POP3, IMAP, SMTP, and MAPI are all protocols that are used in password spraying attacks. Disabling basic authentication of these protocols and requiring modern authentication will reduce your risk of password spraying success. Be mindful disabling basic authentication should be done in piecemeal and tested thoroughly to avoid major disruptions. You will read that creating… Continue reading Office 365 Security Tips and Tricks: Finding accounts with vulnerable protocols.
Office 365 Security: Tips and Tricks using Powershell monitoring Exchange Admin events.
What are Exchange Admin events? Events like adding, changing, or removing objects in your portal. Prerequisites: A modern version of Powershell, most Windows 10 and Windows 2016+ First create your session to your Office 365 portal: $Session = New-PSSession -ConnectionUri https://outlook.office365.com/powershell-liveid/ -ConfigurationName Microsoft.Exchange -Credential $credentials -Authentication Basic -AllowRedirection Run the search command in a script… Continue reading Office 365 Security: Tips and Tricks using Powershell monitoring Exchange Admin events.
Common Corporate Active Directory Mistakes.
1. Giving managers or the owner administrative access to your domain. This might sound like a good idea, but unless the owner of the company manages users and has a solid background in security, limit the users that can make these changes to only a few IT professionals. 2. Leaving SMB 1 enabled on your… Continue reading Common Corporate Active Directory Mistakes.
Windows Server 2016 – 70-742 Powershell commands
Here’s a list of common Powershell Commands you might use or see on the 70-742 exam: Install ADDS Install-WindowsFeature AD-Domain-Services ntdsutil: Activate instance ntds, ifm, create sysvol full c:\ifm Install-ADDSDomainController -InstallationMediaPath c:\ifm Cloning: Get-ADDCCloneingExcludedApplicationList -GenerateXML New-ADDCCloneConfigFile Seizing Roles: 0 – PDC, 1 – RID, 2 – Infrastructure, 3 – Schema, 4 – Domain naming master… Continue reading Windows Server 2016 – 70-742 Powershell commands
Windows Server 2016 Exam – 70-741 PowerShell by Category
Here’s a list of popular Powershell commands categorized: IPv6: IPv4: New-NetIpAddress DNS: Sets to setup a zone scope in DNS. Add-DnsServerClientSubnet -Name “LocationSubnet” -IPv4Subnet “10.0.0.0/24” Add-DnsServerZoneScope -Zonename “MyDomain.com” -Name “LocationScope” Add-DnsServerResourceRecord -Zonename “MyDomain.com” -A -Name “www” -IPv4Address “10.0.0.100” -ZoneScope “LocationScope” Add-DnsServerQueryResolutionPolicy -Name “MyPolicy” -Action Allow -ClientSubnet “eq,LocationSubnet” -ZoneScope “LocationScope,1” -ZoneName “MyDomain.com” —————————————————————– Add-DnsServerClientSubnet: Prevent RRL… Continue reading Windows Server 2016 Exam – 70-741 PowerShell by Category
Windows Server 2016 Exam – 70-741 RRAS
CommandType Name Version Source ———– —- ——- —— Alias Get-VpnServerIPsecConfiguration 3.0.0.0 RemoteAccess Alias Set-VpnServerIPsecConfiguration 3.0.0.0 RemoteAccess Function Add-BgpCustomRoute 3.0.0.0 RemoteAccess Function Add-BgpPeer 3.0.0.0 RemoteAccess Function Add-BgpRouteAggregate 3.0.0.0 RemoteAccess Function Add-BgpRouter 3.0.0.0 RemoteAccess Function Add-BgpRoutingPolicy 3.0.0.0 RemoteAccess Function Add-BgpRoutingPolicyForPeer 3.0.0.0 RemoteAccess Function Add-DAAppServer 3.0.0.0 RemoteAccess Function Add-DAClient 3.0.0.0 RemoteAccess Function Add-DAClientDnsConfiguration 3.0.0.0 RemoteAccess Function Add-DAEntryPoint 3.0.0.0… Continue reading Windows Server 2016 Exam – 70-741 RRAS
SSTP or IKE on Virtual Machines – Quick and dirty.
It wasn’t quick to configure a client to successfully connect to a VPN through SSTP or IKE, but here are the takeaways. It can be easily done with three Virtual machines: 1 – Windows 2016 Server – ADSI,DHCP,DNS 192.168.100.1 2 – Windows 2016 Server – RRAS and AD Certificate with Web Enrollment. 192.168.100.111 / 10.0.3.1… Continue reading SSTP or IKE on Virtual Machines – Quick and dirty.
Automating Windows domain login through Powershell.
If you are a Windows administrator, you know the registry is key to automation and troubleshooting client machines. Of course automating logins is very useful with lots of machines that do the same thing. We have a group of machines at one plant’s sole purpose is data collection. The shop users are not interested in… Continue reading Automating Windows domain login through Powershell.
Windows Server 2016 Exam – 70-741 IPAM
CommandType Name Version Source ———– —- ——- —— Function Add-IpamAddress 2.0.0.0 IpamServer Function Add-IpamAddressSpace 2.0.0.0 IpamServer Function Add-IpamBlock 2.0.0.0 IpamServer Function Add-IpamCustomField 2.0.0.0 IpamServer Function Add-IpamCustomFieldAssociation 2.0.0.0 IpamServer Function Add-IpamCustomValue 2.0.0.0 IpamServer Function Add-IpamDiscoveryDomain 2.0.0.0 IpamServer Function Add-IpamRange 2.0.0.0 IpamServer Function Add-IpamServerInventory 2.0.0.0 IpamServer Function Add-IpamSubnet 2.0.0.0 IpamServer Function Disable-IpamCapability 2.0.0.0 IpamServer Function Enable-IpamCapability 2.0.0.0… Continue reading Windows Server 2016 Exam – 70-741 IPAM
Windows Server 2016 Exam – 70-741 DHCP
Here is a list of all the commands that come in the PS module DHCP Server: CommandType Name Version Source ———– —- ——- —— Alias Reconcile-DhcpServerv4IPRecord 2.0.0.0 DhcpServer Function Add-DhcpServerInDC 2.0.0.0 DhcpServer Function Add-DhcpServerSecurityGroup 2.0.0.0 DhcpServer Function Add-DhcpServerv4Class 2.0.0.0 DhcpServer Function Add-DhcpServerv4ExclusionRange 2.0.0.0 DhcpServer Function Add-DhcpServerv4Failover 2.0.0.0 DhcpServer Function Add-DhcpServerv4FailoverScope 2.0.0.0 DhcpServer Function Add-DhcpServerv4Filter 2.0.0.0… Continue reading Windows Server 2016 Exam – 70-741 DHCP