Static IP Addressing - troubleshooting

When you place a Static IP Address you could run into problems.

When you see the screen, check for these possible errors.

1. Know your network range. For every network there is a range of IP address used. Your Static IP Address must be within this range.

Example IP Address 172.16.5.12

Of course we are talking about private networks, behind routers and other devices.

Know the range of the network.

2. Do not duplicate. Your network will have an address for the Default Gateway and possibly the DNS Server. If youtype the same address as either one of these address you will not be able to conect to the internet and will most likely recieve error message like these:

A quick easy way to see the duplicate is:

2a-1. Click the Start button

2a-2. Type cmd

2a-3. Cick cmd.exe

2a-4. Type ipconfig /all in the command prompt

2a-5. Now look at IPv4 Address to the right is



To fix this:

2b-1. Click Control Panel and click Classic View

2b-2. Click Network and Sharing

2b-3. Click View Status

2b-4. Click Properties and click Continue

2b-5. Select IPv4 and click Properties

2b-6. Type 172.16.2.11 to in the IP Address box to test it.

3. NO zero in the Y field. The IP Address has 4 parts (boxes) w,x,y,z. In the Y field you can not type 0.

Protect your computer against brute force attacks

Today is the day, today you will learn how to protect your computer from brute force attacks.
I will be using Windows Vista to demonstrate this.

First you need to access you Advanced User Controls
1. Click the Start button, click All Programs, click Accessories, click Run and type userpasssword2
With Vista click OK
2. Click the Advanced tab, select the Require users to press Ctrl+Alt+Delete check box, and click OK













Now to lockout the accounts after 5 incorrect attempts to log in.
I was not successful in finding out how to accomplish this task in XP.
The only one we wont be able to lockout will be the built-in Administrator account.
1. Click the Start button, click Control Panel,and click Administrative Tools
With Vista click OK
2. Double-click Local Security Policy
3. In the left window pane expand Account Policies and click on Account Lockout Policy
4. Double-click Account lockout threshold, type 5 and click OK
5. Double-click Account lockout duration, type 5 and click OK

Click OK as many times needed and close all windows.
Log off and you will notice that the next time you log on you will be required to hold Ctrl+Alt+Delete.
You have now made it very difficult for someone to break into your computer.

Brute Force Attacks

I looked up brute force attacks and brute force hacking this is a link with some great info on protecting passwords on your computer. You should read this article, click here. Know what's out there.
The author gives insight into what really has to take place, and more so time wise.

Auditing File Access- take a look at what's being accessed on your computer

You must be a user with administrator privileges to audit.

If you have kids or other persons who access the same computer take a look at what they are accessing.

You can use this in many forms and could even assign this to certain programs such as games, media files, etc. Windows Vista Home edition is great to do this as well using the Parental Controls inside the Control Panel.

As I show you a little bit you will understand how the wide array of options that are avaliable in Auditing.

I am running Vista Business. You will notice this from the images.

1. Click Control Panel

Click Classic View, if not enable already

2. Click Administrative Tools

3. Double-click Local Security Policy and Click Continue

4. In the left pane, expand Local Policies and click Audit Policy

5. Double-click Audit object access. This option enables auditing for file access.

6. Select the Success and Failure check boxes, because you want to have the option of seeing either the successes or failures of a user (in this case accessing Windows Meeting Space).

7. Close all open windows

8. Click the Start button and go to All Programs

9. Right click Windows Meeting Space and click on Properties

10. Click the Security tab and click on the Advanced button

11. Click on the Auditing tab and click Continue and then click Continue once more to pass the User Account Control

12. Click Add

13. Type Everyone, click Check Names, and click OK. You are now doing to be able to see every user in your audit. If you desired to only audit a select few users, you would need to input thier user names one by one. Another option to adding one by one is adding a group (now if you are intending to narrow the selection from more than just the Users group, than you would have to create a group within the MMC.)

14. To keep in simple, we will look to see if the program is executed or not. Select the Success and Failure check boxes of the traverse folder/ execute file option (second row from the top).

15. Click OK four times to close the dialog boxes

16. Click the Start button and go to All Programs

17. Click Windows Meeting Space

18. Close Windows Meeting Space

19. Close all windows

20. Click the Start button

21. Right-click Computer and click manage from the drop down menu

22. In the left pane expand Event viewer, expand Windows Logs and click on Security

23. Notice the extensive list of events logged. Right-click Security in the left pane and click Filter current log

24. In the Event sources box, select Security-Auditing

25. In the Task category box, select File System

26. In the Keywords box, select Audit Success and Audit Failure.

27. Click OK and look through the displayed events.

28. Double-click on the most bottom event, notice that the user account is listed (the image shows u1 as the user name.

All in one, Protect your Computer

This Product seems truly amazing. Zone alarm has the appearance in their description to be invisible and impenetrable.

The "Root & Boot" protection really caught my eye. They protect down to the kernel-level in the Operating System. As well, this will protect your operating system during start-up.

    They as well claim to have the #1 Firewall. This firewall seems to have some teeth. It not only detects malicious programs it disables them. As well, it makes you invisible to hackers, stealth mode. To see how well your computer ports are protected go to https://www.grc.com/x/ne.dll?bh0bkyd2. (Shields up is a trustable site).

    As well it has Antivirus, Anti-spyware, ID theft protection, Anti-spam, and Wireless PC protection.

            http://www.zonealarm.com/store/content/catalog/products/zonealarm_internet_security_suite.jsp

    

Brute force attack program

A program called "Cain & Abel" that hacks your SAM for local passwords.
click here to go to Youtube and view the video.
I found plenty more "scary" videos" about hacking, however you can protect yourself if you know how.
Read my Protect your computer against brute force attacks.

fake- Changing admin user passwords on XP through limited user account

Problem
So last night I challenged my young 8th grade brother to hack into the home computer.
I have reason to hate XP with a stirred passion.
I came home today (the next day) and he (from his limited account) had changed all the passwords of the accounts including my account which was an administrator account; however, he could not gain access to an account that had two names separated by the "&" symbol (eg. Greg & Ginger). This account was the first user created upon installation.


