Windows

From Terminal23wiki

Jump to: navigation, search

WAMP
Installing a bunch of stuff on Windows (php, perl, apache, mysql, etc)
ApacheLounge tutorial
Securing MySQL on Windows
general Apache security
ssh server with cygwin
WinSnort


Password Recovery and Reset
password reset boot cd


Incident Investigation
From F-Secure are the most common auto-run registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\System\CurrentControlSet\Services\<servicename> (ImagePath value)
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon (Userinit value)
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<name> (DllName value)
HKLM\Software\Microsoft\Windows NY\CurrentVersion\Winlogon (Shell value)

Retrieved from "http://wiki.terminal23.net/index.php/Windows"
Personal tools