Let’s start looking at the future of the IT Security landscape by reviewing the past. I made some predictions last year for InfoSec Institute. The article started off with a clever disclaimer that all subjects in the IT Security world are new and are still pioneering in their fields, so that anything can happen within a year.
Looking back, though, most of my predictions happened as expected. The ongoing politics around cyberwar and privacy, the increase in organised cybercrime, the increase in the use of encryption and biometrics: it was all there in 2014. What many did not expect last year, however, is how fast the developments would actually take place. This is not only promising for the acceptance of cyber risks and the need to control them; unfortunately it also shows how vulnerable we have actually become to relatively simple attacks.
One of our clients had a very scary experience today when a whole bunch (15GB+) of Public Folders went missing, gulp!!!
They started off recovering from deleted items using Outlook, but this was painfully slow, luckily enough that gave them enough time to find the following article:
But they weren’t confident enough to fire up Powershell and script the recover so we dived in….
Install and Configure Windows PowerShell
To configure additional options for Office 365 you’ll need to make sure PowerShell is installed and configured as per http://help.outlook.com/en-us/140/cc952756.aspx, Windows 7 has the correct versions installed so just make sure you enable scripts to run by running the following PowerShell command:
This is a preview of
Recover Public Folders in Office 365/Exchange 2013
. Read the full post (266 words, estimated 1:04 mins reading time)
This is a very useful command to remove any Security Policies that have been applied to a computer previously on a domain.
When removing a computer from a domain, there can be various settings that get left behind (password complexity requirements, User Rights Assignments etc).
To remove any left over Security Policies on a PC, open a command prompt and run the following command:
secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
This will take a few minutes to reset all the policies back to the Windows defaults.
Restart the Computer.
This is a very nice script written by D. Strout over at VPSBoard.com here. Be sure to leave him some feedback and comments about it. