of this test I’ll choose the weak password, gringo
Step 2 – hash the password (if you’re lazy, like me, this can be done here)
Step 3 – Google it!
Step 4 – Cuil it!
Stop Piping Cats
I must be having one of those days…..
Reading a page of Unix tips and I got to #10 – Stop Piping Cats, and was struck by an uncontrollable fit of the giggles about the willful abuse of pets…..
http://www-128.ibm.com/developerworks/aix/library/au-badunixhabits.html?ca=lnxw01GoodUnixHabits#ten
Like I said….one of those days….
First DNS Hijacks reported
It looks like following Dan Kaminsky’s exploit being made public the first attacks have been reported on DNS servers:
http://www.techcentral.ie/article.aspx?id=12375
I can’t believe that there are many people out there who haven’t yet patched their DNS servers……but it’s worth checking on the Doxpara site (http://www.doxpara.com/)
…that is, of course unless you’re DNS has been hijacked and you are being sent to a spoofed doxpara site
Still bad news for those running Mac DNS servers as Apple still haven’t released a patch, although apparently the Bind team have stated that the BSD version of the patch can be ported….
Further info here:
Corruption in Roaming Profiles in Windows Vista
It’s common knowledge that Roaming Profiles are a pretty bad idea, but for practicalities sake and ensuring users back up the data on the Desktop, they are sometimes a necessary evil.
Recently for a specific user, the user received the error on their Vista laptop:
“Your user profile was not loaded correctly! You have been logged on with a temporary profile.
Changes you make to this profile will be lost when you log off. Please see the event log for details or contact your administrator.”
When logging onto a different laptop, the profile loaded correctly. which meant the issue was on the users laptop, rather than an issue with the profile.
Task #1 is to back up the data on the profile to a separate location. Particularly any files on the Desktop that you are desperate to preserve. Next, a quick registry edit removing the reference to the roaming profile for the user; find the entry for the corresponding users SID in the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Remove the key for this SID only (you should see the path to the profile within the key to give it away).
On deleting the key, just reboot and it should pull down the profile as usual. In the event of the new profile overwriting the server copy, then simply copy the backup data (you’d be well advised to just copy docs and manually recreate settings such as Exchange profiles).
