Month: October 2014

I found the neat project that is all PowerShell scripts the a Security Professional can use as part of their toolbox

Account-Monitoring-Control	Updates
Authorized-Devices	Updates
Baselines	Patch to fix Start-SecDailyFunction.ps1
Forensics	Updates to Forensics Module
Log-Management	Updates
Network-Baseline	Added Reference to Get-SecOpenPorts
PoshSec-Configuration	Updating Module Versions to 1.0
PoshSec.PowerShell.Commands 3.5	Updates
PoshSec.PowerShell.Commands	PoshSec Commands for .NET 3.5
Software-Management	Updates
Utility-Functions	Added Values by Type
README.md	Update README.md
license.txt	Update license.txt
poshsec.psd1	PSD1 File Update
poshsec.psm1	Module Cleanup

To find out more go here

 

 

Here a a few PowerShell script that I use to look al logs and user accounts.

 

To finding the latest logon time

•Get-QADComputer -ComputerRole DomainController | foreach { (Get-QADUser -Service $_.Name -SamAccountName username).LastLogon } | Measure-Latest

•The following example demonstrates how to find inactive user accounts:

•Search-ADAccount -AccountInactive | where {$_.ObjectClass -eq ‘user’} | FT Name,ObjectClass –A

•The following example demonstrates how to find user accounts that have been inactive for 90 days:

•Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | where {$_.ObjectClass -eq ‘user’} | FT Name,ObjectClass –A

Retrieving Local Security Log Information

On a local computer, the PowerShell Get-EventLog cmdlet

•get-eventlog-list

•get-eventlog -list |<br>where {$_.logdisplayname -eq `<br>”security”}

Find all users who have “Password Never Expires

Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass –A

To Determine Who Has Never Logged On

get-aduser -f {-not ( lastlogontimestamp -like “*”) -and (enabled -eq $true)}

Find the Location of a Locked-Out User (jferron)

 

$DomainControllers = Get-ADDomainController -Filter *

Foreach($DC in $DomainControllers)

{

Get-ADUser -Identity jferron -Server $DC.Hostname `

-Properties AccountLockoutTime,LastBadPasswordAttempt,BadPwdCount,LockedOut

}

Here is a list of updated books by subject area you can download.

Azure

• Autoscaling Application Block and Transient Fault Handling Application Block Reference
• Building an On-Demand Video Service with Microsoft Azure Media Services
• Building Elastic and Resilient Cloud Applications – Developer’s Guide to the Enterprise Library 5.0 Integration Pack for Windows Azure
• Building Cloud Apps With Microsoft Azure
• Building Hybrid Applications in the Cloud on Windows Azure
• Cloud Design Patterns: Prescriptive Architecture Guidance for Cloud Applications
• Create Your First Application – Node.js and Windows Azure
• Developing Multi-tenant Applications for the Cloud on Windows Azure (3rd Edition)
• Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
• Drupal on Windows Azure
• Introducing Windows Azure for IT Professionals
• Exploring CQRS and Event Sourcing: A journey into high scalability, availability, and maintainability with Windows Azure
• Microsoft Azure ExpressRoute
• Migrating Data-Centric Applications to Windows Azure
• Moving Applications to the Cloud, 2nd Edition
• Moving Applications to the Cloud on Windows Azure (3rd Edition)
• Rethinking Enterprise Storage: A Hybrid Cloud Model
• Using Windows Azure Mobile Services to Cloud-Enable your iOS Apps
• Using Windows Azure Mobile Services to Cloud-Enable Your Windows Phone 8 Apps
• Using Windows Azure Mobile Services to Cloud-Enable your Windows Store Apps in C#
• Using Windows Azure Mobile Services to Cloud-Enable Your Windows Store Apps in JavaScript
• Windows Azure and SQL Database Tutorials
• Windows Azure Prescriptive Guidance
• Windows Azure Service Bus Reference