Go to Total Results in red below and that will get the real answer to where this all began.


Method used to enter
Command prompt. There is no need to 'run as Administrator' as in Vista. Thus anyone can change your passwords and then enter your account.

Hypothesis
This "&" is a way to protect your account.

Test
place the " on both sides of the name (eg. "Greg & Ginger") using command prompt

Result
I entered the account; the hypothesis is invalid.

However, going on with this problem that is going to become an adventure.

Hypothesis
Will this same thing work from a limited account on my other computer it is an XP with service pack 3 as well?

Test
Run cmd from the limited account

Results
unable to change any administrator accounts from this limited account.
The "System error 5 has occurred. Access is denied" comes

Hypothosis
Can I run a batch file from this limited account and add users?

Test
write batch file to add 10 users

Results
As the batch file ran. The "System error 5 has occurred. Access is denied" was displayed every time a user was attempting to be added.
This user has no permission, in other words no ability to change anything, even through this pitiful command prompt program.

Hypothesis
Can I change the passwords of other administrator users on this (computer 2) as well from an administrator account?

Test
Once again, use command prompt, but from one of the admin accounts to change the password of another account.

Results
Yes, an administrator account can access anyone else including other admin users.
Let's think up something more effective.

Total Results
After talking with my brother, he had actually had changed his account to administrator when he found my parents account logged in and ready to go. Log off when you are not physically at the computer. Users are the greatest weakness in this security.


Little note on the end, my brother as well, created an admin account that he could access by going into safe mode and accessing Administrator account that no one had blocked by password or any other from of renaming. My brother gives thanks to Youtube.
After he gained access he began the same command prompt on the other computer though his new admin account and changed my password, etc.

Next... How to change the password and rename your Administrator account
...and then later how to script the process and have an Administrator user enabled through a back door.

I can't login- my password is incorrect?

How could this be my "username or password is incorrect"?

Hold on to your business chair and get control of your breathing.

Did you slow your pulse down?

Let's get this solution to your finger tips.

1) You will need access to an administrator account that is on your computer box. If you don't have the password to that account find the perosn who does and ask them to help you by following instructions 2-5 (in red).

If you are the administator on your computer and you are not over a network (there is help you should seek from the IT head over your network, now!, however if not), then you can access the Administrator account that is accessible through safe mode, if it has been left untouched then it will called Administrator and have a blank password. You enter Safe mode by hitting the F8 key as your computer begins start up- before you reach the login screen. Select enter Safe mode with Command Prompt. The last set of instructions (in blue) here will probably be more useful for the command prompt.

2) Right click on Computer and from the drop down menu click manage.

3) You have inciated the MMC, now select on Users/Groups.

4) Two folders should appear, click on the Users folder.

5) A list of users should appear in the center pane of the window. Right click the user, of whom you want to reset the password (eg. Frank). Now click Reset Password from the drop down menu. Reset thier password and you are good to go.

Note: A nice feature of MMC is you can force this user to change thier password when they next login. You do this by Right clicking the user and then clicking on the Properties option. From here, there will be a window with 3 tabs, you want the first tab. Select the check box "user must change password upon next login".

1) Run Command Prompt as Administator

2) Type net user to see a list of users.

3) Select the user of whom you want to change the password by typing net user user1 *
where user1 is the name of the user you want to select (eg. net user Bob *)

4) Now type in the new passowrd, nothing will show as you type, press enter when your done

5) Confirm the passowrd and type it again, then press enter again.

The password has been reset

Trouble Shooting: Cannot log in - password is incorrect

Problem

John Smith cannot login to his Account, he recieves the error message " The user name or password is incorrect"

Hypothosis

Reset password running command prompt as Administrator.

Results of Hypothosis

retrieved information on the JSmith account by typing net user JSmith


Attempt 1: with results of failure caused from lack of knowledge on how to read scipt.


Atempt2: This is the correct form of 'how to reset the password, however here I come across another problem.

The Problem is that the Command Prompt will not allow me to imput any character, it will not respond, now that I have asked to reset the password.

Hypothosis on new problem

What what would happen if I pressed enter even though the command prompt wont respond to other inputs from the keybord?

Results of Hypothosis on new problem and Conclusion to original problem

The command prompt does not display any characters as you type the on new password prompt or on the confirm password promt.
If you ever type in characters and you forgot what they where you can press enter and it will take you the confirm passowrd prompt, press enter agian. It will then display the message "The passwords do not match." and it will skip a line and then begin the prompt again asking you to "type a new password for the user: ". Type the new password. Type it again for the confimation and if the passwords match for both inputs you will recieve the message "The command completed successfully".

As well you cannot save a file that is read-only you must right click the document and deselect the read-only check box.

I am sure who ever has just recently read this is laughing with great amusement at this fantastic learning process.

Scripting

Symptom/ Challenge
How do I add multiple user accounts to windows Vista by scripting?

Hypothesis
Learn what scripting is?

Conclusion
This site teaches the basics to understand scripting
http://www.microsoft.com/technet/scriptcenter/hubs/start.mspx

1) Open notepad
2) write net user userx /add (eg. net user Rob /add)
3) save as bat file (eg. user.bat)
4) run the file as administrator






Reflection
In opening up command prompt as administrator you can see all the users
to get help type net user /?