Ramblings on IT and Security

Tag: How-to (Page 1 of 2)

Step-by-Step Guide to Windows Event Forwarding and NTLMv1 Monitoring

Did you know that Windows has had a built-in capability to function as a SIEM (Security Information and Event Management) system for years, provided you stay within the Windows ecosystem? This powerful feature, known as Windows Event Forwarding (WEF), allows you to centralize event logs from multiple Windows machines, giving you a comprehensive view of your network’s activities.

Continue reading

Advanced QEMU/KVM Networking on Ubuntu

Transitioning between Operating Systems can be a challenge. Many aspects of what you’re used to work differently and you should expect a learning curve.

Well, that was a weird intro for a blog post that has Linux networking in the title! Actually I’m saying goodby to Windows as my primary system…. yes you read that correctly. It’s not that I don’t like the system anymore, it’s the direction Microsoft is taking with AI and the integration into the OS that made me take this decision.

Continue reading

Navigating PowerShell Remoting Challenges with PowerShell 7

In the world of system administration and automation, PowerShell has been a trusted companion for managing tasks efficiently across a variety of environments. With the introduction of PowerShell Core 7, the capabilities of PowerShell expanded further by becoming cross-platform, allowing administrators to manage systems regardless of their operating system. Recently, I embarked on a journey to explore the capabilities of PowerShell Core 7’s remoting features, but as often happens in the world of technology, I encountered an unexpected challenge.

Continue reading

Upgrade MBR to GPT to enhance system security with UEFI

In the world of computing, the way we store and manage data is constantly evolving. One such significant change is the transition from the traditional Master Boot Record (MBR) system to the more modern GUID Partition Table (GPT) system. While both serve the critical function of telling our systems where data is stored and how to boot, GPT brings a host of advantages over its predecessor, from supporting larger disk sizes to improved data corruption handling.

Continue reading

The Clean Source Principle – Automate the generation of up-to-date Windows ISO files.

In today’s interconnected world, cybersecurity is not just a technical consideration but a vital component of any organization’s strategy. One essential principle to uphold in maintaining a secure environment is the ‘clean source’ principle. This principle dictates that we should trust only those software and systems that we can verify come from a trusted, clean source.

To support this idea, this blog post will demonstrate how to create a secure predictable environment for the creation of up to date of ISO files. We will be using Microsoft Deployment Toolkit (MDT) and PowerShell, both widely trusted and accessible tools.

Continue reading

Managing SUDO from Active Directory

Welcome to the last of a three part series about Ubuntu and Active Directory. In my previous posts I explained how you could, in just a few steps, join an Ubuntu machine to an Active Directory domain and manage it accordingly. This time I’m addressing centralized management of sudo users. Meaning who can execute commands as sudo on managed Linux desktops (in my case Ubuntu).

Continue reading
« Older posts

© 2024 Michael Waterman

Theme by Anders NorenUp ↑