Tuesday, April 12, 2005

Getting PGP Desktop 8.1 for Win/Mac

I'm using about 6 years from PGP. Those days PGP only has command line version but now a days with Windows Desktop version you can use more options such as Global Directory or so on.
The latest version is 9 beta but its license will expire on 7 may.

Get PGP Desktop 8.1 for Windows now.

Monday, April 11, 2005

Mozila Firefox or Microsoft IE?

...I was working on Firefox about 6 months and IE too at the same time.

The advantage of firefox is only: more safe than IE; because IE is most popular than Firefox so it'll be the attackers target more than Firefox.
It seems Firefox downloading files faster than IE (use more bandwidth by open more sessions) and with the resume support.But Firefox opens web pages slower than IE, specially if you open many pages at the same time or to the same destination (website).Maybe it depends on TCP sessions that Firefox opens or so on.
Finally, some websites could not be appear correctly in Firefox but in IE or netscape can be open .It seems the web pages style & structure viewer is different in Firefox.
Any comment?
...

Security Alert: Microsoft issues DNS poisoning advisory

After the Internet Storm Center raised its warning level over the pharming-related vulnerability the software behemoth updated its advice for people running Windows servers...

DNS cache poisoning involves the practice of hacking into domain name servers and replacing the numeric addresses of legitimate Web sites with the addresses of malicious sites. The scheme typically redirects Internet users to bogus Web pages where they may be asked for sensitive information or have spyware installed on their PCs, an online assault that has also become known as pharming.
On Windows 2000 SP3 and above, the DNS server DOES protect against DNS cache pollution by default. The registry key to protect against the poisoning is not necessary: the value is TRUE if the registry key does not exist. Microsoft has now corrected the KB article that we published earlier with this information.
On Windows 2000, you should manage the DNS cache protection security setting through the DNS Management Console. On Windows 2000 below SP3, the "Secure cache against pollution" is not the default so you should enable it using the DNS Management Console. On Windows 2000 SP3 and above (and Windows 2003), the secure setting is the default (even if the registry key does not exist).
Our recommendation is to only set the registry key (HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters) on Windows NT4. Otherwise, use the DNS Management Console. If you are on Windows 2000 and you created the key already, you are safe to leave it in place as long as the value is "1".

More info about How to prevent DNS cache pollution .

Enabling "automatic logon" on Windows NT/2000/XP

Sometimes maybe you need some of your servers logon after reboot automatically ...

The following registry hack details the registry keys which control automatic logon:
..
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: AutoAdminLogon
Type: REG_SZ
Value: 1 enable auto logon
Value: 0 disable auto logon


Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: DefaultUserName
Type: REG_SZ
Value: account to logon automatically


Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: DefaultPassword
Type: REG_SZ
Value: pw for DefaultUserName above
Caution: Password is stored in clear text. Set security permissions on Winlogon subkey to protect the account used.

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: DefaultDomainName
Type: REG_SZ
Value: if domain account, domain name; if local account, server name


Windows 2000 / XP has an additional registry setting to force autologon and ignore bypass attempts. This can be valuable with a kiosk environment:

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: ForceAutoLogon
Type: REG_SZ
Value: 1


The following registry values must not exist: LegalNoticeCaption, LegalNoticeText. These values force a person logging into a PC to acknowledge having read the notice. If these values exist, the legal notice dialog hangs until someone hits enter. Don't just null out the values. Delete them.

The value DontDisplayLastUserName determines whether the logon dialog box displays the username of the last user that logged onto the PC. The value does not exist by default. If it exists, you must set it to 0 or the value of DefaultUser will be wiped and autologon will fail.

Finally, the value RunLogonScriptSync determines whether a logon script will run synchronously or asynchronously. It should not effect this process but there have been reports that setting the value=1, that is, sychronous, is more stable.

Whether you use the Autologon utility or the registry approach, there are times when you must logon as another user or need the logon dialog to appear. Hold down the shift key until during boot until the logon dialog appears. For the control freaks, even the shift override can be blocked (also see ForceAutoLogon above) :

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: IgnoreShiftOverride
Type: REG_SZ
Value: 1


If you want to enable autologon for a certain number of times, follow the above instructins and use the following Windows NT / W2K / XP registry hack:

Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: AutoLogonCount
Type: REG_SZ
Value: # autologons you want to allow
There was an error in this gadget