Lync

• Microsoft Lync Server 2013 Step by Step for Anyone

Office

• Deployment Guide for Office 2013
• First Look: Microsoft Office 2010
• Microsoft Office 365: Connect and Collaborate Virtually Anywhere, Anytime
• Microsoft Office 365 for professionals and small businesses: Help and How To
• Security and Privacy for Microsoft Office 2010 Users

SharePoint

• Explore SharePoint 2013
• Deployment guide for SharePoint 2013
• Test Lab Guide: eBook for SharePoint Server 2013 Intranet and Team Sites
• Create a Balanced Scorecard
• Configure Kerberos Authentication for SharePoint 2010 Products
• SharePoint Server for Business Intelligence
• Get started with SharePoint Server 2010
• Deployment guide for SharePoint Server 2010
• Upgrading to SharePoint Server 2010
• Profile synchronization guide for SharePoint Server 2010
• Remote BLOB storage for Microsoft SharePoint Server 2010
• Governance guide for Microsoft SharePoint Server 2010
• Business continuity management for SharePoint Server 2010
• Integration of HTTP/ HTTPs WCF Services (REST & SOAP) in SharePoint 2013
• Technical Reference for Microsoft SharePoint Server 2010
• The Wiki Ninjas Guide to SharePoint 2013
• The Wiki Ninjas Guide to SharePoint 2013 – IDTP

SQL Server

• 5 Tips for a Smooth SSIS Upgrade to SQL Server 2012
• A Hitchiker’s Guide to Microsoft StreamInsight Queries
• Books Online: Backup and Restore of SQL Server Databases
• Books Online: Data Analysis Expressions (DAX) Reference
• Books Online: Data Mining Extensions (DMX) Reference
• Books Online: Data Quality Services
• Books Online: High Availability Solutions
• Books Online: Master Data Services
• Books Online: Monitor and Tune for Performance
• Books Online: Multidimensional Expressions (MDX) Reference
• Books Online: SQL Server Distributed Replay
• Books Online: Transact-SQL Data Definition Language (DDL) Reference
• Books Online: Transact-SQL Data Manipulation Language (DML) Reference
• Books Online: XQuery Language Reference
• Data Access for Highly-Scalable Solutions: Using SQL, NoSQL, and Polyglot Persistence Extracting and Loading SharePoint Data in SQL Server Integration Services
• Integration Services: Extending Packages with Scripting
• Introducing Microsoft SQL Server 2008 R2
• Introducing Microsoft SQL Server 2012
• Introducing Microsoft SQL Server 2014
• Master Data Services Capacity Guidelines
• Master Data Services (MDS) Operations Guide
• Microsoft SQL Server AlwaysOn Solutions Guide for High Availability and Disaster Recovery
• Microsoft SQL Server Analysis Services Multidimensional Performance and Operations Guide Multidimensional Model Programming
• Optimized Bulk Loading of Data into Oracle
• Planning Disaster Recovery for Microsoft SQL Server Reporting Services in SharePoint Integrated Mode
• QuickStart: Learn DAX Basics in 30 Minutes
• SQLCAT’s Guide to BI and Analytics
• SQLCAT’s Guide to High Availability Disaster Recovery
• SQLCAT’s Guide to Relational Engine
• SQL Server 2012 Tutorials: Analysis Services – Data Mining
• SQL Server 2012 Tutorials: Analysis Services – Multidimensional Modeling
• SQL Server 2012 Tutorials: Analysis Services – Tabular Modeling
• SQL Server 2012 Tutorials: Reporting Services
• SQL Server 2012 Tutorials: Writing Transact-SQL Statements
• SQL Server 2012 Upgrade Technical Guide
• SQL Server Community FAQs Manual
• Transact SQL by TechNet WiKi Community
• Troubleshooting SQL Server AlwaysOn

