I improve security for enterprises around the world working for TrustedSec & I am @PyroTek3 on Twitter. Read the About page (top left) for information about me. :) https://adsecurity.org/?page_id=8
Sean Metcalf
Author's posts
Jul 11 2014
Real-Time World Hack Map
This is an incredible map of the world that shows real-time network attacks. The animation makes it look like something out of the movie, “WarGames.” Most impressive. http://map.ipviking.com/?_ga=1.106938115.1477390587.1388686673#
Jul 02 2014
PowerShell: Get the Dates When the Active Directory Schema Was Updated
The Microsoft Scripting Guys blog has a great article on determining when schema updates were performed along with some information about the schema changes – at least enough to see if it was an Exchange update. ########################### # Get Schema Update Dates # ########################### # Code from: http://blogs.technet.com/b/heyscriptingguy/archive/2012/01/05/how-to-find-active-directory-schema-update-history-by-using-powershell.aspx write-output “Reading all schema data… …
Jul 01 2014
LSASS Crashing, CNF Objects May Be the Cause
What Happens and How Do I Know if I’m Affected? When CNF mangled NTDS settings objects are created, the Lsass.exe process may crash and unexpectedly reboot one or more domain controllers. So there is a pretty good chance you’ll know about it. You may not know the root cause of the crash. More specifically though …
Jun 26 2014
PowerShell: Get Active Directory Instantiation Date
The Scripting Guys blog posted a very useful script on how to determine when the Active Directory Forest was stood up. ############################# # Get AD Instantiation Date # ############################# # Code from: http://blogs.technet.com/b/heyscriptingguy/archive/2012/01/05/how-to-find-active-directory-schema-update-history-by-using-powershell.aspx write-output “Checking Active Directory Creation Date… ” `r write-output “Displaying AD partition creation information ” `r Import-Module ActiveDirectory Get-ADObject -SearchBase …
Jun 24 2014
PowerShell: Using a HashTable to Identify Active Directory Schema & Exchange Version
It’s easy to get the Active Directory schema version as well as the installed Exchange (schema) version by using the Active Directory PowerShell cmdlet, Get-ADObject. This script leverages a built-out HashTable to perform a lookup against the version numbers. ################################### # Create Schema Version Hashtable # 20140606-14 ################################### Write-Verbose “Create Schema Version HashTable `r ” …
Jun 20 2014
PowerShell: Identifying Cloned Computers by CMID or SID
Here’s the PowerShell command for identifying the computer SID by finding local accounts: Get-WmiObject -class Win32_UserAccount This command shows the Information for the first account in the list which should be local: (Get-WmiObject -class Win32_UserAccount)[0] Here’s a PowerShell command to run on each of the servers. If the result is the same, they have the …
Jun 17 2014
57 Tips Every Admin Should Know
GFI’s 57 Tips Every Admin Should Know: The longer a person serves as a network admin, the more tips and tricks they are likely to pick up along the way. Some could be shortcuts, others might seem like magic, but all are intended to save you time and help you solve problems. Assume that all …
Jun 12 2014
New APT Approaches
The Trend Micro Security Intelligence Blog has an interesting article on how hackers are using legitimate tools as part of APT attacks. In our 2013 predictions, we noted how malware would only gradually evolve without much in the way of significant change. This can be seen in the use of some (otherwise legitimate) hacking tools …
Jun 10 2014
PowerShell 101: PowerShell Guide/CheatSheet
Michael Sorens has put together a comprehensive guide to using PowerShell: This series of articles evolved out of my own notes on PowerShell as I poked and prodded it to show me more. As my collection burgeoned, I began to organize them until I had one-line recipes for most any simple PowerShell task. Simple, though, …
Recent Comments