Wednesday, April 28, 2010

Tools4ever, Inc. Announces Release of Password Complexity Manager

Windows 7 is the latest stable Windows operati...Image via Wikipedia
New York (PRWEB) April 26, 2010 -- Tools4ever, a global leader in Identity and Access Management, is pleased to announce an innovative solution that enables system administrators to enhance the complexity of Active Directory passwords. Password Complexity Manager (PCM) offers all possible combinations to establish the Password Policy and extends the standard complexity rules within the Windows domain. For instance, PCM provides the option to set the password complexity at the OU level in the domain and provides end-users with feedback about what rules have been complied with during a password reset. PCM offers system administrators the ability to expand the standard Windows Active Directory password complexity rules. This guarantees an overall increase in security for their networks.

Because passwords are fraud-sensitive, it is a requirement for some end-users to provide extremely complex passwords. In other instances, end users with different roles within the organization may not be required to utilize complex passwords. It's also possible that an audit rule dictates the specific password requirements, which cannot be met within the standard Windows complexity rules.

Most organizations want to be able to set various security levels for different users. However, the standard Password Policies for Domain User Accounts are extremely limited and do not always fulfill the needs.

The key features of PCM are:

* Complexity at domain level: With PCM you can implement multiple Password Policies at various levels, namely each domain and Organizational Unit (OU).
* Interface for setting complexity rules: PCM offers a number of predefined rules and allows system administrators to determine which rules will be applied and when.
* Immediate feedback: A modified GINA client is supplied within PCM that indicates when a password is changed whether the new password complies with the PCM or the configured AD rules. On entry of the password, the PCM-GINA indicates with a check mark as each rule is met. This gives the end-user immediate feedback about whether or not the new password complies with complexity rules and allows them to modify the password in real time.
* Integration of Password Management Solutions: PCM can be integrated seamlessly with other Password Management solutions from Tools4ever, such as Self Service Reset Password Management (SSRPM). With SSRPM end-users themselves can reset their passwords based on a number of simple, predefined questions. When organizations deploy SSRPM in combination with PCM, end-users setting a new password are notified of the defined complexity rules in the same screen and the check marks are also visible.

Read about windows password recovery software

Reblog this post [with Zemanta]
READ MORE - Tools4ever, Inc. Announces Release of Password Complexity Manager

Hackers Attack Google's 'Gaia' Password System

Google China's logoImage via Wikipedia
New York Times is reporting that the attacks against Google and other companies late last year, attacks which Google sourced to China, may have exposed Google's single-sign-on system, code-named Gaia.

The attacks were revealed in January. Many companies are said to have been hit, but very few—Google and Adobe—are named. The incident led to much outrage from the company and an official "inquiry" by Secretary of State Hillary Clinton. Google announced that the company would no longer censor its Chinese sites, which had been demanded by the Chinese government. In March, Google started redirecting requests to its Hong Kong site at, but traffic to that site from China is filtered at other levels by the government.

The Times report is vague about exactly what was compromised: was it the source code for Gaia? The control system? The passwords themselves? The story says that no actual passwords appear to have been stolen, but that the event creates the possibility that the attackers will be better-able to craft more sophisticated attacks.

In response, Google has enabled a new layer of encryption for GMail and took other measures, including physical security measures at data centers, to tighten security. One would hope that they also took the time to upgrade the Windows XP IE6 system that was compromised to open the door for the attackers.

Reblog this post [with Zemanta]
READ MORE - Hackers Attack Google's 'Gaia' Password System

Windows Explorer Has Stopped Working Fix

Windows Explorer
is an essential program of the Windows operating system. It is one of the backbones of the operating system powering not only file browsing and operations but also the taskbar and start menu.

The message “Windows Explorer has stopped working” is relatively common judging from the number of web pages and solutions that users and webmasters have posted over the years on the Internet.

The goal of this troubleshooting guide is to provide users who are experiencing the Windows Explorer error with the most common solutions and fixes.

Solution 1: File Check

This solution checks the operating system for missing and corrupt files and replaces them with the original file version to make sure only valid files are used. This helps in cases of data corruption and malicious attacks that have modified or deleted core operating system files.

1. Click Start, and then type cmd in the Start Search box.
2. In the results area, right-click cmd.exe, and then click Run as administrator. You will be prompted to type the password for an administrator account. Click Continue if you are the administrator or type the administrator password. Then, click Continue.
3. At the command prompt, type Sfc /scannow, and then press ENTER..

Solution 2: Scan Disk

The files and folders may be valid but it can still be that the hard drive has bad sectors or other problems that lead to this Windows Explorer error message. Scanning the hard drive that Windows is installed on for disk errors is another option to resolve the issue.

1. Open the Start Menu and click on the computer link.
2. Right-click the hard drive that Windows is installed on (usually c:) and select Properties from the context menu.
3. Switch to the Tools tab and select the Check Now button under Error-checking
4. Make sure that both options are selected before you press the Start button.
5. The Disk check needs to be scheduled as the disk is in use when the operating system is running. It will start the scan automatically on the next startup.

Read more about windows password recovery

Reblog this post [with Zemanta]
READ MORE - Windows Explorer Has Stopped Working Fix

New Windows virus targets unwary iPad users with trojan attack

Image representing Windows as depicted in Crun...Image via CrunchBase
No, this isn’t the good kind of Trojan(s) attack. Yes, there’s a new email scam that downloads malware onto your Windows machine, giving hackers control over your computer. No, your Mac won’t be affected.

That’s the short version. The slightly longer version has security firm BitDefender, putting out a report on a newly discovered virus attack that targets Windows users that happen to have an iPad. They are calling this piece of malware the Backdoor.Bifrose.AADY virus.

