Category Archives: Security

Find out what’s really happening in your network with LogRhythm NetMon Freemium

I recently discovered that LogRhythm, as well as very a full-featured Security Intelligence Platform and SIEM, also provide a “freemium” Network Monitor. The “freemium” refers to that fact that the software is 100% free, full-featured and not time-limited, but is capacity-limited. … Continue reading

Rate this:

Posted in Networking, Security | Tagged , , , , , , , , , , , , , , , | Leave a comment

PowerShell Transcription to a file share breaks everything, and how to fix it

There’s been a bit of noise about PowerShell-based malware recently, and given the “assume breach” security mindset, I thought it was about time I enabled some of the PowerShell logging features in Windows. The basis behind “assume breach” is that … Continue reading

Rate this:

Posted in PowerShell, Security | Tagged , , , , , , , , , , , | Leave a comment

Collect user and group SIDs and names from Active Directory

Ever found yourself looking through the Access Control List of a file/folder/share and mixed in along with the group names (hopefully not user names!) you see some SIDs? These look something like S-1-5-21-0123456789-0123456789-0123456789-0123. These are the Security IDs of deleted … Continue reading

Rate this:

Posted in PowerShell, Security, Windows | Tagged , , , , , , | Leave a comment

Change BitLocker Recovery Password with PowerShell

When BitLocker detects certain changes to the computer it’ll trigger Recovery Mode, and prompt for the Recovery Password. Likewise, you also need the recovery password if you need to access the encrypted disk from another machine or via Windows Recovery … Continue reading

Rate this:

Posted in PowerShell, Security, Windows | Tagged , , , , , , , , , | Leave a comment

Don’t display last username if C drive encrypted with BitLocker

I’m moving from encrypting laptops with a third party disk encryption product to BitLocker. The third party product uses a pre-boot username & password prompt, and only boots into Windows if the credentials are correct. Users then have to log … Continue reading

Rate this:

Posted in Security, Storage, Windows | Tagged , , , , | Leave a comment

Extract private key from Microsoft CA-issued certificate

I wanted to use my internal Active Directory Certificate Services server to create a certificate for a Synology NAS. The Synology needs the private key and the certificate to be in separate files. I created the certificate by using the … Continue reading

Rate this:

Posted in Security, Storage | Tagged , , , , , , , , , , , , | Leave a comment

Create a PFX file from separate private and public key certificate files

Whilst installing ADFS I needed to import my wildcard certificate. This proved fiddly as Microsoft need it to be in pfx format, and I only had separate private .key and public .crt files. PFX is a Microsoft certificate format that combines the … Continue reading

Rate this:

Posted in Security, Windows | Tagged , , , , , , , , , , , , , | 2 Comments

Send email via Yahoo with PowerShell

Quick reference for sending email via a Yahoo! mail account and their SMTP servers from within a PowerShell script. You’ll need the Yahoo SMTP server details, which require you to use a specific port (587 – I couldn’t get 465 … Continue reading

Rate this:

Posted in PowerShell, Security | Tagged , , , , , , , , , , , , | 1 Comment

AppLocker Executable policy breaks Windows 10 Jump Lists

Jump lists, very handy. You’ve pinned a piece of software to the taskbar, and then you can right-click the icon and get a list of pinned and/or recently used files or connections. I recently enabled AppLocker executable policy and applied … Continue reading

Rate this:

Posted in Security, Windows | Tagged , , , , , , , , , , , , , , , | Leave a comment

Using the Windows Volume Shadow Copy Service (VSS)

Having just written an article about how to get items back from a volume shadow copy, I thought I should make some notes about how VSS works, how to configure it, and actually get VSS to create you some shadow copies! This … Continue reading

Rate this:

Posted in Security, Storage, Windows | Tagged , , , , , , , , , , , , , , , , , | Leave a comment