Year: 2014

I found the neat project that is all PowerShell scripts the a Security Professional can use as part of their toolbox

Account-Monitoring-Control	Updates
Authorized-Devices	Updates
Baselines	Patch to fix Start-SecDailyFunction.ps1
Forensics	Updates to Forensics Module
Log-Management	Updates
Network-Baseline	Added Reference to Get-SecOpenPorts
PoshSec-Configuration	Updating Module Versions to 1.0
PoshSec.PowerShell.Commands 3.5	Updates
PoshSec.PowerShell.Commands	PoshSec Commands for .NET 3.5
Software-Management	Updates
Utility-Functions	Added Values by Type
README.md	Update README.md
license.txt	Update license.txt
poshsec.psd1	PSD1 File Update
poshsec.psm1	Module Cleanup

To find out more go here

 

 

Here a a few PowerShell script that I use to look al logs and user accounts.

 

To finding the latest logon time

•Get-QADComputer -ComputerRole DomainController | foreach { (Get-QADUser -Service $_.Name -SamAccountName username).LastLogon } | Measure-Latest

•The following example demonstrates how to find inactive user accounts:

•Search-ADAccount -AccountInactive | where {$_.ObjectClass -eq ‘user’} | FT Name,ObjectClass –A

•The following example demonstrates how to find user accounts that have been inactive for 90 days:

•Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | where {$_.ObjectClass -eq ‘user’} | FT Name,ObjectClass –A

Retrieving Local Security Log Information

On a local computer, the PowerShell Get-EventLog cmdlet

•get-eventlog-list

•get-eventlog -list |<br>where {$_.logdisplayname -eq `<br>”security”}

Find all users who have “Password Never Expires

Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass –A

To Determine Who Has Never Logged On

get-aduser -f {-not ( lastlogontimestamp -like “*”) -and (enabled -eq $true)}

Find the Location of a Locked-Out User (jferron)

 

$DomainControllers = Get-ADDomainController -Filter *

Foreach($DC in $DomainControllers)

{

Get-ADUser -Identity jferron -Server $DC.Hostname `

-Properties AccountLockoutTime,LastBadPasswordAttempt,BadPwdCount,LockedOut

}

Here is a list of updated books by subject area you can download.

Azure

• Autoscaling Application Block and Transient Fault Handling Application Block Reference
• Building an On-Demand Video Service with Microsoft Azure Media Services
• Building Elastic and Resilient Cloud Applications – Developer’s Guide to the Enterprise Library 5.0 Integration Pack for Windows Azure
• Building Cloud Apps With Microsoft Azure
• Building Hybrid Applications in the Cloud on Windows Azure
• Cloud Design Patterns: Prescriptive Architecture Guidance for Cloud Applications
• Create Your First Application – Node.js and Windows Azure
• Developing Multi-tenant Applications for the Cloud on Windows Azure (3rd Edition)
• Deploy SQL Server Business Intelligence in Windows Azure Virtual Machines
• Drupal on Windows Azure
• Introducing Windows Azure for IT Professionals
• Exploring CQRS and Event Sourcing: A journey into high scalability, availability, and maintainability with Windows Azure
• Microsoft Azure ExpressRoute
• Migrating Data-Centric Applications to Windows Azure
• Moving Applications to the Cloud, 2nd Edition
• Moving Applications to the Cloud on Windows Azure (3rd Edition)
• Rethinking Enterprise Storage: A Hybrid Cloud Model
• Using Windows Azure Mobile Services to Cloud-Enable your iOS Apps
• Using Windows Azure Mobile Services to Cloud-Enable Your Windows Phone 8 Apps
• Using Windows Azure Mobile Services to Cloud-Enable your Windows Store Apps in C#
• Using Windows Azure Mobile Services to Cloud-Enable Your Windows Store Apps in JavaScript
• Windows Azure and SQL Database Tutorials
• Windows Azure Prescriptive Guidance
• Windows Azure Service Bus Reference

Lync

• Microsoft Lync Server 2013 Step by Step for Anyone

Office

• Deployment Guide for Office 2013
• First Look: Microsoft Office 2010
• Microsoft Office 365: Connect and Collaborate Virtually Anywhere, Anytime
• Microsoft Office 365 for professionals and small businesses: Help and How To
• Security and Privacy for Microsoft Office 2010 Users