The virus is delivered through a seemingly legit iTunes update page. iPad users are sent emails encouraging them to click on a link to download an update that will add support for the iPad or improve the user experience. The page looks like any other stand-up iTunes update page, but the only thing it downloads is a virus that buries itself into explorer.exe and hands over control of your computer to somebody that’s not you. That would be bad, very bad.

If you have an iPad, use a Windows machine, and receive an email asking you to download something or click on a link, be forewarned – DO NOT follow through with the instructions. That is, unless you like having your computer turned into a zombie bot.

Mac users: don’t sweat it. Your compute runs an operating system that is so little-used that the hackers behind this virus (and almost all others) don’t waste their time trying to screw you over.

Read more about Windows password recovery software

Reblog this post [with Zemanta]
READ MORE - New Windows virus targets unwary iPad users with trojan attack

Tuesday, April 27, 2010

Windows XP Still Less Secure than Win 7 and Vista

LAS VEGAS - JANUARY 09:  The Sony VAIO Lifesty...Image by Getty Images via Daylife
Microsoft has released a new Security Incident Report--the eighth volume of Microsoft's quarterly overview of computer and network security trends. The report illustrates once again that security can be greatly improved by upgrading to the latest software, and through user education.

The Key Findings Summary points out some of the more relevant data discovered over the past three months. Here are some of the highlights:

• The 64-bit versions of Windows 7 and Windows Vista SP2 had lower infection rates than any other operating system configuration in 2H09, although the 32-bit versions both had infection rates that were less than half of Windows XP with its most up-to-date service pack, SP3.

• Domain-joined computers were much more likely to encounter worms than non-domain computers, primarily because of the way worms propagate. Worms typically spread most effectively via unsecured file shares and removable storage volumes, both of which are often plentiful in enterprise environments and less common in homes.

• In Windows XP, Microsoft vulnerabilities account for 55.3 percent of all attacks in the studied sample. (comparing targets of browser-based exploits)

• In Windows Vista and Windows 7, the proportion of Microsoft vulnerabilities is significantly smaller, accounting for just 24.6 percent of attacks in the studied sample. (comparing targets of browser-based exploits)

Vinny Gullotto, general manager of the Microsoft Malware Protection Center wrote in a post on The Official Microsoft Blog "The Internet holds great opportunity, but as cybercrime evolves it can be difficult to know how to stay protected."

Gullotto goes on to explain "As businesses continue a gradual migration toward cloud computing, bot herders in the malware community have adopted their own version of cloud computing--a "black cloud" built on global networks of compromised computers to install spyware, spread malware and spam around the world. Moreover, malware kits are developed, released, and updated just like legitimate products--complete with advanced features and minor releases to improve kit effectiveness."

I spoke with Graham Titterington, principal analyst at Ovum, about the Microsoft Security Incident Report, and he also pointed out the continuing trend of malware and other cyber attacks toward organized crime. Titterington told me that cyber criminals are very sophisticated, some even more so than legitimate businesses--complete with research and development teams, marketing, beta testing, and other tools to ensure the efficacy of the malicious code they develop.

Many look to legislators to craft new laws with harsher penalties to address the rise in cyber attacks and cyber crime. The problem with new laws is twofold. First, laws only hinder the activities of the law-abiding. Cyber criminals are already aware they are breaking the law, and obviously they don't care. So, creating new laws will not impede cyber attacks.

The other--perhaps even larger issue--is that the Internet is global, but laws are regional. Just because an attacker violates a law in the United States doesn't mean they have violated a law in Argentina. Tracking an attack to its true source, and engaging local authorities to cooperate in apprehending the perpetrators is like herding cats.

According to Titterington, the best that law enforcement can do to stop, or at least slow, cyber attacks is to follow the money. Disrupting the means for attackers to benefit monetarily from the attacks is arguably the quickest way to shut them down.

The latest Microsoft Security Incident Report also includes a new section with guidance from Microsoft on how to mitigate or protect against the threats described. The report says "Transform your security message from "no" to "how." Demonstrate to your organization how to be secure rather than telling them what they can or cannot do."

The advice from Microsoft includes tips such as using creative and engaging formats such as podcasts or contests, and focusing on "how-to" type formats. Microsoft also stresses the importance of basic user education--keeping users informed not to click on unknown or suspicious links, how to create and use strong passwords, not to share username or password information, and other common sense measures that need to be drilled on a regular basis.

The full Microsoft Security Incident Report v8 has 12 pages of information and links to additional resources to help IT administrators take specific action to protect their networks and computer systems from the threats discussed in the report. Windows password recovery

Reblog this post [with Zemanta]
READ MORE - Windows XP Still Less Secure than Win 7 and Vista

Windows Security: is Microsoft innocent?

Closeup of a stone sign bearing the Microsoft ...Image via Wikipedia
How many times have you read about a worm spreading through an enterprise network, or some malware or other compromising personal data, or computers being used to build a DDoS or spammer botnet and either shouted BLOODY WINDOWS at the screen or seen someone else lay the blame squarely on Microsoft? Chances are, rather a lot I would imagine. After all, it has become almost de rigueur in geek circles, especially amongst the non-Windows using Mac and Linux crowd, to blame every security mishap on Microsoft.

Windows password recovery software
I am always looking for good reasons not to vent my spleen in the direction of the Redmond Microsoft Campus, so I was intrigued to come across a piece over at last week entitled 10 Reasons You Shouldn't Blame Microsoft for Windows Security Issues. These could, however, pretty much be bundled together into two distinct groups: stupid user syndrome and stupid developer syndrome.

The stupid user should not open any old attachment, should not visit dodgy sites, shouldn't use weak passwords, shouldn't forget to apply software patches and security updates, and certainly shouldn't run in admin mode. The stupid developer, on the other hand, shouldn't produce applications with vulnerabilities.

Now while there is some merit to all of those things as being reasons for compromises happening, and if taken on board as best practise advice for consumers make good sense as well, I don't see how any of them actually gets Microsoft off the responsibility hook to be fair.

Before I go any further, let me declare an interest: I am a hardened Windows user and have been all my adult life since the very first version in fact. I moved from an Amiga to a PC, and while I do own Apple products and have got a machine running Linux here, it is the Windows boxes that are my day-to-day workhorses. So please so not think I have a fanboy axe to grind, it's actually just as an observer of the impact of IT security compromises that my tree felling tool starts sparking a tad.

So, back to the plot, how does blaming the user and the third party developer get Microsoft off the big hook of responsibility? The answer is it doesn't, all it does it mitigate the blame a teensy weensy fraction of a percent (to use a McAfee measurement). Microsoft, as developer of the most successful and popular operating system out there, has to be where the buck stops. In fact it is where billions of bucks stop, to be fair. So is it too much to expect that it should be taking every possible step to ensure that whatever flavour of Windows we are talking about today is secured up the wazoo? Is it too much to ask that the risk of compromise should be reduced to the n'th amount and the stupid user protected from the consequences of being stupid or using stupid applications?

Until it can stand tall and proclaim it is doing just that, and perhaps more importantly the end user can believe as much, in the same way that they believe Apple and the various flavours of Linux, I am afraid that I cannot actually think of a single reason why I shouldn't blame Microsoft until the cows come home.

Reblog this post [with Zemanta]
READ MORE - Windows Security: is Microsoft innocent?

Windows 7 hits fastest-selling OS mark for Microsoft

LONDON, ENGLAND - OCTOBER 21:  A computer stor...Image by Getty Images via Daylife
Just six months after its release, Windows 7 is now installed on one in 10 of the world's PCs, Microsoft has confirmed.

The operating system was launched on 22 October, 2009 and has gone on to sell more than 100 million licences, making it the fastest-selling Windows OS in history according to Microsoft.

Microsoft recently reported revenues of $14.5bn for the financial quarter ended 31 March and chief financial officer Peter Klein said Windows 7 "continues to be a growth engine" — with Windows revenue up 28 percent year-on-year.

Windows password recovery software

Reblog this post [with Zemanta]
READ MORE - Windows 7 hits fastest-selling OS mark for Microsoft

PC industry earning again after slump: Microsoft

Windows 7 is the latest stable Windows operati...Image via Wikipedia

MICROSOFT'S profit has risen 35 per cent, largely due to sales of the latest version of its Windows operating system, as corporate technology buyers begin to join consumers in demand for personal computers.

The results are further evidence that the PC industry is continuing to rebound after one of its worst slumps in history.

Initial demand for Windows 7, a version of the operating system released in October, which was much better received than predecessor Windows Vista, was mainly fuelled by consumers.

But Microsoft suggested last week that business customers were also starting to retire machines running older versions of Windows in favour of new models with Windows 7.

For its third quarter ended March 31, Microsoft said revenue from its cash cow Windows division rose 28 per cent from a year earlier to $US4.42 billion ($4.76bn).

It estimated more than 10 per cent of all PCs worldwide were running the software already, making it the fastest-selling operating system in the company's history.

Microsoft's finance chief Peter Klein said Windows 7 was a "phenomenal story both on the consumer side and now a little on the business side".

He said the company saw a "lot of deployment coming" from Windows 7 PCs among business customers.

Microsoft reported total profit for the quarter of $US4.01bn, or US45c a share, up from $US2.98bn, or US33c a share, a year earlier.

Revenue rose 5 per cent to $US14.5bn.

Microsoft's results included the deferral of $US305 million in revenue related to a program that allowed customers who bought Microsoft's Office suite of applications to upgrade free to a new version in the next few weeks.

Without that deferral, Microsoft said revenue would have been $US14.81bn, or an 8 per cent increase from a year earlier.

"What's most encouraging is they see business PCs coming back," Pacific Crest Securities analyst Brendan Barnicle said.

Still, Mr Barnicle said Microsoft's results didn't contain any dramatic signs that the company had managed to harvest growth from newer trends in technology, such as internet search or "cloud computing", in which companies such as host online applications for business customers in big data centres.

Industry watchers view both trends as potential threats to some incumbent technology companies.

Microsoft has started to invest heavily in both areas.

The company is making a big bet that it can catch up to Google by heavily marketing Bing, a new version of its internet search engine that launched last year.

Revenue in the online division, which includes Bing and its MSN website, grew to $US566m from $US507m a year earlier, but the losses from online services swelled to $US713m from $US411m.

Microsoft's results demonstrate there is still life in the traditional computer business, despite high-profile new devices such as Apple's iPad.

Intel, the dominant supplier of chips for personal computers, had its profit almost nearly quadruple recently and revenue increased 44 per cent.

Demand in the overall PC market has returned, with a 24 per cent year-over-year increase during the first quarter in global shipments of new machines, according to research firm IDC.

Microsoft expects sales to businesses to further improve as it releases a wave of products in the coming months, including Office 2010 and its SQL database software.

The company is also upbeat about prospects for a major new consumer product, code-named Project Natal.

Read more about Windows password recovery

Enhanced by Zemanta
READ MORE - PC industry earning again after slump: Microsoft

Sunday, April 25, 2010

Network Activity Indicator For Windows 7

The network activity icon was used by Microsoft in pre-Windows 7 operating systems to indicate network activity in the Windows System
Tray. Windows users who have switched to Windows 7 may have noticed that this network activity indicator was removed in the operating system so that no visual indication of network activity is shown to the user.

The free portable program Network Activity Indicator brings back the “two-monitor” icon in the System Tray go give the user a visual indication of computer network activity.

It will display the network activity icon in the System Tray upon startup. A right-click on the icon displays a host of options including a link to the program’s settings to change the design of the icons from XP to Vista style. The settings can also be used to change the traffic that is indicated.

