I just happened to see this one night when driving up to the drive through in Taco Bell…kinda funny. “I’ll take a 5 layer beefy burrito, a taco supreme, a large pepsi…and can I get a scandisk with that?”
This is old news, but it’s still relevant today as XP isn’t exactly “being left in droves” for Windows Vista. Hopefully these tips help some of those that are less technically inclined, but not complete newbies either. Either way it’s for people who want their Windows machines patched without being nagged with this “feature” bestowed upon us by the folks from Redmond.
For the more advanced users, you can always run your own WSUS server. This lets you control exactly what does and does not get installed, and WGA isn’t even available through WSUS (although Office Genuine Advantage is). If you have more than two computers running Windows 2000 or later, WSUS is a big help for saving bandwidth and assuring you get patched up-to-date quickly. It can be (sort of) compared to your own linux package repository.
Unfortunately, it requires Windows 2003 Server to run, but it is completely free (as in beer). So yeah, sort of pointless, but it will satisfy your inner geek who likes to tinker 
The easier WGA workaround:
This is actually pretty easy to defeat. Just boot into safe mode (XP Home) or regular mode (XP Pro or Media Center). Find the files in C:\WINDOWS\SYSTEM32 called ‘wgalogon.dll’ and ‘wgatray.exe’. Bring up the file properties, go to the security tab and remove the inherited permissions from the files (don’t copy them, strip them completely). Answer yes when it asks if you’re sure about this. Reboot and WGA will never bother you again. I’ve done this on dozens of machines and it just skips the update because its too stupid to fix permissions. The only exception to this is the Service Packs or repair installs.
Of course nobody should have to do it in the first place but this is an example of corporate-think at it’s best from our fiends in Redmond. If XP is so dead why should they be developing new WGA tricks for it anyways? Sounds to me like its them getting a bit nervous about how many people are jumping ship from Vista and pointing at ‘hackers’ as the problem. Again. =)
Dell actually uses a different key on their recovery discs than the one that’s on the side of the computer.
If you open d:\I386\winnt.sif The key is listed in there somewhere. That key also works, and I believe that in the past when I rolled my own discs, that was the one I’d use. IIRC I took the disc from my brother’s computer and enter Dell’s registration key. That generally worked just fine.
But that was years ago, and I don’t really deal with Windows much these days.
Home of a couple of large bike rallies each year, Myrtle Beach is not only huge, but full of things to do. I highly recommend Godfather’s pizza – it’s the best pizza in town by far! Just before we left, I had to whip out the laptop and partake in a bit of wardriving. This one is a two parter…
Part 1:
Part 2:
Myrtle Beach, South Carolina netstumbler files one, two, and three.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Just a quick drive through Asheville, North Carolina yielded a few wireless APs…
I put that netstumbler file somewhere…I’ll post it if I locate it
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Wow, what a beautiful area Carolina Beach was – definitely worth visiting if you’re in the area. The beaches were clean, the houses were gorgeous, and there were tons of wireless APs.
Carolina Beach, North Carolina netstumbler file.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Taking a quick drive through Wilmington, North Carolina, which is just before Carolina Beach. Still have South Carolina in my sights…
Here is the Wilmington, North Carolina main netstumbler file and the tail end of the drive.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Castle Hayne seemed like a fairly decent size city, so I decided to take a break from highway driving and fired up the laptop for some wardriving.
Castle Hayne, North Carolina netstumbler file.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Well what else is a person supposed to do in Washington, DC other than see all the sites? Wardrive it of course! For more info on the wireless APs found, check out the netstumbler file. There are three videos – part 1, 2, and 3 because YouTube apparently only allows videos to be 10 minutes each.
Part 1:
Part 2:
Part 3:
Washington, D.C. main netstumbler file. Here’s another netstumbler file for Ft. Myer, Virginia (just across the river from D.C.)
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
After seeing enough of New York, I decided to head south and wardrive Scranton, Pennsylvania…and run a stop sign 
For more info on the wireless APs found, check out the netstumbler file.
Scranton, Pennsylvania main netstumbler file and the highway file taken as I was leaving Scranton.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
Continuing my road trip, I decided to wardrive Binghamton, New York. For more info on the wireless APs found, check out the netstumbler file.
Binghamton, New York netstumbler files – first pass and second pass.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca.
While taking a road trip down the east coast, I decided to whip out the laptop in a few places. The first stop was Niagara Falls, New York. For more info on the wireless APs found, check out the netstumbler file. More videos to come shortly…
Niagara Falls, New York netstumbler file.
