lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: prandal at herefordshire.gov.uk (Randal, Phil)
Subject: [inbox] Re: CyberInsecurity: The cost ofMon
	opoly

Steve Wray [mailto:steve.wray@...adise.net.nz] wrote:

> Unix style OS's typically have configuration of important security
> related features, like eg firewalling, in text files.
> Unix style OS's also provide a plethora of tools for manipulating
> text files in scripts.
> I wish I knew how to use cygwin's sed, grep et al to manipulate the
> windows registry...

It's amazing what you can do in Windows with free software and batch
scripts.  The essential tools in my arsenal are sysinternals.com's PSTools
(http://www.sysinternals.com/ntw2k/freeware/pstools.shtml) and Ruud van
Velsen's KiXtart (http://www.kixtart.org).  KiXtart makes scripting registry
changes easy, and with PSExec I can remotely execute KiXtart scripts under
whatever credentials I want.  Pushing out Microsoft's latest RPC patch this
way was easy.  What's not so easy is catching those PCs whose presence on
the network is transient - laptop and dial-in users.  These of course are
the weakest links in the security chain anyway, alas.

Cheers,

Phil

---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