Archive for June, 2013
System Recovery Disc 系统恢复光盘

System Recovery Disc 系统恢复光盘

This article has a brief description on how to create a Windows System Recovery disc.

This article has a brief description on how to create a Windows System Recovery disc (aka 系统恢复光盘).

What is the use of a System Recovery disc?

什么是系统恢复光盘?

The disc contains Windows Recovery tools. It helps to restore the old setup of your computer before it started getting viruses and errors.

  其目的就是为了方便用户在系统遭遇病毒,木马,或者其他原因导致系统不能正常使用了,重新安装,恢复到出厂时的情况,大多都是纯净的

http://windows.microsoft.com/en-us/windows7/create-a-system-repair-disc

1. Click Start and select Control Panel.

2. Click System Maintenance or System Security.

系统恢复光盘

系统恢复光盘

3. Under System and Security, Select Back up and Restore

4.  On the left upper portion , Select Create a system repair disc (System Recovery Disc) and insert a blank CD disc .

5. Browse and choose the drive with the CD drive and Hit Create

系统恢复光盘-2

系统恢复光盘-2

6. Wait for some time to finish creating , label and keep your System Recovery disc for future needs.

Windows Password Recovery: Ophcrack USB
Windows Password Recovery Ophcrack USB

This is a brief article that describes how to reset a password on Vista/Windows 7/Xp with Ophcrack on a USB.

Tools like Ophcrack, PC Login Now and Offline NT Password & Registry Editor (ONTP&RE) make Windows password recovery simple. The best way to unlock or reset your password is the have a Windows recovery disc ready.

1. USB Download.  Download the Universal -Usb- Installer Software:

pendrivelinux – USB

http://www.pendrivelinux.com/usb-ophcrack-windows-login-password-cracker/

2.  Download Ophcrack.  You need to download Ophcrack- Vistalivecd-3.6.0.iso or latest version: Ophcrack- Vistalivecd-x.x.x.iso

ophcrack: http://sourceforge.net/projects/ophcrack/?source=dlp

3.  USB Installer.  From the location that you downloaded the USB Installer, start the Universal-Usb Installer to start to ‘Setup Your Selection Page’

note: The flash drive may need to be formatted. It must be larger than 1gb.

Before the steps, make sure the computer has Winzip software to make the iso visible for the Usb Installer.

3.  Download the Ophcrack ISO.  From the location that you downloaded the USB Installer, start the Universal-Usb Installer to start to ‘Setup Your Selection Page’

 

The Steps of Ophcrack Setup:

Step 1: Scroll down to the bottom and Select ‘Ophcrack Vista/7’ or ‘Try Unlisted Linux ISO’

*note:  if Ophcrack Vista/7 does not work, try Unlisted Linux ISO at the bottom of the list

Step 2: Browse for the downloaded file, Ophcrack -Vistalivecd-3.6.0.iso

note: You may have some issues with the software recognizing the .iso. Make sure you are looking in the right place. Make sure you have unzipped the file. All else fails, try restarting the USB Install software then TYPE the exact location and name of the .iso in the Step 2.

Step 3: Select your Usb flash drive letter and hit Create.

USB ophcrack

The Windows USB Password snapshot

BIOS boot menu password recover

picture of BIOS boot menu password recover

Once the Ophcrack liveCD screen appears, Hit Ophcrack graphic mode- automatically.

 windows-password-recovery-ophcrack-usb

windows-password-recovery-ophcrack-usb

A mini Linux screen will appear, then the Ophcrack box. Select Administrator and hit progress.  Wait for some time until it goes up to  100% Ram.  Once its done, it will show the password.

ophcrack password recovery

ophcrack password recovery

Ophcrack is only effective for a short and simple password unless you get a more robust rainbow table.  You can purchase Ophcrack with a better table you can also find larger tables on sourceforge.

 

 

Windows Password Recovery: ONTPRE

Offline NT Password & Registry Editor (ONTP&RE)

Did you lock yourself out of your Windows system?  Forgot your Windows password?  What is the best Windows password recovery?

The best way is to have a Windows Recovery disc ready.  But this is something you must do BEFORE you get locked out.

reset-password

reset-password

There are tools you can use to get into your system, but the first think you should try is to use “Administrator” as the user with no password.  “Administrator” is a default account on Windows systems.  On Windows 7 it is disabled by default but if someone has used the account you may be able to use it as backdoor into the system.

If their is not Administrator account and no Windows Recovery disc you will have to use a Windows password recovery tool.  ONTP&RE is a password recovery tool that allows quick access to windows systems.

Reset Password : Windows 7

1.  Download ONTP&E: First, download the Windows password recovery software from pogostick.net . pogostick.net/~pnh/ntpasswd/cd110511.zip

2.  Unzip ONTP&E:  Files are compressed into 1 folder named ( cd110511.zip).  Unzip the file.

3.  Create CD with ISO:  Set the cd disc creator into ‘image to  disc’’. Burn the image to the cd.  Each CD burner software is different, so you will have to figure out how to create a CD from the ISO.  Sometimes its as easy as double clicking the ISO but it depends on the type of software.