Materials: Compaq Presario laptop (2135US), Belkin wireless card (F5D6020), Kodak Digital Camera (C743), assistance from Rebecca, and don’t even get me started on gas…
Verizon Business has released a report that touches on what they found after looking through 500 forensic investigations involving 230 million records, and analyzes hundreds of corporate breaches. These breaches include three of the five largest breaches ever reported. Here is a few items they discovered:
There’s also some very good information in the article regarding how to protect your network and data. I would strongly encourage any network/system administrator to, at the very least, browse this part of the report.
Here’s a funny older trick for those of you on windows:
- Create a new text document
- Open it with Notepad
- Enter the text “Bush hid the facts” (without the quotes)
- Save it as whatever you want
- Close it then re-open it
Depending on what fonts you have installed, either you will see squares or you might see some Chinese characters. Certain characters are mistaken as UTF-16 characters intead of ASCII and that’s what you get. Actually, it’s any 4-3-3-5 combination of words (“chad did mrs gates” works too), just remember your spaces.
It’s been a long time since I’ve used a virus scanner at home, and I’ll tell you why:
1. Well, I’ve been using Linux since 1998. However, let’s put that aside as this still applies to before I completely converted to using strictly Linux in 2002.
2. It eats up system resources like you wouldn’t believe. Thanks, but I’d rather put my processor to better use – something other than doubling the processor power it takes to open a spreadsheet. FreeAVG seems to be the only decent anti-virus solution for Windows that doesn’t kill the processor usage by default.
3. They can only find known viruses. Maybe being “protected” from tens of thousands of viruses comforts you, but I’m worried about the few no one knows about yet, and AV software provides no protection against those.
4. They are only partially successful in removing viruses. How many times have you seen “Delete Failed! click here for more info”? I saw it a few times too many. I SHOULD NEVER EVER SEE THIS MESSAGE! This is a design failure.
5. AV software is not effective as a means of prevention. Virii come in two flavors, trojans and worms. Trojan – idiot user clicked on BrittneySpearsNaked.jpg.pif.bat.js.exe; AV cannot prevent this. Worm – Windows security issue; AV cannot prevent this. This is an over-simplification, and may not be 100% technically accurate, but you get the picture.
6. If AV software can’t prevent infection, and if it sometimes can’t even remove the infection, what good is it again? It’s good for Symantec, its good for Macafee, and its good for IT professionals who get to say “its not my fault, I did everything i could to prevent it” next time a code red happens.
I meant to go back and follow up a little more, but for now I’ll post my findings so far. Honestly, Davenport has their act together for the most part – I only discovered very minor things that are easy fixes and do not pose an immediate security threat.
Back on March 12th, I needed to use the library for a short while. I used the map command to see what I’m already connected to for the heck of it. Afterwards, I started playing around in My Network Places – specifically the Novell Connections. First I played around with a share called Midland_4x, but nothing was too interesting there. Of course another one of the first things I had to check out was the part that said “STAFF” Still nothing interesting really. I played around in the tree a little longer and finally found something that caught my eye – something that appeared to be a unix-based server with SSH. It used the default port (22), but ended up being either down or filtered by the firewall. Then I found another server that looked like it was for grad students that had somebody’s resume on it. The whole directory appeared to be world readable/writable. Two other things I’ll have to check out later are a front page to their Novell OpenEnterprise Server (Novell and Suse – good stuff!) and what appeared to be an OpenSource Project page. Nice 
I wasn’t sure what to make of their BMC Service Desk Express page or the APC InfrastruXure Manager page. Looks like I’ll have to do some more research on those when I get some time. One thing that should probably be addressed is Apache being installed and running on several Novell servers. As you can see from the screenshot, the default index page is still up, which tells me that the administrators may not know Apache is running. As we are taught in several classes, unused services should never be running. /etc/init.d/apache2 stop
About a week later I went back to look for anything else that might catch my eye. I found what I was looking for in the “Documents and Settings” folder. If you surf to C:\Documents and Settings\, you’ll find the names of everyone who had logged into the computer. You’re also able to poke around in their folders, which show information such as downloaded programs, personal files saved to “My Documents”, and their “Favorites” amongst other things. While it could take forever to look for anything of interest in all of those folders at the library, all you have to do is output the tree command to a text file for later viewing. In defense of Davenport, they’re not the only one’s who have this issue – Delta College does as well. They allow viewing of cookies and recent documents, which could reveal some information about themselves or their online identities including hotmail, student email addresses, projects they are working on (assuming that’s a project), facebook identity, and more.
Overall, I was pretty happy with what I discovered…which wasn’t a lot
