Category Archive: Security

Sep 17

IPv6 Networking for the Windows Administrator

  IPv6 Networking for the Windows Administrator “It is unfortunate that some organizations disable IPv6 on their computers running Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008, where it is installed and enabled by default. Many disable IPv6-based on the assumption that they are not running any applications or services that …

Continue reading »

Share

Sep 04

Additional Configuration for Functionality Across Forests (Multiple Forest Considerations in Windows 2000 and Windows Server 2003)

Must Read TechNet Article: Additional Configuration for Functionality Across Forests (Multiple Forest Considerations in Windows 2000 and Windows Server 2003) Although most of the operations performed by users and administrators in a multiforest deployment rely on functionality within their own forests, some operations require additional configuration to extend the underlying functionality across the forest boundaries. …

Continue reading »

Share

Aug 21

Intel vPro Technology

In every modern (recent) Intel processor, there is a remote access Hardware Secrets posted: Intel’s vPro technology provides IT managers with a collection of security and manageability features, including remote access to the PC independent of the state of the operating system or that of the computer’s power. The newest vPro processors include an identity …

Continue reading »

Share

Aug 19

Security Considerations for Active Directory (AD) Trusts

TechNet has an article on the Security Considerations for Active Directory (AD) Trusts. This is a must read to fully understand the issues with the security implications of trust configurations. Potential Threats to Interforest Trusts Security Settings for Interforest Trusts Minimum Administrative Credentials for Securing Trusts Trust Security and Other Windows Technologies Related Information The …

Continue reading »

Share

Aug 06

Black Hat 2013: BREACH Highlights Web Protocol Issue

At Black Hat 2013 in Las Vegas this August, a new attack on HTTP/HTTPS was disclosed. The fact that the attack is web server agnositc and was demonstrated successfully against OWA (Outlook Web App) at BlackHat should have a lot of developers and sys admins sweating. The authors describe BREACH on their website:  BREACH is …

Continue reading »

Share

Jul 08

PowerShell Script: Discover Group Policy Passwords

Last week I posted about the vulnerability of managing passwords with Group Policy Preferences. One of my customers recently needed to change the local administrator password on several hundred Windows 7 workstations and was trying to determine the best method: PowerShell script or Group Policy Preferences. The easy answer is to use Group Policy Preferences …

Continue reading »

Share

Jul 03

Using Group Policy Preferences for Password Management = Bad Idea

Windows2012-GPP-password-warning

Using Group Policy Preferences for Password Management = Bad Idea OR “How to Get Your Network Owned in Several Simple Steps” One of my customers recently needed to change the local administrator password on several hundred Windows 7 workstations and was trying to determine the best method: PowerShell script or Group Policy Preferences. The easy …

Continue reading »

Share

Jun 13

AD Security: Pass the Hash Attack

A very dangerous attack that is effective in gaining full admin access to a network is called “Pass the Hash”. Commonly, a user logs into a system with their username and password. Pass the Hash (aka PtH) works by taking the password’s hash and passing it to a system as is, without even knowing the …

Continue reading »

Share

Aug 08

Machine Account (AD Computer Object) Password Updates

There seems to be quite a bit of confusion when it comes to domain-joined computers and how/when they update their AD computer object (machine account) passwords. Here are a few key points on this process: The default domain policy setting configures domain-joined Windows 2000 (& up) computers to update their passwords every 30 days (default). …

Continue reading »

Share

Jul 05

Active Directory Security Group Resources

Laura Robinson (Microsoft) has 2 posts which are excellent resources when working on your Active Directory delegation model. These posts focus on the concept of an “Admin-Free Active Directory” meaning that there are no accounts in the powerful AD groups: Enterprise Admins, Domain Admins, Administrators, & Schema Admins. The posts also list all of the …

Continue reading »

Share

Older posts «