4.  Reboot & Insert:  Actually, you need to make sure your Windows system is able to boot from the CD.  Once its done , insert the cd back to the CD ROM  and reboot your computer.

5.   Computer Boot from CD:  As your computer reboots, keep hitting F2 to go through the BIOS.  Select “Boot Options”.  Some versions of BIOS call this “Boot”.  But the idea is the same.  Go into the BIOS and make sure CDROM is on the top of the list for boot options.  This means that the computer first looks at the CD before going to the Hard Drive.  Instructions on modifying BIOS settings will be listed on the page.

6.  Boot into ONTRE:  Once the BIOS boot option is set, save and exit.  Your system will boot into your ONTRE disc.  Software will start running. Just follow the steps.  “Press enter” to boot into the “Offline NT Password & Registry Editor” CD.

windows password recovery

screen shot of Offline NT Password & Registry Editor

7.  Select an Account:  It will ask you to select an account.  If you hit “Enter” it will automatically boot into the [Administrator] account.

*note: Anything in [brackets] is the default value, so if you hit “Enter” it will auto-magically choose that [bracket] value.. its a linux thing.. you wouldn’t understand.

If you choose the “Administrator” account, you may need to Enable the account since the built-in Administrator account is  disabled by default in certain versions of Windows.

8.  Enable Built-in Administrator Account:  The Windows account  needs to be enabled.  Select 4  and enter ‘to Unlock and enable user Account’.

windows ontpre menu enable

windows ontpre menu

9.  Clear (blank) User Password:  After selecting 4-Unlock and Enable user account, you will be sent back to the User Edit Menu. If you want to clear the Administrator password (if it has one) then hit enter or type Administrator and Select 1 and “Enter” – to clear the user password.

10.  Save Changes:  Once you have made all the changes you want (enabled the Administrator account & cleared any passwords), you are ready for the next step.  Hit  ‘!’ and enter.

Windows Password save changes

Windows ONTP&RE password save change

On the screen it asks ‘What to do’?  hit q to quit. You will see:

Step FOUR:  Writing back changes

“About to write file(s) back.  Do it ?’’

Hit   Y  and enter to save changes.

11.  Last Step:  Hit “Ctrl-Alt-Del” to reboot and eject the cd quickly.  This will allow the system to boot into Windows on the Hard drive.

You can now login as “Administrator” with NO password.

Once you are in as Administrator you can change passwords of any local accounts in Control Panel | Users.

ISC2 CAP Domain Changes

Got this message today on CAP domain changes.. Not much changed:

On September 1, 2013, (ISC)²® will implement certain domain-related changes for the Certified Authorization Professional (CAP®) credential exam.  These will be the new domains you will need to select when submitting CPE credits for your CAP certification.

These domain changes are being implemented based on the outcome of the Job Task Analysis (JTA) completed in late 2012. The JTA provides the essential foundation for all of (ISC)²’s credential exams. Under general circumstances, changes due to a new JTA study are incremental, so addition or deletion of Domains does not occur normally.

isc2-cap-domain-changes

courtesy of gabfirethemes

Current CAP Domains:

1.      Understand the Security Authorization of Information Systems

2.      Categorize Information Systems

3.      Establish the Security Control Baseline

4.      Apply Security Controls

5.      Assess Security Controls

6.      Authorize Information System

7.      Monitor Security Controls

Effective September 1, 2013 CAP Domains:

1.      Risk Management Framework (RMF)

2.      Categorization of Information Systems

3.      Selection of Security Controls

4.      Security Control Implementation

5.      Security Control Assessment

6.      Information System Authorization

7.      Monitoring of Security Controls

Snowden-Manning Heros?

DISCLAIMER: I have no first hand knowledge of the NSA PRISM program.  This is just my personal opinion of Edward Swowden’s release of classified information and the impacts.

What is PRISM:

PRISM is the code name for the data collection program which was born out of the Protect America Act.

Recently Mr. Edward Snowden released classified information to the international media and fled the U.S.  He was working on the PRISM program and felt that the right thing to do was to tell U.S. citizens about their loss of privacy.

 snowden-manning-heros


snowden-manning-heros

SHH!! Don’t tell anybody this.. but privacy has BEEN gone if you are on Facebook, Google or any other social network.  These organization are storing our private data.  But what do these organizations do with that data?

  • Do they try to protect your data?
  • Do they sometime release it to third parties?
  • Can certain data you store on their system be used against you in a court of law?
  • All of the Above 🙂

Encrypt your data.  That is the only real way to have privacy to a trusted party.   Don’t use FB or Google for stuff you want hidden.

The Need for Some Sort of PRISM:

Spies get a very very bad rap lately.  Analysts are unsung heros.   It that world nothing is what it seems.  The media presents one side of everything.  You have to dig and cross reference to get facts.  Intelligence provides a proactive answer to security.  I am speaking from the perspective of someone who has done security defensively.  There is a need for gathering data within the U.S. infrastructure.  Once data is gathered, it can be correlated to detect patterns of potential threats.

So I think we MUST have something like PRISM (especially in the US) due to the exposure of our assets and the subsequent likelihood of attack. We have a high risk.  And the greatest risk is from INSIDERS (ironically enough PRISM cannot protect itself).