SharePoint

• Explore SharePoint 2013
• Deployment guide for SharePoint 2013
• Test Lab Guide: eBook for SharePoint Server 2013 Intranet and Team Sites
• Create a Balanced Scorecard
• Configure Kerberos Authentication for SharePoint 2010 Products
• SharePoint Server for Business Intelligence
• Get started with SharePoint Server 2010
• Deployment guide for SharePoint Server 2010
• Upgrading to SharePoint Server 2010
• Profile synchronization guide for SharePoint Server 2010
• Remote BLOB storage for Microsoft SharePoint Server 2010
• Governance guide for Microsoft SharePoint Server 2010
• Business continuity management for SharePoint Server 2010
• Integration of HTTP/ HTTPs WCF Services (REST & SOAP) in SharePoint 2013
• Technical Reference for Microsoft SharePoint Server 2010
• The Wiki Ninjas Guide to SharePoint 2013
• The Wiki Ninjas Guide to SharePoint 2013 – IDTP

SQL Server

• 5 Tips for a Smooth SSIS Upgrade to SQL Server 2012
• A Hitchiker’s Guide to Microsoft StreamInsight Queries
• Books Online: Backup and Restore of SQL Server Databases
• Books Online: Data Analysis Expressions (DAX) Reference
• Books Online: Data Mining Extensions (DMX) Reference
• Books Online: Data Quality Services
• Books Online: High Availability Solutions
• Books Online: Master Data Services
• Books Online: Monitor and Tune for Performance
• Books Online: Multidimensional Expressions (MDX) Reference
• Books Online: SQL Server Distributed Replay
• Books Online: Transact-SQL Data Definition Language (DDL) Reference
• Books Online: Transact-SQL Data Manipulation Language (DML) Reference
• Books Online: XQuery Language Reference
• Data Access for Highly-Scalable Solutions: Using SQL, NoSQL, and Polyglot Persistence Extracting and Loading SharePoint Data in SQL Server Integration Services
• Integration Services: Extending Packages with Scripting
• Introducing Microsoft SQL Server 2008 R2
• Introducing Microsoft SQL Server 2012
• Introducing Microsoft SQL Server 2014
• Master Data Services Capacity Guidelines
• Master Data Services (MDS) Operations Guide
• Microsoft SQL Server AlwaysOn Solutions Guide for High Availability and Disaster Recovery
• Microsoft SQL Server Analysis Services Multidimensional Performance and Operations Guide Multidimensional Model Programming
• Optimized Bulk Loading of Data into Oracle
• Planning Disaster Recovery for Microsoft SQL Server Reporting Services in SharePoint Integrated Mode
• QuickStart: Learn DAX Basics in 30 Minutes
• SQLCAT’s Guide to BI and Analytics
• SQLCAT’s Guide to High Availability Disaster Recovery
• SQLCAT’s Guide to Relational Engine
• SQL Server 2012 Tutorials: Analysis Services – Data Mining
• SQL Server 2012 Tutorials: Analysis Services – Multidimensional Modeling
• SQL Server 2012 Tutorials: Analysis Services – Tabular Modeling
• SQL Server 2012 Tutorials: Reporting Services
• SQL Server 2012 Tutorials: Writing Transact-SQL Statements
• SQL Server 2012 Upgrade Technical Guide
• SQL Server Community FAQs Manual
• Transact SQL by TechNet WiKi Community
• Troubleshooting SQL Server AlwaysOn

System Center

• Cmdlet Reference for App Controller in System Center 2012 SP1
• Introducing Microsoft System Center 2012 R2
• Microsoft System Center: Building a Virtualized Network Solution
• Microsoft System Center: Cloud Management with App Controller
• Microsoft System Center: Configuration Manager Field Experience
• Microsoft System Center: Designing Orchestrator Runbooks
• Microsoft System Center: Network Virtualization and Cloud Computing
• Microsoft System Center: Optimizing Service Manager
• Microsoft System Center: Troubleshooting Configuration Manager
• Technical Documentation for System Center 2012 – Virtual Machine Manager