System Center

• Cmdlet Reference for App Controller in System Center 2012 SP1
• Introducing Microsoft System Center 2012 R2
• Microsoft System Center: Building a Virtualized Network Solution
• Microsoft System Center: Cloud Management with App Controller
• Microsoft System Center: Configuration Manager Field Experience
• Microsoft System Center: Designing Orchestrator Runbooks
• Microsoft System Center: Network Virtualization and Cloud Computing
• Microsoft System Center: Optimizing Service Manager
• Microsoft System Center: Troubleshooting Configuration Manager
• Technical Documentation for System Center 2012 – Virtual Machine Manager

Visual Studio

• Better Unit Testing with Microsoft Fakes
• Building a Release Pipeline with Team Foundation Server 2012
• Developer’s Guide to Dependency Injection Using Unity
• Developer’s Guide to Microsoft Enterprise Library, 2nd Edition
• Moving to Microsoft Visual Studio 2010
• .NET Technology Guide for Business Applications
• Testing for Continuous Delivery with Visual Studio 2012
• Upgrade Team Foundation Server 2012: the ultimate upgrade guide

Web Development

• Building Cloud Apps With Microsoft Azure
• ASP.NET Multi-Tier Windows Azure Application Using Storage Tables, Queues, and Blobs ASP.NET Web Deployment using Visual Studio
• ASP.NET Web Deployment with SQL Server Compact using Visual Studio 2010
• Developing Modern Mobile Web Apps The Entity Framework 4.0 and ASP.NET Web Forms – Getting Started
• Getting Started with ASP.NET 4.5 Web Forms and Visual Studio 2013
• Getting Started with the Entity Framework 4.1 using ASP.NET MVC 3
• Getting Started with Entity Framework 6 Code First using MVC 5
• Intro to ASP.NET MVC 4 with Visual Studio (Beta)
• Introducing ASP.NET Web Pages 2
• Project Silk: Client-Side Web Development for Modern Browsers

Windows

• Administrator’s Guide for Microsoft Application Virtualization (App-V) 5.0
• Administrator’s Guide for Microsoft BitLocker Administration and Monitoring 1.0
• Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 7
• Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0
• Administrator’s Guide for Microsoft User Experience Virtualization (UE-V) 1.0
• Deploying Windows 7: Essential Guidance
• Developing an end-to-end Windows Store app using C++ and XAML: Hilo
• Developing an end-to-end Windows Store app using JavaScript: Hilo
• Introducing Windows 8.1 for IT Professionals
• Prism for the Windows Runtime: Developing a Windows Store business app using C#, XAML, and Prism Programming Windows 8 Apps with HTML, CSS, and JavaScript
• Programming Windows Store Apps with HTML, CSS, and JavaScript, Second Edition (Second Preview)

Windows Phone

• Developing an Advanced Windows Phone 7.5 App that Connects to the Cloud
• Programming Windows Phone 7

Windows Server

• A Guide to Claims-Based Identity and Access Control, Second Edition
• Introducing Windows Server 2008 R2
• Introducing Windows Server 2012
• Introducing Windows Server 2012 R2
• Migrate Roles and Features to Windows Server 2012 R2 or Windows Server 2012
• Understanding Microsoft Virtualization Solutions: From the Desktop to the Datacenter, Second Edition
• TCP/IP Fundamentals for Microsoft Windows
• Windows Server 2012 R2 and Windows Server 2012 TechNet Library Documentation

Career

• Own Your Future: Update Your Skills with Resources and Career Ideas from Microsoft

 

Having a DHCP Server on you network that not managed by a IT department is a security issue.

Microsoft has released a new tool for free that you can download that will show you all your DHCP servers  that are Authorized and then show you what is not approved This is a Graphic Tool that test by subnet.

Rogue detection tool is a GUI tool that checks if there are any rogue DHCP servers in the local subnet.

See what you have

Choose your network

Following are the features with this tool:

1. The tool can be run one time or can be scheduled to run at specified interval.

2. Can be run on a specified interface by selecting one of the discovered interfaces.

3. Retrieves all the authorized DHCP servers in the forest and displays them.

4. Ability to validate (not Authorize in AD) a DHCP server which is not rogue and persist this information

5. Minimize the tool, which makes it invisible. A tray icon will be present which would display the status.

You can download this tool here