PaulDotCom's Web Site

These are two ways of enabling DHCP for a network interface in Windows using command line tools:

1) Netsh:
C:\> netsh interface ip set address "Local Area Connection" dhcp

2) WMIC:
C:\> wmic nicconfig where index=1 call enabledhcp

Where "Local Area Connection" and "index=1" reference the network interface that is being managed (by name or index).

Hi Guys,

Great Podcast, one of the shows I look forward to every week. Keep up the excellent work. Congrats to Paul on his recent Marriage.

Just a quick correction around minute 12 of the latest podcast (episode 35) I think Larry had the definition of intra (meaning within) and inter (meaning between) switched around when discussing protecting access inter vlan's.

Thanks and keep up the great work!

-Dominic Melo

I didn't listen to the full podcast yet, so this won't be the answer to the question (yet :) ). Just got this off the security basics mailing list (located at securityfocus.org): http://grcsucks.com/

Seems that there are many people who have issues with Steve Gibson ;)

Wow, this was nice. 10 secs after posting the last entry, I got to the part of the podcast where you mention this site. Totally freeky :)
Guess I stop posting before I listen to the full show :D

Here goes the answer to the question:

netsh interface ip set address "Local Area Connection" dhcp

The second way would be using WMI and some scripting:

http://www.programmersresource.com/forum/archive/index.php/t-1777.html

People are too quick for me :)

About the exploit of the week: while it's interesting, it's not very usefull. Remember, when you are running a SFX, basicaly you are running an executable from an untrusted source. If you get a dubious SFX archive, you can open it in WinRar (of course if you have it installed), which will open it (and extract it if you want) without executing the SFX part.

Twitchy sighting today (slow, I know). Man, talk about a younger clone of the professor! :<)

No Syngress books left though...

SF06 is great!

jynx

[Off topic] Saw this interesting diagram from the pen-test securityfocus mailing list - thought you guys may be interested. http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html

Found this the other day and thought it might be something to add on to the disabling USB ports via epoxy & BIOS password portion of the podcast.

Apparently many manufacturers install backdoor passwords in the BIOS in case users accidentally lock themselves out, so filling the ports in may be the only reliable way of disabling them.

http://www.uktsupport.co.uk/reference/biosp.htm

-j

I somewhat enjoy your podcasts but have some comments:

1) You spend too much time talking about the podcast itself. I am sure that I can find other podcasts about podcasts, I am really here to find out some security information.

[PaulDotCom - I somewhat agree with you. I have gone back to a few different episodes and totaled up the time we spend talking about sponsors and announcements. It usually is less than 5% of the podcast, so while I try to keep it to a minumum, it is difficult. I will look at this one again and shorten up the "administrivia"]

2) You lambast Steve Gibson but have technical inaccuracies yourself. An example is the "inter" vs. "intra" definition. The other, and I think more troubling comment was about the WinRar vulnerability.
[PaulDotCom - Yes, we did mix up the inter and intra. Sorry, we admit it and will correct it on the next show, unlike Steve Gibson.]

If you read the SecurityFocus post (http://www.securityfocus.com/bid/18851/discuss) on this vulnerability it clearly says that:
"Further reports indicate that the vulnerability lies in the code embedded in self-extracting archives, therefore this issue requires that users directly execute malicious EXE files. As users are already executing attacker-provided executable files, nothing extra is gained by this vulnerability. This BID is therefore retired."
This is not even a real bug, the people are running code supplied by unknown parties. Why bother with the RAR stuff? Instead just send them my rootkit installer.
[PaulDotCom - I agree, however it serves as a good example, maybe not all that practical, but a good teaching example. In the future, I will look for better ones that are more useful. Ease up, it was the first time for the new segment :-)]

I appreciate what you guys are trying to do and I understand that the podcast is free, and that it is difficult to be 100% accurate all the time. Still more security content, less podcast chatter. Please.

[PaulDotCom - Thank you for the constructive feedback, we are always looking for ways to improve. Heh, and I am glad that people from Microsoft (or at least are pretending to be from Microsoft) listen to our podcast :)]

Quick favor to ask: When you do something like mention the top five blogs you listen to or other podcasts you recommend, please include a link in the show notes to them. I'm not sure what blog you were referring to when you mentioned "the pentesters blog" The others could be found on google

[PaulDotCom - Stay tuned, I will make a blog entry...]

Excellent show, I gladly rated you 5 stars on yahoo. Yes it's a bit unpolished, but there are still many gold nuggests to be found...which after 10 years in the security field I find very useful.

[PaulDotCom - Okay, fair enough, but which parts need polishing? We appreciate your feedback and strive to get better with every episode. Thank You!]

sorry it took a while for me to reply. Some examples of the unpolished parts would be the repeated drunk/drinking comments or the background conversations that go on.
I'm not saying it distracts much from your excellent show, but it can sometimes.