Have you forgotten your windows vista password ?   you cannot login to your  computer / laptop ? No worries you can hack windows vista to reset your windows vista password.

Requirements :

1 ) Windows Vista DVD
2 ) Computer with Windows Vista

Please follow steps below to reset your Windows Vista Password in 10 minutes.

Steps :

1. Insert the Windows Vista DVD into the DVD drive and then restart the computer.
2. Change Boot Options 1st Priority to Optical Drive.
3. When system booting up, if the message “Press any key to boot from cd” appears, immediately press Enter.
4. On Language Settings, Time and Currency and Keyboard Layout screen, just choose the correct settings then click Next.
5. On Install Now screen, click Repair. Note: Click No just in case you get the message: Windows found problems with your computer’s startup options.
6. On the System Recovery Options screen, under Operating System, click Windows Vista then click Next. Then select Command Prompt.
7. At the command prompt windows, type the following command then press Enter after typing each command:
c:
cd windows\system32
echo ~takeown /f %1 /r /d y > TakeControlOf.cmd
echo ~icacls %1 /grant administrators:F /t
ren Magnify.exe Magnify.old
ren cmd.exe Magnify.exe
8. Restart the computer.
9. On the Welcome Screen, click the Ease button.
10. Check Make items on the screen larger then click OK.
11. At the prompt, type the command then press Enter.

net user Administrator /active:yes
exit
12. Restart the computer.

13. At the welcome screen, logon using the local administrator account.
14. Access Control Panel then click User Accounts. Select the username of the account you can’t login to then remove the password.
15. Log off on the current local administrator account your are logon to.
16. Check if you can logon to your user account now.
17. Open c:\windows\system32.
18. Right click on Magnify.exe, select Properties -> Security -> Advanced -> Owner -> Edit -> Administrators then click OK.
19. Select Edit -> Administrators -> Full Control then click Apply then OK.
20. Rename Magnify.old to Magnify.exe
21. Open command prompt then type the command then press Enter.
net user Administrator /active:no

i hope this will help you feedback will be appreciate.

Here are most Commonly Chosen Passwords , Please don not use these words as your Passwords. Please use Password Meter [ http://www.passwordmeter.com/ ] .

aaa abc academia academic access ada admin adrian adrianna aerobics airplane albany albatross albert alex alexander alf algebra alias aliases alice alicia alisa alison allison alpha alphabet ama amadeus amanda amber amorphous amy analog anchor andrea andromache andy angela angerine angie animals anita ann anna anne annette answer anthropogenic anvils anything april aria ariadne arlene arrow arthur asd asm asshole athena atmosphere aztecs azure

bacchus badass bailey banana bananas bandit banks barbara barber baritone bart bartman basic bass bassoon batch batman beach beater beauty beaver becky beethoven beloved benz beowulf berkeley berlin berliner beryl beta beth betsie betty beverly bicameral bishop bitch bob bradley brandi brandy brenda brian bridget broadway bsd bumbling burgess

cad camille campanile candi candy cantor cardinal caren carla carmen carol carole carolina caroline carrie carson cascades castle cat catherine cathy cayuga cecily celtics cerulean change charity charles charming charon chat chem chemistry chess chester christina christine christy cigar cindy class classic claudia cluster clusters code coffee coke collins commrades computer comrade comrades condo condom connect connie console cookie cooper cornelius couscous create creation creosote cretin criminal cristina crystal cshrc cynthia

daemon daisy dana dancer daniel danielle danny dapper data dave dawn deb debbie deborah december default defoe deluge denise desiree desperate develop device dial diana diane diet dieter digital disc discovery disk disney dog dos drought dulce duncan

eager earth easier easy eatme edges edinburgh edwin edwina egghead eiderdown eileen einstein elaine elanor elephant elizabeth ellen email emerald emily emmanuel enemy engine engineer enterprise enzyme erenity erica erika erin ersatz establish estate eternity euclid evelyn extension

fairway felicia fender fermat ferrari fidelity field file finite fishers flakes float flower flowers foolproof football foresight format forsythe fourier fred friend frighten fun function fungible

