Return-Path: X-Original-To: apmail-vcl-user-archive@www.apache.org Delivered-To: apmail-vcl-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E39AAD92A for ; Fri, 10 Aug 2012 13:51:06 +0000 (UTC) Received: (qmail 57500 invoked by uid 500); 10 Aug 2012 13:51:06 -0000 Delivered-To: apmail-vcl-user-archive@vcl.apache.org Received: (qmail 57461 invoked by uid 500); 10 Aug 2012 13:51:06 -0000 Mailing-List: contact user-help@vcl.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@vcl.apache.org Delivered-To: mailing list user@vcl.apache.org Received: (qmail 57447 invoked by uid 99); 10 Aug 2012 13:51:06 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Aug 2012 13:51:06 +0000 X-ASF-Spam-Status: No, hits=-0.1 required=5.0 tests=FSL_RCVD_USER,RCVD_IN_DNSWL_MED,SPF_NEUTRAL,TVD_PH_BODY_ACCOUNTS_PRE X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [74.125.149.140] (HELO na3sys009aog120.obsmtp.com) (74.125.149.140) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Aug 2012 13:50:59 +0000 Received: from mail-wi0-f175.google.com ([209.85.212.175]) (using TLSv1) by na3sys009aob120.postini.com ([74.125.148.12]) with SMTP ID DSNKUCURrRI55I8cU41l58RfaFig9CYZ1eBU@postini.com; Fri, 10 Aug 2012 06:50:38 PDT Received: by wibhm2 with SMTP id hm2so1021753wib.10 for ; Fri, 10 Aug 2012 06:50:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:content-type:x-gm-message-state; bh=D2+M0BSYHhQZFpPUmM9qTpfvn4/uhWXlvo/ir0S62P4=; b=B4aJZDSSrha4SkDw6CklKxWtIeHYpyOp/0pfO+sF0gvdCBrzorhsdigD8Q2mHrDIna vgnqlp+U7xkWgs97zbpxAbk2Z5eHluZp/t/hkYpuNbsYiE4VhlP00IEuLiMMCrI/NXJd 2Ic1X8xTugn5MuU9fAB7vjlEeBRuKrlAtiepNYw+MREcCED+HwHbR8k3iokRos8ucBqq we1qbSdXUJ6Ra1MIxTmDJmga6Yw8B0oEB1CtvYD8jwvYinL3v+Un93zudcd4PR3ZQmQ+ 2kSFIjm09WbcMib4q6Y7lNrmgMO1pgPgbVg16i8vTV7ErLSQ6APpLMspJ1rYhn7gddEQ uEvA== MIME-Version: 1.0 Received: by 10.216.231.208 with SMTP id l58mr1457190weq.138.1344606635656; Fri, 10 Aug 2012 06:50:35 -0700 (PDT) Received: by 10.216.213.91 with HTTP; Fri, 10 Aug 2012 06:50:35 -0700 (PDT) Reply-To: aaron_peeler@ncsu.edu In-Reply-To: References: Date: Fri, 10 Aug 2012 09:50:35 -0400 Message-ID: Subject: Re: Capturing an unpatched Windows XP image From: Aaron Peeler To: user@vcl.apache.org Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQkGCkfjG4bH9KfAXtTipfXSNpPDKpWlptX+Z+k55OAg79IVPmjU2ECa+JjAIWb7D6hFH7pf Resending to the user mailing list. I forgot to reply-all -Aaron On Thu, Aug 9, 2012 at 8:24 AM, Aaron Peeler wrote: > Hi Al, > > This is possible and not really a fix, but local custom change to > remove the firewall dependency. You would need to modify the code that > deals with the firewall and make it conditional instead of failing it. > > if( has firewall ) make use of it > else ( ignore) and proceed with the reservation. > > There are a couple of locations in the OS modules that would need to be updated. > /usr/local/vcl/lib/VCL/Module/OS/* > > I'm not sure exactly of the routines that depend on the firewall, but > it should be pretty easy to find. in searching for netsh and iptables > commands. > > This would likely be a local custom change that you'd have to keep > maintained if only using for windows. If the group felt this was a > feature that could be useful for long-term use. Then we would need to > create a jira feature request. > > -Aaron > > > On Wed, Aug 8, 2012 at 10:58 AM, Evelio Quiros wrote: >> Can anyone comment on this please ? >> Thanks, >> Al Q >> >> >> On 8/7/12 2:44 PM, "Evelio Quiros" wrote: >> >>>Sorry, used the wrong subject line before: >>> >>>> >>>>Hello group, >>>> >>>>I may have mentioned this before, so bear with me. >>>> >>>>I would like to deploy an unpatched Windows XP OS for a hacking class. >>>>This is used as a target to launch several well-known exploits by >>>>students. >>>> >>>>The problem is when I try to configure Cygwin, I get a failure in setting >>>>the Windows Firewall. >>>> >>>>That is because there is no Windows Firewall in this early version of XP. >>>> >>>>Is there a known fix for this ? Can I 'safely' (relatively) comment out >>>>the sections of the config file that deal with the Firewall ? >>>> >>>>I know this is an unsafe system, but that's the point. We need this to >>>>show students the importance of updating their OS and protecting >>>>themselves from attack. >>>> >>>>Any idea how I can capture this unpatched image ? >>>> >>>>Thanks, >>>>Al Quiros >>>>Florida International University >>>> >>> >> > > > > -- > Aaron Peeler > Program Manager > Virtual Computing Lab > NC State University > > All electronic mail messages in connection with State business which > are sent to or received by this account are subject to the NC Public > Records Law and may be disclosed to third parties. -- Aaron Peeler Program Manager Virtual Computing Lab NC State University All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties.