Useful table with Powershell’s data types and descriptions: [string] Fixed-length string of Unicode characters [array] Array of values [xml] Xml object [int] 32-bit signed integer [DateTime] Date and Time [long] 64-bit signed integer [decimal] 128-bit decimal value [single] Single-precision 32-bit floating point number [double] Double-precision 64-bit floating point number [char] A Unicode 16-bit character [byte] …
October 2014 archive
Oct 30 2014
BlueHat 2014 Slides: Reality Bites – The Attacker’s View of Windows Authentication and Post-exploitation
Each year, Microsoft invites security researchers (aka hackers) to speak to Microsoft employees about security issues. One of the most interesting talks listed at “BlueHat” 2014 was the one by the “Pass-the-Hash” experts, Chris Campbell, Bejamin Delpy, and Skip Duckwall. This talk will focus on the how Windows authentication works in the real world and …
Oct 29 2014
Active Directory (and other) Security Resources
I just posted a “Security Resources” page that is a tab at the top of the site. This page contains useful security resources I have found over the years and plan on updating the content as needed. Active Directory (and other) Security Resources
Oct 29 2014
Windows Server 2012 R2 deprecates FRS (File Replication Service)
Microsoft’s Tip of the Day has the following useful information on Domain Controller File Replication Service (FRS) depercation: FRS (File Replication Service) has been deprecated in Windows Server 2012 R2. The deprecation of FRS has been accomplished by enforcing a minimum domain functional level of Windows Server 2008. This enforcement is present only if the …
Oct 25 2014
Microsoft EMET 5 Configuration to Mitigate PowerPoint Zero Day
Microsoft Security Advisory 3010060: Vulnerability in Microsoft OLE Could Allow Remote Code Execution (Published: October 21, 2014) PowerPoint Zero Day Vulnerability Executive Summary: Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft …
Oct 21 2014
Hyper-V How to install integration services when the virtual machine is not running
From Microsoft’s Virtualization Blog, How to install integration services when the virtual machine is not running: We’ve been talking to a lot of people about deploying integration services (integration components) lately. As it turns out, they’re pretty easy to patch offline with existing Hyper-V tools. First, why would you update integration services on a not-running …
Oct 18 2014
Windows Server 2012 R2 Features
Single post coverage of all of the major new and updated features in Windows Server 2012 R2 This covers the following technology areas: iSCSI Target Server SMB Windows Deployment Services Active Directory BitLocker DFS Replication DHCP DNS Server Failover Clustering File and Storage Services File Server Resource Manager Group Policy Hyper-V Hyper-V Network Virtualization Hyper-V …
Oct 15 2014
PowerShell Function: Get-ADAuthGroups
Here’s a PowerShell Function that leverages Active Directory .Net to get a list of the AD authorization groups. This is extremely useful to get a complete list of security groups that comprise a user’s AD Kerberos token without having to loop or recurse AD groups. Function GetAuthGroups { Param ( $AccountID, [switch]$CountAuthGroups, [Switch]$ReturnGroups = …
Recent Comments