gabriel games gardner garfield gatt gauss george gertrude gibson gina ginger glacier gnu golf golfer gorgeous gorges gosling gouge graham grahm group gryphon gucci guess guest guitar gumption guntis

hack hacker hal hamlet handily happening harmony harold harvey hawaii heather hebrides heidi heinlein hello help herbert hiawatha hibernia hidden holly homework honey horse horus hutchins hydrogen

ibm imbroglio imperial include ingres ingress ingrid inna innocuous internet irene irishman isis

jackie jane janet janice janie japan jasmin jean jeanne jen jenni jennifer jenny jessica jester jill jixian joanne jody johnny joseph joshua joy joyce judith judy juggle julia julie june jupiter

karen karie karina kate kathleen kathrine kathy katina katrina kelly keri kermit kernel kerri kerrie kerry key kim kimberly kirkland kitten knight krista kristen kristi kristie kristin kristine kristy

ladle lambda lamination lana lara larkin larry laura lazarus leah lebesgue lee leland leroy leslie lewis library light linda lisa lisp liz lock lockout lois lori lorin lorraine louis love lucy lynn lynne

macintosh mack maggot magic mail maint malcolm malcom manager mara marci marcy maria marietta mark markus marni mars marty marvin mary master math maurice meagan megan melissa mellon memory mercury merlin mets mgr michael michele michelle mickey mike minimum minsky mit modem mogul moguls monica moose morley mouse mozart mutant

nagel nancy napoleon nasa nepenthe neptune ness net network new news newton next nicole nita nobody noreen noxious nuclear nutrition nyquist

oceanography ocelot office olivetti olivia open operator oracle orca orwell osiris outlaw oxford

pacific pad painless pakistan pam pamela paper papers pass password pat patricia patty paula pencil penelope penguin penis peoria percolate persimmon persona pete peter philip phoenix phone pierre pizza plane playboy plover pluto plymouth polly polynomial pondering pork porsche poster power praise precious prelude presto prince princeton priv private privs professor profile program protect protozoa pub public pumpkin puneet puppet

qwerty

rabbit rachel rachelle rachmaninoff rainbow raindrop raleigh random rascal reagan really rebecca regional remote renee rick ripple risc rje robin robot robotics robyn rochelle rochester rodent rolex romano ronald root rose rosebud rosemary roses ruben rules ruth

sal samantha sandra sandy sara sarah saturn saxon scamper scheme school scott scotty secret security sensor serenity service sesame sex shannon sharc shark sharks sharon sheffield sheldon shell sherri shirley shit shiva shivers shuttle signature simon simple simpsons singer single smile smiles smooch smother snatch snoopy soap socrates somebody sondra sonia sonya sossina sparrows spit spring springer squires stacey staci stacie stacy steph stephanie strangle stratford student stuttgart subway success summer sun super superstage superuser support supported surfer susan susanne susie suzanne suzie swearer sybil symmetry sys sysadmin system

tamara tami tamie tammy tangerine tape tara target tarragon taylor tech telephone temptation tennis terminal test thailand theresa tiffany tiger tina toggle tomato topography tortoise toxic toyota traci tracie tracy trails transfer trisha trivial trombone tty tubas tuttle

umesh unhappy unicorn unix unknown uranus urchin ursula util utility uucp

valerie vasant venus veronica vertigo vicky village virgin virginia visitor

wargames warren water weenie wendi wendy whatever whatnot whiting whitney wholesale will william williamsburg willie wilma winston wisconsin wizard wombat woodwind word work wormwood wyoming

xfer xmodem xyz xyzzy

yaco yang yellowstone yolanda yosemite

zap zimmerman zmodem

Below is list of Linux Security Tools that you must know about as being Linux Administrator.