The Network Activity Indicator by default will display traffic from all network adapters. This can be changed to display the traffic of only a selected adapter. It is furthermore possible to define the traffic type. Only TCP packets are indicated by default. The indicator can be switched to UDP or ICMP packets instead or a combination of the three.

The right-click menu contains links to other options as well. It is for instance possible to open network statistics, Windows Firewall Settings, Network Sharing Center and other network related settings and options.

The program uses roughly 4 Megabytes of computer memory while running which should be fairly acceptable for users who like to see the activity indicator icon in Windows 7. The program, including its source code, is available for download at the developer’s website.

Read about Windows password recovery software

READ MORE - Network Activity Indicator For Windows 7

No Windows Live Wave 4 For XP Says Microsoft

Things are not looking bright for users of the Windows XP operating system as companies are starting to drop Windows XP support or compatibility. Microsoft for one said that the upcoming Windows Live Wave 4 suite would not support Windows XP at all. Windows Live is a collection of popular applications including Windows Messenger, Windows Live Mail or Movie Maker.

Current releases of Windows Live will continue to be supported on XP and the web based services of Windows Live Wave 4 will also be supported. Only the desktop applications won’t be supported anymore.

Windows XP is nearly 10 years old and simply doesn’t provide the same level of platform support for graphics, and we recognized early in our work on Wave 4 that we could do much more in our software on a modern graphics platform. As a result our new version of Essentials will require the new graphics platform and controls that are only available on Windows 7 or Windows Vista and therefore will only run on these platforms.

Windows Live Wave 4 is on the other hand not the only Microsoft software that will not be made available for Windows XP. Microsoft’s upcoming Internet browser Internet Explorer 9 will also lack Windows XP support.

Windows XP users on the other hand have many solid alternatives at hand that they can use without difficulties. But so do Windows 98 users.

Windows XP is currently dominating the operating system market with a market share of about 60% followed by Vista with roughly 16% and Windows 7 with 10%. The trend on the other hand shows a decline of about 10% in the last ten months.

Read more about Windows password recovery software
READ MORE - No Windows Live Wave 4 For XP Says Microsoft

Windows User Profile Relocator

The Windows operating system puts all user profile folders on the main hard drive partition along with the operating system
files. Those user profile folders can grow quite large especially if the designated folders for multimedia files and documents are used extensively.

Windows does not come with tools to move user profiles to another drive. A manual way has been known for some time that involves moving the user profile files to the other drive and changing settings in the Windows Registry.

The software Profile Relocator provides a similar option for Windows users. It basically relocates the user profile folder for profiles that are created after that operation.

This does mean that existing profiles will remain in their original location on the main drive and that newly created profiles will be stored in the new location. Profile Relocator is ideally used after the installation of the operating system.

Users who want to move the already existing Windows user profiles can still use the manual approach to do so.

Profile Relocator is only compatible with Windows XP, Windows Vista and Windows 7. It requires the Microsoft .net Framework 2.0 and can be downloaded from the developer’s website. Users who run the software should consider doing a backup of the operating system before they start the operation.

Read about Windows Password recovery software

READ MORE - Windows User Profile Relocator

Windows XP password reset raises concerns

Q I was concerned to read about how to reset passwords on a Windows XP computer. I have never seen this question answered before and am worried about the security of my computer.

Passwords don’t just get lost or forgotten, this could be used to get access to my computer without permission. When I showed it to my boss he was even more concerned and asked me not to tell anyone about this solution. How should a computer be protected?

A You’re quite right that this is quite a serious security flaw and one that we are pleased to have seen fixed in Vista and Windows 7.

Although it is useful to be able to reset forgotten passwords, it highlights the importance of physical security. Once someone is sitting at the computer it is far harder to restrict what they do. The solution we printed was also suggested by Microsoft.

If you’re worried that someone might abuse this vulnerability in Windows XP, we recommend logging onto your computer and following our instructions on how to add a secure password to the Administrator account. Don’t forget to make a password-reset disk or write the password down and keep them in a safe place; if this and your passwords are lost it may be impossible to recover documents and emails.

Regarding your employer's concerns, the solution given should only work on Windows XP Home and not Professional, the version of Windows XP used in workplaces. It is also normally the responsibility of the company systems administrator to make sure that there are no missing passwords.

Baffled by jargon? See our free online Jargon Buster.

READ MORE - Windows XP password reset raises concerns

Thursday, April 22, 2010

Fport Maps Ports To Applications

Fport is a portable command line utility that will report all open TCP and UDP ports to the user. The port analyzer maps each open port to an application
to distinguish itself from the netstat -an command in Windows which otherwise would provide the same amount of information.

Read how to recover your windows password: windows password recovery software

What this means is that Fport will basically display all open ports and the applications that use them for their connection. This makes it very easy to find unauthorized connections by simply verifying the applications one by one.

Fport has to be launched from the command line or a batch script. It will display all open ports and their applications if it is executed without switches. The following switches are available:

/p (sort by port)
/a (sort by application)
/i (sort by pid)
/ap (sort by application path)

The output will look like this:

FPort v2.0 – TCP/IP Process to Port Mapper
Copyright 2000 by Foundstone, Inc.
Pid Process Port Proto Path
392 svchost -> 135 TCP C:\WINNT\system32\svchost.exe
8 System -> 139 TCP
8 System -> 445 TCP
508 MSTask -> 1025 TCP C:\WINNT\system32\MSTask.exe

392 svchost -> 135 UDP C:\WINNT\system32\svchost.exe
8 System -> 137 UDP
8 System -> 138 UDP
8 System -> 445 UDP
224 lsass -> 500 UDP C:\WINNT\system32\lsass.exe
212 services -> 1026 UDP C:\WINNT\system32\services.exe

The easiest way to work with fport is to save the output into a text document for further processing. This can be done with the command fport > output.txt which will create a text document with the name output.txt in the root directory of fport.

