Ramblings on IT and Security

Category: Windows (Page 1 of 3)

PKI – Part 6: Demystifying the CAPolicy.inf file

Ever heard of the capolicy.inf file? It’s like a digital instruction manual for a Certificate Authority (CA) server. It pre-configures the CA and has a say in how certificates are set up or renewed. In other words, it’s a behind-the-scenes helper that ensures everything is governed with digital certificates. In this blog post, I’ll break down what this file does and why it matters in plain and simple terms.

Continue reading

Part 5 – PKI Best Practices: Creating Unique Object Identifiers (OIDs)

Introduction: Why OIDs matter in PKI

When building or managing a Public Key Infrastructure (PKI), precision and uniqueness are not optional, they’re very essential. Don’t be one of many, be your unique self! One key element that reflects this is the Object Identifier (OID). OIDs are globally unique values used to identify everything from certificate policies and application purposes to custom certificate extensions and cryptographic algorithms.

Continue reading

Enable RDP hardware acceleration on a Linux VM in Microsoft Hyper-V

How to pass through a GPU and optimize remote performance in Ubuntu

Running a GPU-accelerated remote desktop on a Linux virtual machine (VM) in Microsoft Hyper-V can significantly improve performance for graphical applications, GPU intensive workloads, and even remote testing. However, Hyper-V does not support full PCI passthrough like VMware or Proxmox. Instead, it provides Discrete Device Assignment (DDA), which allows passing a GPU directly to a VM.

Continue reading

Step-by-Step Guide to Windows Event Forwarding and NTLMv1 Monitoring

Did you know that Windows has had a built-in capability to function as a SIEM (Security Information and Event Management) system for years, provided you stay within the Windows ecosystem? This powerful feature, known as Windows Event Forwarding (WEF), allows you to centralize event logs from multiple Windows machines, giving you a comprehensive view of your network’s activities.

Continue reading

Mastering AppLocker: Security Group Exceptions

I’ll promise to keep this blog post short—well, shorter than usual (hopefully). Last week, I worked on a project involving application allow listing. In the Windows ecosystem, this can be achieved using Windows AppLocker. While AppLocker has been around for quite some time, it’s only recently become available on Windows 11 Professional. Previously, it was an exclusive feature for Enterprise versions.

Continue reading

Exploring Persistent Access in Active Directory: The AdminSDHolder Backdoor

Hey there, tech enthusiasts and Active Directory adventurers! Today, let’s talk about something really cool yet often overlooked in the world of Microsoft Active Directory: the AdminSDHolder. Now, you might be thinking, “What’s so special about this AdminSDHolder?” Well, let me tell you, it’s a game-changer in how security permissions are managed in your organization’s digital realm.

Continue reading
« Older posts

© 2025 Michael Waterman

Theme by Anders NorenUp ↑