1) Wireshark – network traffic analyzer
Wireshark is a network traffic analyzer, or “sniffer”, for Unix and Unix-like operating systems. A sniffer is a tool used to capture packets off the wire. Wireshark decodes numerous protocols (too many to list).This package provides wireshark (the GTK+ version)

http://www.wireshark.org

2) Nessus – Remote network security auditor
The Nessus® vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks.

http://www.nessus.org

3) Nmap – The Network Mapper
Nmap (”Network Mapper”) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.

4) Etherape – graphical network monitor modeled after etherman
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, ip and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display.It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.

http://etherape.sourceforge.net

5) Kismet – Wireless 802.11b monitoring tool
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

http://www.kismetwireless.net

6) Chkrootkit – Checks for signs of rootkits on the local system
chkrootkit identifies whether the target computer is infected with a rootkit. Some of the rootkits that chkrootkit identifies are:
1. lrk3, lrk4, lrk5, lrk6 (and some variants);
2. Solaris rootkit;
3. FreeBSD rootkit;
4. t0rn (including latest variant);
5. Ambient’s Rootkit for Linux (ARK);
6. Ramen Worm;
7. rh[67]-shaper;
8. RSHA;
9. Romanian rootkit;
10. RK17;
11. Lion Worm;
12. Adore Worm.
Please note that this is not a definitive test, it does not ensure that the target has not been cracked. In addition to running chkrootkit, one should perform more specific tests.

http://www.chkrootkit.org

7) Rkhunter – rootkit, backdoor, sniffer and exploit scanner
Rootkit Hunter scans systems for known and unknown rootkits, backdoors, sniffers and exploits.
It checks for:
- MD5 hash changes;
- files commonly created by rootkits;
- executables with anomalous file permissions;
- suspicious strings in kernel modules;
- hidden files in system directories;
and can optionally scan within files. Using rkhunter alone does not guarantee that a system is not compromised. Running additional tests, such as chkrootkit, is recommended.

http://www.rootkit.nl

8 ) tiger – Report system security vulnerabilities
TIGER, or the ‘tiger’ scripts, is a set of Bourne shell scripts, C programs and data files which are used to perform a security audit of UNIX systems. TIGER has one primary goal: report ways ‘root’ can be compromised.Debian’s TIGER incorporates new checks primarily oriented towards Debian distribution including: md5sums checks of installed files, location of files not belonging to packages, check of security advisories and analysis of local listening processes.

9) GnuPG – GNU privacy guard
GnuPG is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440.GnuPG does not use any patented algorithms so it cannot be compatible with PGP2 because it uses IDEA (which is patented worldwide).

http://www.gnupg.org/

10) Nemesis – TCP/IP Packet Injection Suite
Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis is perfect for automation and scripting.
Nemesis can natively craft and inject ARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP packets. Using the IP and the Ethernet injection modes, almost any custom packet can be crafted and injected.

http://nemesis.sourceforge.net

11) Tcpdump – A powerful tool for network monitoring and data acquisition
This program allows you to dump the traffic on a network. tcpdump is able to examine IPv4, ICMPv4, IPv6, ICMPv6, UDP, TCP, SNMP, AFS BGP, RIP, PIM, DVMRP, IGMP, SMB, OSPF, NFS and many other packet types.
It can be used to print out the headers of packets on a network interface, filter packets that match a certain expression. You can use this tool to track down network problems, to detect “ping attacks” or to monitor network activities.

http://www.tcpdump.org/

12) OpenSSH – secure shell server
This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It is intended as a replacement for rlogin, rsh and rcp, and can be used to provide applications with a secure communication channel.This package provides the sshd server.
In some countries it may be illegal to use any encryption at all without a special permit.

http://www.openssh.com/

13) Denyhosts – an utility to help sys admins thwart ssh hackers
DenyHosts is a program that automatically blocks ssh brute-force attacks by adding entries to /etc/hosts.deny. It will also inform Linux administrators about offending hosts, attacked users and suspicious logins.Syncronization with a central server is possible too.
Differently from other software that do same work, denyhosts doesn’t need support for packet filtering or any other kind of firewall in your kernel

http://denyhosts.sourceforge.net/

14) Snort – Flexible Network Intrusion Detection System

Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate “alert” file, or even to a Windows computer via Samba.
This package provides the plain-vanilla snort distribution and does not provide database (available in snort-pgsql and snort-mysql) support.

