My l3g3nd

There is no spoon

Group Policy: Loopback Processing

| Comments

Group policies are applied on users or computers based on the OU they are in. Just for the heck of it I will say that policies applied on user accounts are processed when a user logs into the machine and computer based policies are applied when a computer starts/reboots. Once GPO has been applied a lot of times there is a need to create an exception for it. We can use Group policy loopback settings to apply the user policy based on the computer user logs in.

For example, consider a standard group policy of screen saver turning on every 60 min when there is no activity on the user workstation. User might also have access to a particular server or workstation where the standard policy is not required and another policy of say 120 min screensaver time out is required due to user roles or business requirement. So if a group policy is applied on user accounts then how will it be processed differently when a user logs in to a different workstation/server?

Replacing RSA Host Key in Known_hosts File

| Comments

I came across this warning message while I was trying to ssh into one of my Linux boxes and it took me by surprise. At first I thought there is a DNS Spoofing or man-in-the-middle attack as suggested by the message but when I read the message carefully and gave a little more thought I found that its just a warning message. I used the same machine name to ssh once and that added the host key in known_hosts file in my current machine and now I am again using the same machine name but on a different host.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
l3g3ndary@fir3star.l3g3ndary.org:/home/l3g3ndary/.ssh$ ssh l3g3ndary@fir3star.l3g3ndary.org
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for www.mayanksaraswat.com has changed,
and the key for the corresponding IP address x.x.x.x
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
d9:b5:d4:64:a3:c9:12:25:aa:1b:d8:a2:13:cf:fe:ed.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:13
RSA host key for fir3star.l3g3ndary.org has changed and you have requested strict checking.
Host key verification failed.

Using Latest NVIDIA Drivers on Linux

| Comments

I am running Ubuntu 10.04 as a host and Windows 7 as a guest on VMware workstation. However I am having issues in expanding my terminal on the same screen where I have Windows running in full screen mode. My laptop has a pretty decent configuration with 6GB memory and GeForce 8M (notebook) graphics card. But I am using the NVIDIA drivers that are available in the Ubuntu repo and not the latest one.

In order to resolve the slowness I wanted to try the latest NVIDIA drivers. With the help of my colleague I resolved it as follows:

Secure Computer Systems

| Comments

I wanted to write about this from quite sometime but I was too lazy to do it. However, I have decided that from now on I will contribute to whatever way I can, I will to the web. I am mostly interested in keeping myself aware about Information Assurance and Security and obviously I will write about that.

Everyone is talking about security of the system and how should we keep our systems secure. I asked myself “what is a secure system? Under what conditions a system can be classified as a Secure System?”.