Visual Studio

• Better Unit Testing with Microsoft Fakes
• Building a Release Pipeline with Team Foundation Server 2012
• Developer’s Guide to Dependency Injection Using Unity
• Developer’s Guide to Microsoft Enterprise Library, 2nd Edition
• Moving to Microsoft Visual Studio 2010
• .NET Technology Guide for Business Applications
• Testing for Continuous Delivery with Visual Studio 2012
• Upgrade Team Foundation Server 2012: the ultimate upgrade guide

Web Development

• Building Cloud Apps With Microsoft Azure
• ASP.NET Multi-Tier Windows Azure Application Using Storage Tables, Queues, and Blobs ASP.NET Web Deployment using Visual Studio
• ASP.NET Web Deployment with SQL Server Compact using Visual Studio 2010
• Developing Modern Mobile Web Apps The Entity Framework 4.0 and ASP.NET Web Forms – Getting Started
• Getting Started with ASP.NET 4.5 Web Forms and Visual Studio 2013
• Getting Started with the Entity Framework 4.1 using ASP.NET MVC 3
• Getting Started with Entity Framework 6 Code First using MVC 5
• Intro to ASP.NET MVC 4 with Visual Studio (Beta)
• Introducing ASP.NET Web Pages 2
• Project Silk: Client-Side Web Development for Modern Browsers

Windows

• Administrator’s Guide for Microsoft Application Virtualization (App-V) 5.0
• Administrator’s Guide for Microsoft BitLocker Administration and Monitoring 1.0
• Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 7
• Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0
• Administrator’s Guide for Microsoft User Experience Virtualization (UE-V) 1.0
• Deploying Windows 7: Essential Guidance
• Developing an end-to-end Windows Store app using C++ and XAML: Hilo
• Developing an end-to-end Windows Store app using JavaScript: Hilo
• Introducing Windows 8.1 for IT Professionals
• Prism for the Windows Runtime: Developing a Windows Store business app using C#, XAML, and Prism Programming Windows 8 Apps with HTML, CSS, and JavaScript
• Programming Windows Store Apps with HTML, CSS, and JavaScript, Second Edition (Second Preview)

Windows Phone

• Developing an Advanced Windows Phone 7.5 App that Connects to the Cloud
• Programming Windows Phone 7

Windows Server

• A Guide to Claims-Based Identity and Access Control, Second Edition
• Introducing Windows Server 2008 R2
• Introducing Windows Server 2012
• Introducing Windows Server 2012 R2
• Migrate Roles and Features to Windows Server 2012 R2 or Windows Server 2012
• Understanding Microsoft Virtualization Solutions: From the Desktop to the Datacenter, Second Edition
• TCP/IP Fundamentals for Microsoft Windows
• Windows Server 2012 R2 and Windows Server 2012 TechNet Library Documentation

Career

• Own Your Future: Update Your Skills with Resources and Career Ideas from Microsoft

 

Having a DHCP Server on you network that not managed by a IT department is a security issue.

Microsoft has released a new tool for free that you can download that will show you all your DHCP servers  that are Authorized and then show you what is not approved This is a Graphic Tool that test by subnet.

Rogue detection tool is a GUI tool that checks if there are any rogue DHCP servers in the local subnet.

See what you have

Choose your network

Following are the features with this tool:

1. The tool can be run one time or can be scheduled to run at specified interval.

2. Can be run on a specified interface by selecting one of the discovered interfaces.

3. Retrieves all the authorized DHCP servers in the forest and displays them.

4. Ability to validate (not Authorize in AD) a DHCP server which is not rogue and persist this information

5. Minimize the tool, which makes it invisible. A tray icon will be present which would display the status.

You can download this tool here

 

On the Microsoft Virtual Academy site which is free, there is a bunch of training on PowerShell. since I been talk about this for a while her a blog about this.

Getting Started with PowerShell 3.0 Jump Start

This Jump Start is designed to teach the busy IT professionals, admins, and help desk persons about how to use PowerShell to improve management capabilities, automate redundant tasks, and manage the environment in scale. Learn how PowerShell works and how to make PowerShell work for you from the experts Jeffrey Snover, the inventor of PowerShell, and Jason Helmick, Senior Technologist at Concentrated Technology.