http://www.snort.org/

15) Firestarter – gtk program for managing and observing your firewall
Firestarter is a complete firewall tool for Linux machines. It features an easy to use firewall wizard to quickly create a firewall. Using the program you can then open and close ports with a few clicks, or stealth your machine giving access only to a select few. The real-time hit monitor shows attackers probing your machine.

http://www.fs-security.com

16) clamav – anti-virus utility for Unix – command-line interface
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon in the clamav-daemon package, a command-line scanner in the clamav package, and a tool for automatic updating via the Internet in the clamav-freshclam package. The programs are based on libclamav3, which can be used by other software.
This package contains the command line interface. Features:
- built-in support for various archive formats, including Zip, RAR, Tar,
Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others;
- built-in support for almost all mail file formats;
- built-in support for ELF executables and Portable Executable files
compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and
obfuscated with SUE, Y0da Cryptor and others;
- built-in support for popular document formats including Microsoft
Office and Mac Office files, HTML, RTF and PDF.
For scanning to work, a virus database is needed. There are two options for getting it:
- clamav-freshclam: updates the database from Internet. This is
recommended with Internet access.
- clamav-data: for users without Internet access. The package is
not updated once installed. The clamav-getfiles package allows
creating custom packages from an Internet-connected computer.

http://www.clamav.net/

17) Ettercap – Multipurpose sniffer/interceptor/logger for switched LAN
Ettercap supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.Data injection in an established connection and filtering (substitute or drop a packet) on the fly is also possible, keeping the connection synchronized.
Many sniffing modes were implemented to give you a powerful and complete sniffing suite. It’s possible to sniff in four modes: IP Based, MAC Based, ARP Based (full-duplex) and PublicARP Based (half-duplex).
It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

http://ettercap.sourceforge.net/

18) Netcat – TCP/IP swiss army knife
A simple Unix utility which reads and writes data across network connections using TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

http://netcat.sourceforge.net

19) MTR – mtr combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool.
As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine.

http://www.bitwizard.nl/mtr/
20) Hping3 – Active Network Smashing Tool
hping3 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping does with ICMP replies. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under supported protocols. Using hping3, you can test firewall rules, perform (spoofed) port scanning, test network performance using different protocols, do path MTU discovery, perform traceroute-like actions under different protocols, fingerprint remote operating systems, audit TCP/IP stacks, etc. hping3 is scriptable using the TCL language.

http://www.hping.org

21) ngrep – grep for network traffic
ngrep strives to provide most of GNU grep’s common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

http://ngrep.sourceforge.net/

22) john – active password cracking tool
john, mostly known as John the Ripper, is a tool designed to help systems administrators to find weak (easy to guess or crack through brute force) passwords, and even automatically mail users warning them about it, if it is desired.
It can also be used with different cyphertext formats, including Unix’s DES and MD5, Kerberos AFS passwords, Windows’ LM hashes, BSDI’s extended DES, and OpenBSD’s Blowfish.

http://www.openwall.com/john/

23) tcptrace – Tool for analyzing tcpdump output
Tcptrace is a tool for analyzing and reporting on tcpdump (or other libpcap) dump files. It can summarize the data or generate graph data for use with the gnuplot tool from the gnuplot package. Graph data can be created for throughput, RTT, time sequences, segment size, and cwin.
http://jarok.cs.ohiou.edu/software/tcptrace/

24) netdude – NETwork DUmp data Displayer and Editor for tcpdump trace files
It is a GUI-based tool that allows you to make detailed changes to packets in tcpdump trace files, in particular, it can currently do the following:
* Set the value of any field in IP, TCP and UDP packet headers.
* Copy, move and delete packets in the trace file.
* Fragment and reassemble IP packets.
* Netdude constantly communicates with a tcpdump process to update
the familiar tcpdump output that corresponds to the trace. This
also means that any changes made to your local version of tcpdump
are reflected in Netdude.
* Plugin architecture: people can easily add plugins for specific
tasks. The code comes with a plugin for checksum correction in IP,
TCP and UDP, and a dummy plugin.
* Through the plugin mechanism, Netdude provides a good facility for
writing tcpdump trace file filters.
http://netdude.sourceforge.net
25) tcpreplay – Tool to replay saved tcpdump files at arbitrary speeds

Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn’t exercise the application/protocol inspection that a NIDS performs, and doesn’t reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
http://tcpreplay.synfin.net
26) Dsniff – Various tools to sniff network traffic for cleartext insecurities
This package contains several tools to listen to and create network traffic:
* arpspoof – Send out unrequested (and possibly forged) arp replies.
* dnsspoof – forge replies to arbitrary DNS address / pointer queries
on the Local Area Network.
* dsniff – password sniffer for several protocols.
* filesnarf – saves selected files sniffed from NFS traffic.
* macof – flood the local network with random MAC addresses.
* mailsnarf – sniffs mail on the LAN and stores it in mbox format.
* msgsnarf – record selected messages from different Instant Messengers.
* sshmitm – SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
* sshow – SSH traffic analyser.
* tcpkill – kills specified in-progress TCP connections.
* tcpnice – slow down specified TCP connections via “active”
traffic shaping.
* urlsnarf – output selected URLs sniffed from HTTP traffic in CLF.
* webmitm – HTTP / HTTPS monkey-in-the-middle. transparently proxies.
* webspy – sends URLs sniffed from a client to your local browser
(requires libx11-6 installed).

http://www.monkey.org/~dugsong/dsniff/
27) scapy – Packet generator/sniffer and network scanner/discovery
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery, packet sniffer, etc. It can for the moment replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, ….
In scapy you define a set of packets, then it sends them, receives answers, matches requests with answers and returns a list of packet couples (request, answer) and a list of unmatched packets. This has the big advantage over tools like nmap or hping that an answer is not reduced to (open/closed/filtered), but is the whole packet.
http://www.secdev.org/projects/scapy/
28) Ntop – display network usage in top-like format
ntop is a Network Top program. It displays a summary of network usage by machines on your network in a format reminiscent of the unix top utility.It can also be run in web mode, which allows the display to be browsed with a web browser.
http://www.ntop.org/
29) NBTscan – A program for scanning networks for NetBIOS name information
NBTscan is a program for scanning IP networks for NetBIOS name information. It sends NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address (such as Ethernet).

http://www.unixwiz.net/tools/nbtscan.html
30) tripwire – file and directory integrity checker
Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.
http://www.tripwire.com/

Linux Security is a big topic and is difficult to be covered in one post. i will keep posting on this top time to time.

Below is some basic information; how we can secure a linux box.

1. Password Security
2. Directories Permissions/Ownership Security
3. Unnecessary Services
   
4. Network Security

1. Password Security

Make you password strong and lengthy. Combine letters, numbers, and symbols. Use password meter to test your passwords. Do not use root login for your normal work. only use limited users and for installation and other tasks where root login is required you can use su or sudo to become root and perform special task as soon as you are finished with your task press ctrl+D to return to normal user envirement.

2. Directories Permissions/Ownership Security

Linux have very good directory permision system as compared to Windows. All you need is to only change directory permissions where needed. and do not permit access to directoires like /etc /root to limited users as they could read important information that would help them hacking you box. You can use online permission calculator to calculate permisions .

3. Unnecessary Services
You need to disable all services that are not usefull to you. you can use sysv-rc-conf to check and manage all servces and their run levels. To disable a service you can uncheck a service run levels in sysv-rc-conf .

4. Network Security

Network Security is its self a big topic but at basic level you need to check which network services you are running at your linux server ( for example apache/httpd mysql bind ) . You can use firewall to disallow unneccessary access to these services . IPTABLE or IPCHAIN is firewall that is widely used to secure linux server. but for unauthorized access you need to configure each service to disallow. i will try to go in deep details of these services so stay tunned .

Your Comments will be appreciated.