READ MORE - Fport Maps Ports To Applications

Windows Task Manager Extension

While the Windows Task Manager does provide basic information about the performance of a computer system
it fails short in numerous ways. Essential data like Windows services or open connections in the network or Internet are not displayed. The Extended Task Manager (via Nirmal TV) for Windows is a Windows Task Manager replacement that provides the same functionality as the Windows Task Manager plus extended information that put the usage of the Task Manager to a whole new level.

Read how to recover your windows password: windows password recovery software

The extended Task Manager can be configured to replace the Windows Task Manager so that the default keyboard shortcut [CTRL ALT DEL] will open its interface instead. It can also be configured to run independently from the default Task Manager.

The extended Task Manager is tab driven like the original Windows Task Manager. It adds a Summary, Services, and Ports tab which can be used to access different kinds of data that are not visible in the Windows Task Manager.

The software program adds a few additional interesting options to the Task Manager. One of them is the ability to display the list of files that are locked by a process. Another option is to initiate a Google search right from the interface to get additional information about a running process.

The Ports tab will display a list of all incoming and outgoing connections including their process name, process ID, local and remote IP as well as local and remote port.

The configuration offers ways to enable additional information in the various tabs. The Port Monitoring configuration can for instance be used to add UDP port monitoring or limit the TCP ports that are monitored by the program.

The Windows Task Manager replacement uses roughly 5 Megabytes in minimized state and approximately 19 when active. The website of the software company does not contain information about the application’s compatibility. The only available information are that a 32-bit and 64-bit edition seem to exist.

READ MORE - Windows Task Manager Extension

Improve Windows Security By Closing Open Ports

A standard Windows operating system
has a number of ports open after installation. Some of these ports are needed for the system to function properly while others might not. These ports can pose a security risk as every open port on a system might be an entry point for a malicious user. Windows password recovery software

A port basically allows communication to or from the device. Characteristics are a port number, an IP address and a protocol type. This article will give you the tools at hand to identify and evaluate the open ports on your Windows system to make a decision in the end whether they can or should be closed or left open.

Software programs and tools that we will use:

* CurrPorts: Available for 32-bit and 64-bit editions of Windows. It is a port monitor that displays all open ports on a computer system
. We will use it to identify the ports and the programs that are using them.
* Windows Task Manager: Also used to identify the programs and link some ports to programs.
* Search Engine: Searching for port information is necessary for some ports that cannot be identified that easily.

It would be an impossible task to go through all of the ports that are open, we will therefor use a few examples to enable everyone to understand the process and go on from there.

The program displays the process name and ID, local port, protocol and local port name among others.

The easiest ports to identify are those with a process name that corresponds to a running program like RSSOwl.exe with the process ID 3216 in the above example that is listing on the local ports 50847 and 52016. Those ports are usually closed when the program closes.

The more important ports are the ones that cannot be linked to a program right away like the System ports shown in the above screenshot.

There are a few ways to identify the services and programs linked to those ports. There are other indicators that we can use to discover the services and applications besides the process name.

The most important ones are the port number, the local port name and the process ID.

With the process ID we can take a look in the Windows Task Manager to try and link it to a process running on the system. To do that you need to start the task manager (press Ctrl Shift Esc). Click on View, Select Columns and enable the PID (Process Identifier) to be shown. That’s the process ID that is also shown in CurrPorts.

Here we have a port that we cannot identify immediately. The local port name is icslap, the port 2869, it uses the TCP protocol, has the process ID 4 and the process name system.

It is usually a good idea to search for the local port name first if it cannot be identified right away. Fire up Google and search for icslap port 2869 or something similar.

Often there are several suggestions or possiblities. For Icslap they are Internet Connection Sharing, Windows Firewall or Local Network Sharing. It took some research to find out that in this case it was used by the Windows Media Player Network Sharing Service.

A good option to find out if this is indeed the case is to stop the service if it is running and refresh the port listing to see if the port is not appearing anymore. In this case it was closed after stopping the Windows Media Player
Network Sharing Service.

epmap, TCP port 135

Research shows that it is linked to the dcom server process launcher. Research also shows that it is not a good idea to disable the service. It is however possible to block the port in the firewall instead to close it down.

llmnr, UDP port 5355

If you look in Currports your notice that the local port name llmnr uses the UDP port 5355. PC Library has information on the service. It is referring to the Link Local Multicast Name Resolution protocol which is related to the DNS service. Windows users who do not need the DNS service can disable it in the Services Manager. This closes the ports from being open on the computer system.


It is not always easy to identify ports and the services or applications they are linked to. Research on search engines usually provides enough information to find out which service is responsible with ways to disable it if it not needed.

A good first approach before starting to hunt down ports would be to take a close look at all started services in the Services Manager and stop and disable those that are necessary for the system. A good starting point to evaluate those is the services configuration page at BlackViper.

READ MORE - Improve Windows Security By Closing Open Ports

Wednesday, April 21, 2010

Understanding Samba security modes

If you have read any of the Samba content here on Ghacks you probably will have noticed that within the smb.conf configuration file
a line that begins with security =. This is a very important part of Samba setup and generally the section that gives users the most problems. Although the security mode would seem fairly straight-forward, it is certainly worth explaining.

In this article I will discuss what the security mode feature does and what the different modes are. By the end of this article there should be no confusion as to which mode your Samba setup should use. Windows Password recovery software

What are security modes?

I like to think of security modes as a means to inform the server just how a client will authenticate. You know about authentication from many sources. You can authenticate at a local level, as part of a domain, using Active Directory, and more. How you authenticate is generally dictated by your IT department (or by yourself if you are personal or home user). Because of the different types of authentication, Samba needs a way to know how this authentication is going to happen.

