I have recently been updating my Windows Forensics First Responder script and have noticed a number of servers reporting the following when using Sysinternals/Microsoft’s listdlls.exe. *** Loaded C:\WINNT\system32\KERNEL32.dll differs from file image: *** File timestamp: Wed Apr 18 12:25:36 2007 *** Loaded image timestamp: Wed Apr 18 12:25:37 2007 *** 0x77e40000 0x102000 5.02.3790.4062 C:\WINNT\system32\KERNEL32.dll Now […]
Bruce Schneier just posted an interesting article on his blog entitled “Interview with an Adware Developer”.
This article reinforces many of the things I have been telling people for a very long time, but for whatever reason never sinks in.
I installed Windows XP service pack 3 yesterday and found today that wireshark would not detect any of my network interfaces. Reinstalling winpcap fixed it. FYI Share this: Facebook <a rel="nofollow" data-shared="sharing-twitter-282" class="share-twitter sd-button share-icon" href="http://downgrade visit this page.org/2008/05/15/windows-xp-sp3-and-winpcap?share=twitter” target=”_blank” title=”Click to share on Twitter”>Twitter Reddit Email Like this: Like Loading…
For those of you wondering why I havent beaten up Vista yet… I have. I ran it from mid-beta to early-release and had a very well written and thought out evaluation of its security and usability features. It was quite negative. I wrote the entire article in notepad on my Vista machine. One day I […]
As it turns out, the secret and forced windows update is causing problems. I have heard of this issue cropping up on non-restored systems too. Yet another reason why I am a Linux/Mac guy.
Microsoft has done it again. We receive reports from our WSUS server telling what updates are rolling out to what servers. So when I started receiving TripWire reports indicating files being altered on a bunch of windows boxes I got concerned. I started opening the files with hex editors looking for strange junk and ran […]
Microsoft announced today that it will issue an urgent, out of cycle patch for the ‘recent’ animated cursor vulnerability (CVE-2007-0038)… a whole week ahead of its precious and ill-conceived patch tuesday. Some would claim that this an example of Microsoft doing the right thing, getting urgent issues resolved quickly and cutting through their own patching […]
Contents 1 Basics 2 domains and domain trees 3 Global Catalog (GC) 4 Flexible Single Master of Operations (FSMO – pronounced fizmo) 5 Groups 6 Naming Contexts (NC) and Application Partitions 7 Schema 8 Replication 9 AD and DNS 10 Profiles 11 Group Policy 12 Backup, Recovery and Maintenance 13 Exchange Integration 14 Links  […]
Fresh after the article from security firm Sophos entitled “Sophos recommends Macs for security“, A member of Microsoft’s security team blasts Apple for not having a “security czar” and not communicating with users about security vulnerabilities. By contrast, he points to Microsoft as a prime example of how to respond to threats, providing well-documented communications […]
One of the more common questions my support team at work receives is in regards to Windows based computers starting to run slowly. This will eventually happen to all windows machines and is simply in the nature of windows. The long-term problem is that the windows registry (the database that underlies windows and controls everything […]