Thursday, 26 May 2011

OS Fingerprint

Ping:
By default,
if TTL <= 128, the os is windows.
if TTL <= 64, the os is lunix.

Active detection
nmap:
nmap -O 192.168.1.1
T1: TCP SYN -> 21
T2: TCP NULL -> 21
T3: TCP SYN|FIN|URG|PSH -> 21
T4: TCP ACK -> 21
T5: TCP SYN -> 23
T6: TCP ACK -> 23
T7: TCP FIN|PSH|URG -> 23
PU: UDP -> 1
T1-T4: TCP OPEN T5-T7:TCP CLOSE PU: UDP CLOSE
According to nmap reply and use the result to compare with the nmap database, the os will be revealed.

Passive detection
p0f: running in a server to monitor incoming/outgoing (TCP/UDP/ICMP) packets, establishing the differential database. p0f will help to know what the source OS is.

Network sniffing
Plain text transfer protocol: TELENT, HTTP, FTP, POP3
Linux tools: Sniffit, Tcpdump, Ettercap, Ethereal.
Windows tools: Cain & Abel, Ethereal.

Automate the installation of Active Directory tools with PowerShell

Import-Module Servermanager
Get-WindowsFeature
Add-WindowsFeature RSAT-DNS-Server -restartAdd-WindowsFeature RSAT-ADDS-Tools -restart
Add-WindowsFeature RSAT-AD-AdminCenter -restart
Add-WindowsFeature RSAT-SNIS -restart

Note: These features require Windows to be restarted, so be advised that Windows may restart without prompting when passing the command to add these features in through PowerShell.

Saturday, 14 May 2011

SQL 2008 database Backup and Restore process

Method:
1.Full
2.Differential
3.Transaction Log
4.File and File group backup

Data critical situation level is high. We could use the backup pattern below:
Sun Mon Tue Web Thu Fri Sat
F D D D D D D
T T T T T T
F: weekly Sunday
D: daily Mon, Tue, Web, Thu, Fri, Sat
T: per office hour

Create a backup device
w/ management studio
Server object -> New backup device -> File -> input the name and the location of the backup file

w/ store procedure
use master
exec sp_addumpdevice 'disk', 'MYDATA', 'c:\backup\mydata.bak' //create
exec sp_dropdevice 'disk', 'c:\backup\mydata.bak' //delete
go

Create a backup task
w/ management studio
Server object -> backup database

Setting schedule backup
1.start the sql server agent
start -> all programs -> microsoft sql server 2008 -> configuration tools -> sql server configuration manager -> find 'sql server agent' service
-> start
-> properties -> start method -> automatic

2.start agent xps option
sp_configure 'show advanced options',

go
reconfigure
go
sp_configure 'Agent XPs', 1
go
reconfigure
go

3. create schedule task for automatic backup
w/ management studio
Manage -> Maintenance plan -> maintenance plan wizard -> next -> name 'weekly full', schedule 'change' -> setup the date you need to do the full backup -> choose backup method 'full' -> next -> choose the database you need to backup, check verify backup integrity -> finish.

w/ T-sql
backup database AdventureWorks
to mybackup
with stats = 20

with options
blocksize = if you need to burn the file on a CD, set to 2048, use with format
name = backup set name
description = set backup description
differential: do the differential only, if not set this parameter, full as default
format | no format: set if overwrite the existing backup
compression | no_compression: if need to compress the backup or not, not set as system default value
nounload | unload: set when backup is finished, need to unload the tape or not
restart: if there is a power failure when doing backup, set this option to restart the backup job
stats: sql server is 10% by default, view the backup process percentage frequency

Wednesday, 11 May 2011

讓 Windows 7、Vista 登入畫面不顯示帳號名稱

「HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System」 中的 「DontDisplayLastName」,將它由「0」改為「1」即可。