Now, from a Windows perspective (and the reason why Samba exists) there are only two types of security level: Share level and User level. But because Windows has multiple ways of authentication Samba needs to break the user level down further. So, as far as Samba is concerned, these levels are called modes and there are five modes: user, share, domain, ADS, and server. Let’s take a look at each of these.


The security = user mode is really the easiest to understand. From the Samba server perspective, the only things that matter (with regard to user mode) is username/password and the name of the client machine. This mode works very simply: If the Samba server accepts the username/password of the client then that client is able to mount shares on the server.


The security = share mode the client will authenticate itself against a share on the Samba server. Unlike user, when security = share authenticates against a share, that means that client only has access to that share. When using this mode the client sends a password along with each share request. If the password authenticates, the client has access to the share. If not, no access is granted. The authentication process is like this:

1. The client sends a session setup request that includes a valid username.
2. Samba records this username.
3. Client issues a tree connection request and the share the client wishes to connect with.
4. The users password is the then checked against the username. If password matches, the client is given access.


The security = domain provides a means for storing all username/passwords in a centralized, shared account. This account is then shared between domain controllers. So when Samba uses this mode of security it has a domain security trust account and forces all authentication requests to be passed through the domain controller. When using this mode the configuration requires a second parameter. So the configuration will look like:

security = domain

workgroup = DOMAIN_NAME

You also have to join the domain using the net rpc join -U ADMINISTRATOR%PASSWORD command. Where ADMINISTRATOR is the name of the administrator account and PASSWORD is the password for that account.


As you might expect, this is the Active Directory mode. Samba added ADS functionality at release 3. Using ADS mode is only possible if the Active Directory server is run in native mode. When running in ADS mode Samba will need NT-compatible authentication data – in other words Kerberos. So your Samba server will need to have a working Kerberos system
installed. When using ADS mode, your Samba configuration adds another line like so:


security = ADS


The last mode is security = server. This mode is generally not used any more because it basically sends username/password authentication to another machine. If this other machine is down, there will be no authentication. This mode presents numerous problems, which is why it is often not used. One of the more serious problems is that once a connection to the password server is made, that connection can be left open for extended periods of time – thus a severe security issue.

Final thoughts

Now you should have a better understanding of the security modes for Samba. Which do you prefer? Which modes are you locked down to within your company? Samba is a very flexible tool that can be used in many different environments. Hopefully Ghacks is helping you to implement Samba more easily.

READ MORE - Understanding Samba security modes

Edit Microsoft Outlook Autocomplete List

Microsoft Outlook automatically displays a list of contacts and email addresses
based on the first characters that are typed in by the Outlook user. This autocomplete feature can be used to quickly select a contact without having to enter the complete contact information manually. Windows Password recovery

The autocomplete list in Outlook is populated automatically whenever new information are added to the Microsoft software. This for instance means that every new email address that is used in Outlook will be added to the autocomplete list.

Outlook on the other hand offers no option to edit the contents of the autocomplete list which can become a nuisance if entries appear in the list that are not needed anymore, should not be shown as suggestions at all or are misspelled or wrong.

NK2Edit has been recently created by one of our favorite developers
Nir Sofer. It is the successor of NK2View which provided a similar but limited functionality.

The main changes between those two versions are mentioned in a blog post.

NK2Edit can be used to edit all fields of an NK2 file. The program loads the NK2 file completely opposed to NK2View which manipulated the bytes of the existing file. This decreases the risk of ending up with a corrupted NK2 file.

NK2Edit also provides some unique features for advanced users, including the “Raw Text Edit Mode” which allows you to view and edit the records of NK2 file as a text file
that looks like the .ini files of Windows. NK2Edit also allows you to write simple scripts that add, remove or modify records in the NK2 file.

The second change is a new license for NK2Edit. The program is still free for use for personal usage but not for companies. Companies need a license before they can use the program.

NK2Edit can be downloaded from the Nirsoft website. It is a portable software program compatible with most Microsoft Windows operating systems.

READ MORE - Edit Microsoft Outlook Autocomplete List

Tuesday, April 20, 2010

Accent Office Password Recovery recovers … guess what?

Have you ever had a Microsoft Office document that was locked and you really needed to unlock it? A friend had this problem a while ago and I might have been able to help had I known about Accent Office Password Recovery (AOPR) published by Accentsoft.

The software mounts one of three types of attacks to "crack" the protection. These attacks are brute force, mask-based and dictionary-based attacks.

A dictionary-based attack tests possible passwords based on a list of possible passwords, and can be very successful when a naïve (or lazy) user has chosen a predictable password.

With AOPR you can use any number of dictionaries and a large number of specialized dictionaries can be downloaded. You can also create your own dictionary; these are just plain text files with one word per line.

AOPR can be configured to try each word along with any or all of the following options: working through all combinations of lower and upper case, interchanging adjacent characters, skipping characters, and appending numeric characters to the word.
Windows Password recovery software

Your next choice is a brute force attack. This involves testing all possible passwords and it's sometimes the only way to recover a password. That said, while this could be considered the most reliable method, it is also the slowest with the actual maximum time required being directly dependent on the computing power of your system and the length of the password you're trying to break.

A mask-based attack combines the power of a brute force attack with a directed search by testing only passwords that meet a specific pattern or mask. This assumes you have some idea what the maximum and or minimum length of the password might be.

For the brute force and mask-based attacks, Accentsoft uses a clever trick: When AOPR finds one or more compatible graphics cards, it can run its cracking algorithms on the Graphics Processor Unit (GPU). Currently, AOPR supports ATI graphics cards with Stream/OpenCL technology (the 4XXX and 5XXX families) and Nvidia graphics cards with CUDA technology (eighth generation GeForce graphics cards and later) which, the company claims, can produce passes (i.e. cracking attempts) at a rate 60 times faster than a regular CPU.