Instructors | Jeffrey Snover –  Distinguished Engineer and Lead Architect; Consultant; Jason Helmick –  Senior Technologist

Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012 

Link is Here

 

Advanced Tools & Scripting with PowerShell 3.0 Jump Start

IT pros, take this advanced PowerShell course to find out how to turn your real time management and automation scripts into useful reusable tools and cmdlets. You’ll learn the best patterns and practices for building and maintaining tools and you’ll pick up some special tips and tricks along the way from the architect and inventor of PowerShell, Distinguished Engineer Jeffrey Snover, and IT pro, Jason Helmick.

Instructors | Jeffrey Snover –  Distinguished Engineer and Lead Architect; Consultant; Jason Helmick –  Senior Technologist

Associated Course(s) | 20412: Configuring Advanced Windows Server 2012 Services; 20411: Administering Windows Server 2012; 20410: Installing and Configuring Windows Server 2012 

Link is Here

On the Microsoft MVA there a a great basic course on security, This course you can prepare for MTA Exam 98-367. Build an understanding of security layers, operating system security, network security, and security software. The course leverages Microsoft Official Academic Course (MOAC) material for this exam.

Topics include

Authentication, Authorization, and Accounting

Understanding Security Policies

Understanding Network Security

Protecting the Server and Client

 

The link is here for taking training

Largest collection of FREE Microsoft eBooks ever, including: Windows 8.1, Windows 8, Windows 7, Office 2013, Office 365, Office 2010, SharePoint 2013, Dynamics CRM, PowerShell, Exchange Server, Lync 2013, System Center, Azure, Cloud, SQL Server, and much more

 

FREE Microsoft eBooks! Who doesn’t love FREE Microsoft eBooks? Well, for the past few years, I’ve provided posts containing almost 150 FREE Microsoft eBooks and my readers, new and existing, have loved these posts so much that they downloaded over 3.5 Million free eBooks as of last June, including over 1,000,000 in a single week last year (and many, many more since then).

 

This is a Post copied from Eric Ligman at Microsoft

 

Click Here to see Full Blog Post

While at TechEd NA 2014, you were hungry for more info on PowerShell, Hyper-V and Windows 8.1, to name just a few. Now through July 12, 2014, save 40% by applying discount code TECHED during checkout. And if that’s not enough, the Microsoft Press Store offers FREE shipping to US addresses, all the time. And if you’ve ever purchased one of these books, you’ll know just how heavy these can get – and heavy typically equals expensive shipping!

Want to take it with you wherever you go? The Microsoft Press Store has the flexibility to make that happen. This 40% discount also applies to your purchase of an eBook… and you’ll get three formats for use on your devices.

Ready to save? We thought so. Get your discount HERE and enjoy your new book!

In the last few months we see a uptick in Big Web sites being hacked – We saw  last month AOL compromised. AOL Inc urged its tens of millions of email account holders to change their passwords and security questions, saying a cyber attack compromised about 2 percent of its accounts

Yesterday EBAY announced that attack carried months had compromised customer data. and EBAY  urged 145 million users of its online commerce platform to change their passwords.

You should NOT use the same password for all you sites, you need to use different password for your web sites. However when I say this to user, they say it to hard to do.

I have been a user of some technology for years that helps user accomplish this task. There are Password Manager application that will save all your password in an encrypted system and you just need to remember the master password.

While Password Manager applications will not stop web sited from being hacked they will limit the possibility of a user name/ password that you use on 1 site being used on another site.

You can have each site with very strong password that are unique to each application.

For the purpose of this Blog i will show you a product call Roboform.

to use Roboform you do the following steps

Step 1 Install software

Step 2 Create a Master Password –  Your Master Password is the one password you’ll need to remember. This password will encrypt and secure all of your RoboForm data and do not forget it.

Step 3  Go to a web site and add you login info RoboForm automatically offers to save your Login information. It’s that simple.

Step 4 Now when you go to the site again Roboform will enter the login and password automatically.

 

Some other features for you include

• RoboForm Identities feature to securely store your name, address, email, credit cards, and all your other information. Just click on your RoboForm Identity to fill entire web forms automatically.

• Generate really Strong Passwords that you can use 1 per site and not have to remember

You can find out more about Roboform Here

FYI I have nothing to do with Roboform, I do not sell it, i just use it