There are three main issues with the programs current setup:

1.  Lack of Oversight & Transparency: There seems to be very little transparency and  oversight that represents US citizens regarding privacy and controlling how far the government can go.  US Senators are led away from what is really going on.

2.  Total Information Awareness:  This system may be too DAMN powerful as far as what it is capable of.  In fact, it seems to be like using GOD Mode 24/7 to gather information.  Snowden mentioned that it can track ANY email.. is this on a whim?  does there need to be some sort of probable cause or “reason to believe” or is this left to the discretion of the guy with his finger on the button.. this leads to the next issue..

3. The Patriot Act II + Protect America Act =  Its too DAMN politically powerful.  This program has the legal backing to do anything with NO checks and balances.

Is SNOWDEN A HERO?

Would I call Snowden/Manning heros/martyrs?  I would not group Snowden with Manning.  The information that Snowden released (so far) is showing a the capability of NSA spying (something that was done by whistle blower William Binney in 2002).  PVT First Class Bradley Manning leaked a lot of war material that risked a lot of people’s lives:

videos of the July 12, 2007 Baghdad airstrike and the 2009 Granai airstrike in Afghanistan; 250,000 United States diplomatic cables; and 500,000 army reports that came to be known as the Iraq War logs and Afghan War logs. It was the largest set of restricted documents ever leaked to the public. — http://en.wikipedia.org/wiki/Bradley_Manning

The problem with this is that it actually endangered the lives of informants, and some people that were on the ground in Afghan/Iraq.  Manning fucked up big time.  Snowden is a hacktivist who will have to spend sometime in prison or in Iceland evading the US government unless the American public rallies to sway the politicians.

Whistleblower Protection:

My hope is that there is due care taken on this issue.  Because there is a real concern regarding the Constitution, Privacy and uncheck powers of the government.  If not, perhaps the next administration will take up the call of the people.  SarbanesOxley Act of 2002 has a Whistleblower Protection Act that would be helpful if such a law could apply to Snowden.  I am not so sure about that.

Transparency & Accountability

I know their needs to be transparency and accountability. But I think its naive to think that we should release all information on all classified data to the world as the Wikileaks crowd believes.  

Why?

Organizations & States have an obligation to maintain Confidentiality of critical data.

That means databases with witness protection programs must be kept Confidential, bank transactions must be protected..

Nations have some serious enemies (ESPECIALLY the US).  The US governments duty is to protect its people from those enemies (foreign or domestic).

Consider this:  Certain information on the physical/logical locations of weapons systems, pattens on lethal biochemicals, information on the capabilities of a nation are very effective tools in the hands of really bad people.

Its naive to think that opening up all classified data is going to set the world free.  I wish humanity was in a kinder, gentler situation.. but the reality is some crazy people want to kill as many people as possible.

Yes!  I agree that governments with unrestricted power can be MUCH more dangerous.  Some transparency with check and balances are necessary.

 

WAR OF INFORMATION

The post modern war conflict is a fight over ideology. Its less about my nation versus your nation and more and more about belief systems.  

RIGHT NOW there is someone with the intent to kill as many people as possible.  With the capability and opportunity they would strike.  There IS an enemy and they are anywhere and everywhere.  You can no longer point at a map and say “All these people are my enemy.”

Now there is an enemy willing to kill you over what you believe, what you represent and what they think you are.  And more than likely, THEY are living in your city.   Who are “THEY”?

Figuring out who THEY are.. is where data mining and correlation comes in.

The threat-source can be from ANY country, race, creed, or religious faction. They are more and more likely to have a citizenship in your country for the sake of having free reign to make the most damage on the most people that represent what they seek to destroy.

Its sounds crazy until a bomb goes off in the middle of a Boston Marathon with the attackers on their way to Time Square.  Luckily, there was surveillance to help deter further killings.

How do we fight against these threats?
Threats can be detected via patterns within information.

Solution:  The government should allow the program manager of the system to explain why its necessary, provide proof of its usefulness.  Limit the use and extent of PRISMs power.

I hope the president will listen to the Internet community on this.  I hope that some political party will hear the cries of thousands of potential constituents then take an intelligent look at the public’s concerns.  Realistically, the American public voted on the reps that backed the laws that created this system.  They accepted it by proxy.  But the shock is from the alleged reach of this program.  Its too bad it took Snowden is risking years away from home and possibly prison for the US to wake up and start talking about something that was leaked years ago.

uninstall avg

The AVG secure search toolbar seems to appear out of nowhere and its annoying.  Its annoying because you probably did not want it.  AVG is a legitimate anti-virus software, but its search/homepage hijack is a bit pushy.  I prefer a search engine without AVG on my Chrome browser.

Luckily, AVG allows you to get rid of it in a few clicks.

uninstall avg

Select “Restore default new tab” in the far right-hand corner.

Uninstall avg search

Uninstall avg search

Upon selecting “Restore default new tab” you will be led to “AVG security toolbar settings”.  Deselect “Show AVG Secure Search Box on new tabs in the browser” then select “OK”.

After that, you will need to close the application and reopen it.