I first tested AOPR using a mask-based attack on a password protected Word 2000 document. My password was five characters long so I created a five character mask and allowed for upper- and lowercase as well as numerics, spaces and symbols, which gave AOPR 7,417,954,634 possible passwords to check. On a Dell XPS 420 (2.39GHz Core2 Quad CPU with 4GB of RAM and an Nvidia GeForce 8800 GT video card) running Windows Vista Ultimate SP2, the estimated maximum solution time with AOPR running at normal priority (you can select a higher or lower priority) was around 22 minutes. The reported password testing rate was 4,560,000 tests per second and a solution was found in about 12 minutes.

I also set up a dictionary attack using a dictionary of 3,163,420 words with all of the dictionary attack options enabled except for adding of numeric characters. This resulted in 46,823,788,660 possible passwords and the performance, as reported by AOPR, was about 580,000 attempts per second with an estimated running time of just under one day (I didn't bother letting it run to completion as my password isn't in any dictionary).

READ MORE - Accent Office Password Recovery recovers … guess what?

Some Tips about Resetting Windows Vista Password

It's right, we live in a world where access to almost everything needs you to have a password. From your mobile cell telephone, ATM, office doors, safes, PC and other areas, you need a password to perform your ordinary requirements.

There are 2 sorts of windows vista account which are director account and user account. Anyhow resetting password essentially has the same solution regardless the sort of one's account.
you can forget your password to access your Windows PC just at a time you wish to do an assignment. What do you do? Do you sit there trying out every password you might imagine of? Well, that will essentially work, but what if it doesn't work? Try the following techniques to reset Windows Vista password:
Windows password recovery software
( a ) step one is to relax and let your intelligence unwind. Leave your personal computer and get another one to work on ( unless there are files you need to access ). You may just remember the password that you forgot. It really works.

( b ) Did you back-up your system? If yes, do you remember the passwords you used? If yes, then restore the system and use the passwords you can recollect. However, be sure to lose any users or groups you recently added.

( c ) go ahead and install a parallel O. S on the same PC then using your own tricks, gain access to the other system.

If you don’t succeed with above methodologies to reset windows password, all is not lost. Don’t format to re-install the OS. Windows Password Recovery programs are available readily online to help remember your forgotten password and get access to your personal computer. These softwares work for director and user accounts. Your password does not change, the software simply tells you the password you forgot.

Other 3rd party tools to recovery windows vista password like Windows Password Reset 7.0 can also help reset or recover Windows Vista Password. Windows Password Reset 7.0 is easily the only way to get rid of a forgotten password and there is no fear of losing info.

READ MORE - Some Tips about Resetting Windows Vista Password

Sunday, April 18, 2010

Windows 7 fuels demand for desktop support staff

Businesses upgrading to Windows 7 fuelled an increase in demand for project and desktop support staff last month, according to a recent study. Recover your windows password by using windows password recovery software

In its 'Professional talent spotlight - March 2010' report, recruitment consultancy Badenoch & Clark noted the demand as organisations planned upgrades to Microsoft Windows 7, having "snubbed" Vista.

Badenoch & Clark also noted trends in sectors such as the NHS and financial services.

In the NHS in general, it said there was a particular demand for information analysts, data migration experts, and in some areas, network and server engineers.

"A number of systems upgrades and restructures in the NHS in the Midlands in particular have led to increased demand for permanent network and server engineers," said Matt Gascoigne, associate director, IT at Badenoch & Clark.

"Preference within NHS trusts for fixed term contracts over contracts is continuing," he added.

In the financial services sector, Gascoigne said that 70 percent of organisations in the sector have been forced to change their IT systems in light of new regulations within energy trading and risk management.

"Consequently, we're seeing an uplift in demand for IT professionals with experience of OpenLink, TriplePoint or SolArc," he said.

Meanwhile, the continued recovery of the asset management market means that there was an increase in demand for people with experience of Charles River and Fidessa LatentZero systems in March. Moreover, the return of bonuses in the investment banking sector is believed to be driving a growth in vacancies, with business analysts with CDO (collateralised debt obligation), CDS (credit default swap) or derivatives experience in particular demand.

Across all sectors, Gascoigne noted an efficiency drive that was boosting demand for Business Intelligence (BI) professionals.

"With many organisations seeking analysis on their spend and maximising existing infrastructure, we're seeing demand on the rise across the board for SAP BI roles," he said.
READ MORE - Windows 7 fuels demand for desktop support staff

How to login Windows Vista if you don't have administrator password?

Do you forget Windows Vista Administrator Login Password ago? Oh no! Not to fear though there are ways to get back in, and I will lead you through the steps of password recovery , if your lost vista password, or it's a lost password, this tutorial is just for you!, you can also use some third party windows password recovery software to recover you password.

Step 1
First before we go on to the in depth steps, are you sure you can't remember and you forgot password? Have you thought of everything? Dates, names, places, foods, birthdays, etc?
Still can't remember?
Ok, not a problem, read on :-)

Step 2
Are you an administrator account or a standard user on the computer? If there are other users on the computer, and one of them is an administrator, they can go on and make the system reset password.
If your the administrator then your in a pickle! Keep reading :-)

Step 3
You should first try recovery tools password, which you will recover your password. Freeware programs I have listed some of the funds is very useful for the restoration of the password.

Step 4
If that fails the only other way would be to reinstall Windows....

Step 5
While this does not happen to you if you like, to prevent this by using a hard reset Windows Vista password, do so by following these steps please:

Step 6
provided by me

Click on the start button and then the control panel.

Step 7
provided by me

Next click on the user accounts and family safety icon.

Step 8
provided by me

Then click on user accounts on the next screen.

