Microsoft – Reminders of Good Information Sources

Microsoft Security Response Center: Protection, detection, and response. Malware Protection Center: The Microsoft Malware Protection Center (MMPC) provides world class antimalware research and response capabilities that support Microsoft’s range of security products and services. With laboratories in multiple locations around the globe the MMPC is able to respond quickly and effectively to new malicious andContinue reading “Microsoft – Reminders of Good Information Sources”

AD: Be protected against “Pass the Hash” attacks

Resources materials: AD Security: Preventing mimikatz attacks: Mimikatz and Active Directory Kerberos Attacks:    / Scripts: Domain lockdown: Microsoft resources:   Pass the Hash – isolation technique: Implementing Tier-zones model on Active Directory: Mitigate Credential theft with Administrative Tier Model      Continue reading “AD: Be protected against “Pass the Hash” attacks”

Free Tools for System and Network or DB Administrators

Free tools for Windows sysadmin   – Find string if files on Windows: using findstr /s /i findstr /s /i /C:”provider=sqloledb” d:\dir\*.* Find and replace string in file (Find and Replace == fnr) : other tool requiring also JAVE: FAR – Test SSL and TLS: _Well-known online tools for network engineers: reading “Free Tools for System and Network or DB Administrators”

How to access the disks mapped through RDP?

Windows XP/2003/2012 and greater support drive mapping back to the client workstation during a Terminal Services (Remote Desktop) session. This means you can copy files from the server to the client and vice versa. Each volume (removable, fixed or network) available on the client workstation is mapped (A for drive A:, C for drive C:,Continue reading “How to access the disks mapped through RDP?”

Converting .cer to .pem etc…

How to create and deploy a client certificate for MAC: Transforming .cer to .pem or vice-versa: using openssl to convert a certificate format to another format: Exporting a private key:    

Advanced XML filtering in the Windows Event Viewer        

GPO troubleshooting using Log files

GPO troubleshooting: In Windows 7 or Windows 2008 R2 or above, one good way of looking at all aspects of Group Policy is via the client’s event log. Open the event log (eventvwr.exe from the search/command box). Open Event Viewer (Local) Open Applications and Services Logs Open Microsoft Open Windows Open GroupPolicy andContinue reading “GPO troubleshooting using Log files”

How to backup and restore IIS 7

First Method Using GUI: Unfortunately, by default GUI mode is not enable, to enable it follow the instructions in the below article Second Method Using command line: To list IIS backups: %windir%\system32\inetsrv\appcmd.exe list backup To backup IIS: %windir%\system32\inetsrv\appcmd.exe add backup “Backup-date” Once the backup command is successful, the files can be verified in theContinue reading “How to backup and restore IIS 7”