New & Updated Features in Windows Server 2012 R2 Expanded from: http://technet.microsoft.com/en-us/library/dn250019 What’s New for iSCSI Target Server in Windows Server 2012 R2 iSCSI Target Server enables you to network boot multiple computers from a single operating system image that is stored in a centralized location. iSCSI Target Server can boot hundreds of computers by …
October 2014 archive
Oct 12 2014
Hyper-V VM Generation Differences
From the Microsoft Tip of the Day Blog: Generation 2 VMs replace a large number of emulated devices with resource efficient synthetic devices. Here is a list of Generation 1 devices that you will not find in a new Generation 2 VM. BIOS COM Ports DMA Controller Floppy Controller i8042 Keyboard Controller IDE Controller …
Oct 10 2014
PowerShell and Ambiguous Name Resolution (ANR) Search in Active Directory
I was recently asked how to find a user when you have data that may be the SamAccountName or in another attribute. My first thought was leveraging Ambiguous Name Resolution (ANR) Search in Active Directory. ANR enables you to find a user when you have some information about a user, but don’t know exactly to …
Oct 07 2014
PowerShell Code: Find User in Active Directory Forest
PowerShell Code: Find User in Active Directory Forest There are times when you have a userid, but don’t know where in a multi-domain forest a user is located. Here’s some PowerShell code for locating the user’s domain. PowerShell code leverages the Active Directory PowerShell module to query a local Global Catalog (GC) server in …
Oct 06 2014
Comparing ASLR on Windows & Linux
Two key differences regarding Linux & Windows Address Space Layout Randomization (ASLR): ASLR is not as prevalent in most Linux distributions as it is on modern Windows systems. ASLR cannot be force-enabled for applications on Linux, as EMET can do on Windows. Read the entire article at Cert.org
Oct 04 2014
US-Based Azure VMs With Static IP May Get Foreign IP Addresses
Interesting side-effect of the enormity of the infrastructure behind a public cloud service. Some Azure customers may have noticed that for a VM deployed in a US region, when they launch a localized page on a web browser it may redirect them to an international site. The following explains why this may be happening. Potential …
Oct 03 2014
XEN Hypervisor Vulnerabilities
And you were wondering why Amazon had rolling reboots of EC2 recently… From the Whitepaper “FROM RING 3 TO RING0: EXPLOITING THE XEN X86 INSTRUCTION EMULATOR” (bitdefender): ABSTRACT While a VMM can provide a considerable level of security by isolation, it is generally true that by increasing the code-base that runs on a given host …
Oct 02 2014
BadUSB Overview (Presentation & Slides) & Recent Release of BadUSB Exploit Code
BadUSB – The problems with USB One of the best talks I saw at BlackHat USA 2014 was on security issues with USB that are built into the spec (i.e. can’t be changed easily). BadUSB Black Hat USA 2014 Presentation Slides BadUSB Black Hat USA 2014 Presentation Video Here are the primary reasons why USB …
Oct 02 2014
Using PowerShell to Perform a Reverse DNS Lookup in Active Directory
Typically, one would use ping -a to get the hostname for a specific IP address which performs a DNS reverse lookup. Querying AD for a computer with an IP works great for computers joined to the Active Directory domain since most computers in AD have the IP Address configured on the computer account. When the …
Oct 01 2014
Program like a Monkey – I mean an Orangutan – It’s OOK!
Learning PowerShell & Python isn’t enough… I need to learn OOK! Introduction Ook! is a programming language designed for orang-utans. Ook! is essentially isomorphic to the well-known esoteric language BrainF***, but has even fewer syntax elements. Design Principles A programming language should be writable and readable by orang-utans. To this end, the syntax should be …
Recent Comments