Category: System and Network Admins


https://dnschecker.org

 

https://www.whois.net/

 

https://mxtoolbox.com/

 

https://whatismyipaddress.com/

 

http://ping-test.org/

 

https://www.portcheckers.com/

 

 

Advertisements

Microsoft security compliance toolkit:

Il remplace Security Compliance Manager. Cet outil permet de planifier, créer, et monitorer des baselines de sécurité pour vos postes clients. Le remplacement a été choisi par Microsoft du fait de la complexité de SCM et de la difficulté à maintenir l’outil pour chaque version de Windows. Aujourd’hui, SCT ne supporte pas Desired Configuration Management de System Center Configuration Manager ou SCAP.

https://www.microsoft.com/en-us/download/details.aspx?id=55319

Other references:

2012 R2 hardening (CIS):

https://www.cisecurity.org/wp-content/uploads/2017/04/CIS_Microsoft_Windows_Server_2012_R2_Benchmark_v2.2.0.pdf

Windows 10 hardening:

https://www.asd.gov.au/publications/protect/Hardening_Win10.pdf

 

 

 

To test SSL/TLS and much more you can use the free online tool from Qualys:

https://www.ssllabs.com/ssltest/index.html

Links related to TLS which I have consulted: Solving the TLS problem ==> https://www.microsoft.com/en-us/download/details.aspx?id=55266

How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll ==> https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc

TLS/SSL Settings ==> https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS10

Managing SSL/TLS Protocols and Cipher Suites for ADFS:

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

https://jorgequestforknowledge.wordpress.com/2017/03/01/hardening-disabling-weak-ciphers-hashes-and-protocols-on-adfs-wap-aad-connect/

 

https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1803/ba-p/188568

https://cloudblogs.microsoft.com/windowsserver/2018/03/20/introducing-windows-server-2019-now-available-in-preview/?MC=WinServer&MC=MSAzure&MC=SysMagSof&MC=Windows&MC=Virtual

 

Windows Admin Center:

https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/overview

https://blogs.technet.microsoft.com/servermanagement/2018/04/12/windows-admin-center-formerly-project-honolulu-is-now-generally-available/

https://cloudblogs.microsoft.com/windowsserver/2018/04/12/announcing-windows-admin-center-our-reimagined-management-experience/

Installation:

You can install Windows Admin Center on the following Windows operating systems:

Version Installation Mode
Windows 10 (1709) Desktop mode
Windows Server, version 1709 Gateway mode
Windows Server 2016 Gateway mode

Desktop Mode: Connect to the Windows Admin Center gateway from the same computer on which it’s installed (for example, https://localhost:6516)

Gateway Mode: Connect to the Windows Admin Center gateway from a client browser on a different machine (for example, https://servername)

This was one of the main blockers of Firefox adoption in the enterprise : https://bugzilla.mozilla.org/show_bug.cgi?id=1433136

 

PowerShell remoting with SSH:

https://docs.microsoft.com/en-us/powershell/scripting/core-powershell/ssh-remoting-in-powershell-core?view=powershell-6

========================================================================================

How to use SFTP (and SSH) with Powershell?

http://www.powershellmagazine.com/2014/07/03/posh-ssh-open-source-ssh-powershell-module/

https://github.com/darkoperator/Posh-SSH

or Using WinSCP: http://winscp.net/eng/docs/library_powershell#using_from_powershell

Else other:

SFTP powershell snap-in: http://www.k-tools.nl/index.php/download-sftp-powershell-snap-in/

and paying software: http://www.powershellserver.com/download/

 

example of code using POSH SSH to use SFTP for secure file transfer (certified working! ;)))

$sftpUser = “myaccount”
$sftpServer = “103.x.y.z”
$LocalFile = “d:\data\filetoupload.txt”
$sftpPass = ConvertTo-SecureString -String “ttIJP0YPuPS6” -AsPlainText -Force
$sftpCred = new-object -typename System.Management.Automation.PSCredential -argumentlist $sftpUser, $sftpPass
$sftpSession = New-SFTPSession -ComputerName $sftpServer -Credential $sftpCred

Set-SFTPFile -SFTPSession $sftpSession -LocalFile $Localfile -RemotePath “/tmp/mydirectory/” -Overwrite

 

 

Reference: http://support.microsoft.com/kb/318785

Microsoft .net Framework is a software package that is used by many applications, it runs in a software environment as opposed to hardware environment.

Free program called .NET Version Detector ( download here ).

PowerShell: how to get version of .net framework on a remote computer: https://gallery.technet.microsoft.com/scriptcenter/Detect-NET-Framework-120ec923

To query the local Registry using PowerShell, execute the below command in an elevated PowerShell session.

(Get-ItemProperty ‘HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full’  -Name Release).Release

You can then use the table below to reference the installed version of .NET. For instance, if the returned value is 379893, then .NET 4.5.2 is installed.

Those laptops must run the latest Windows 10 OS with all the new security features and security best practices like:

  • Apply a Hardening Security Baseline from Microsoft Security Compliance Manager (SCM)
  • Enable Secure Boot with UEFI
  • Impose Software Restrictions using AppLocker
  • Enable Full Disk Encryption.
  • Impose Restrictions on USB ports.
  • Implement Network Isolation via host firewall
  • Install and configure the Device Guard, Windows defender ATP or equivalent + Crowdstrike or equivalent
  • Don’t allow Internet access from a browser.
  • Install Minimal Software.
  • Allow Minimal Administrative Accounts (gad-xxxx accounts in our case)
  • Implement a Hardened OU for the PAWs into the GAD of MUCMSPDOM