Sunday morning and I am busy setting up a SQL 2008 R2 in a VM but get this error message when trying to add in my service accounts, I checked and double checked the accounts, passwords etc with no luck and then wondered was it something to do with the fact that I had cloned these Virtual machines?.....
I then ran psgetsid.exe on my SQL server and DC and found the problem... duplicate machine Sids :'(
Moral of the story is always use sysprep before cloning a VM :)
which is really obvious when you think about it, oh well...
Sunday, 17 April 2011
Friday, 8 April 2011
Firefox Profiles for home and work
Just a quick one about firefox profiles..... I wanted a way to get to all of my work related bookmarks at work and from home without mixing them with my personal ones. Here's how to do it:
create 2 new shortcuts as follows:
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -P WorkProfile -no-remote
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -P HomeProfile -no-remote
set up the new "Sync" feature in Firefox 4 and your all done! :)
create 2 new shortcuts as follows:
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -P WorkProfile -no-remote
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -P HomeProfile -no-remote
set up the new "Sync" feature in Firefox 4 and your all done! :)
Monday, 4 April 2011
vbma92a1.sys
So I was looking at another infected laptop *sigh*......
This one was redirecting web traffic to all sorts of places and stopping processes such as rootkit revealer, process explorer dead in their tracks. Since I couldnt see nothing obvious in services, the run key or Task manager I suspected a driver based rootkit... and I was right :)
I looked in system32\drivers and noticed a file called vbma92a1.sys that was dated a few days ago so I renamed it to .old and it recreated itself on next reboot, aha!
I then booted into an offline environment and deleted it and created a dummy vbma92a1.sys file in its place, denying everyone and everything access to it.
Upon rebooting all of my tools now worked :)
just gotta give it a quick scan with something other than what is installed and it should be good to go ;)
hope this helps!
This one was redirecting web traffic to all sorts of places and stopping processes such as rootkit revealer, process explorer dead in their tracks. Since I couldnt see nothing obvious in services, the run key or Task manager I suspected a driver based rootkit... and I was right :)
I looked in system32\drivers and noticed a file called vbma92a1.sys that was dated a few days ago so I renamed it to .old and it recreated itself on next reboot, aha!
I then booted into an offline environment and deleted it and created a dummy vbma92a1.sys file in its place, denying everyone and everything access to it.
Upon rebooting all of my tools now worked :)
just gotta give it a quick scan with something other than what is installed and it should be good to go ;)
hope this helps!
Subscribe to:
Posts (Atom)