Step 9
provided by me

First insert a USB flash drive, or floppy, then in the menu on the left, click the create a password reset disk link.

Step 10
When the pop-up appears click next.
In the "I want to create a password key disk in the following drive: " choose your drive you want to write to.

Step 11
Click next, keep the disk in the drive, now enter your current password, and click next.

Step 12
When that is done, remove the disk and store it somewhere safe....this is your password reset disk

Step 13
To use this disk do the following:

If you forget your password and begin where you password is a connection, he said: "Forgot your password? You can insert your CD, click on this link and click continue.

READ MORE - How to login Windows Vista if you don't have administrator password?

Saturday, April 17, 2010

How to Recover Forgotten Internet Explorer Stored Passwords?

Microsoft Internet Explorer supports password caching for each of the websites you log on to, through its web browser. In other words, Internet Explorer can save user names and passwords for each website that is password protected, so that, next time, you need not type (or even remember) the password for the specific account in the password protected website. But consider a situation when you forget the username, itself. The problem can turn out to be critical if the username, that you cannot recall is of an important website account. Such situations most often necessitate you to get aid from a Windows Password recovery software.

Internet Explorer stores the credentials (user names and passwords) of all websites you login to, in Microsoft Protected Storage as a set of registry keys. So with each entry of a new username and password for any website, forum or blog, Windows creates a unique registry key to store the login details.

Disabling password caching eliminates the risks of privacy loss and data stealing, but it also raises chances of losing and forgetting the passwords. Sometimes it becomes vital to disable the caching, especially when you clean your computer or don't want your personal data to be revealed to other users.

Consider an instance when you login to your Gmail account using Internet Explorer. You didn't access this account for a long time and at next attempt of logging you find it difficult to remember the user name. You try hard to recall but unfortunately with no luck. Since the account holds many of the important e-mails, this becomes necessary for you to Recover Windows Password. Similar are the situations when a third-party password recovery tool can help.

There are various Password recovery software available that can restore the lost set of usernames that you have ever used to log in Internet Explorer. Providing advanced recovery capabilities, these utilities are also competent in restoring other Windows passwords. One can install and use these utilities with great ease and comfort because of their interactive design.
READ MORE - How to Recover Forgotten Internet Explorer Stored Passwords?

Thursday, April 15, 2010

How to- Password Recovery for Lost/Forgotten Windows Passwords?

In computing, Password is a string of characters or word, which is used to authenticate, gain access to resource, or to prove the identity, at the time of log-on. Password protection in Windows operating system prevents unauthorized access of confidential and critical business as well as personal data. Most of the applications enable you to set password to their files, such as email clients, web-based emails, FTP clients, and more. However, if you forget the password, you can not access the file. In such cases, you need to Recover Windows Password using appropriate tools.

If you have lost or forgotten password of your Microsoft Windows operating system, web browser, IM (Instant Messaging) client, or FTP (File Transfer Protocol) client, do not worry. You can regain access of all these applications through a number of methods, such as:

  • Password Hints: It is an easy method to recover lost Windows password. This is applicable only for the Windows operating system accounts. Password hint is generally located on Welcome screen beside password prompt text box. It gives a hint only if you have given some hint questions when you set the password.

  • Use Password Reset Disk: Windows operating system enables you to create password reset disk for recovering forgotten or lost password. You can easily create the password reset disk and use it to quickly recover password. But, if you do not have a password reset disk, because you have not created it when you set the password, this method can not help you.

  • Use Forgot Password Option: Web-based emails and IM clients enable you to recover lost or forgotten password. The option is available on the login screen. When you select this option, it takes you to a new screen where it asks your secondary email and security question. If you give correct answer, it sends your password through email.

If the above methods can not help you to Recover Windows Password, you need to opt for third-party Password recovery software These applications are capable of resetting the account password of your Windows computer.

The Password Recovery applications work with a number of other applications and recover lost user names and activation keys, along with password. To recover Windows account password, you need to create boot CD of these applications.

Author: Pavan sharma

READ MORE - How to- Password Recovery for Lost/Forgotten Windows Passwords?

Wednesday, April 14, 2010

How to Recover Lost Netscape Navigator Password?

Internet users usually have diverse passwords for accessing different accounts and services on daily basis. In such situations, it is sometimes not easy to remember all the passwords. When it comes to the popular web browser- Netscape Navigator, it allows you to remember these passwords by its exclusive tool called Password Manager. However, those passwords, which have never been saved in Password Manager can be lost or forgotten. But need not worry! There are different Password Recovery Software available that can recover these passwords and permit you to have an uninterrupted access to your website accounts.

Be wary of using similar passwords for all e-mail accounts. Not only is this a source of confusion, but it is also necessary if you like to prevent the leakage of confidential information. Many Netscape users cannot recall their recently set password(s) simply because they have been set as per the security requirements and do not convey any useful meaning, so can be easily forgotten. Also, it sometimes becomes difficult to remember so many of passwords used to open website accounts in Netscape Navigator.

One typical scenario is when a Netscape user accidentally deletes password data in an attempt to remove the privacy settings from password manager. As a result, he/she loses access of some of the websites that have been opened in Netscape Navigator. This is more so, owing to the fact, that he/she cannot remember the exact password.

Prevention Tips

If security is not a problem, you can permit Password Manager to store passwords of websites for you. Each time, you try to logon to a new website in NetScape Navigator, it asks you if it should remember the password. You can click 'Do you want Password Manager to remember this logon?' and avoid typing the username and password at every other attempt of opening the account in the website.

Password Recovery

By default, Netscape stores all the passwords in encrypted form in one of its registry files. Using suitable Password Recovery Software, you can restore all the missing or lost passwords of your accounts that you opened in Netscape Navigator.
READ MORE - How to Recover Lost Netscape Navigator Password?


Related Posts Plugin for WordPress, Blogger...