YWAM Information Technology

On a rainy day I will try this on a test machine, but I thought I would post it here in case someone has already tested it before me. http://www.paulspoerry.com/2007/01/09/ophcrack-live-cd-crack-windows-passwords-in-minutes/

With the talk of security, I found the following product very interesting? Anyone use it?

http://www.torproject.org/index.html.en

Here is a pretty good article on PFSense, a firewall based on FreeBSD. PFSense is more feature rich than SmoothWall and has some awesome features, such as out of the box support for OpenVPN.

Go into any leadership meeting and talk about I.T. and you will start to hear a lot about security. The discussions can get emotive, with the IT guys getting hammered about the security of their servers, networks, etc.

I stumbled across this blog Seven Different Linux/BSD Firewalls Reviewed. I agree with a lot of their conclusions because I have studied most of these myself and concluded that PFSense was one of the best.

On my home test server at www.dmpnet.org, I was occasionally having times when someone would hit it hard with a brute force attack on ssh, ftp or pop3 services. I have my box locked down pretty hard and in a DMZ, but thought I needed to do a bit more.

For some reason I couldn't post a comment on Kevin's post about Backing UP, so I decided to start a new topic, which in a sense has it's own right.  This last week I was setting up an IMAP account on a MAC and got to the point of installing a SSL Certificate and it asked me for the Power User password, well the user didn't have any password setup. I still cannot believe  what I saw. I still hope I'm wrong in my judgment but how come a Power User is not Obliged to have a password? I mentioned to the owner that at any aiport wireless connection his computer was running a great risk of being hacked.

It seems that we keep getting undesirable comment spam on this site & it seems that it happens because there is no secure way of signing up as a new user. Is there a way we could add a captcha image system to the new user registration form to avoid any kind of automated user registration?

Thanks,

~Chris Bischoff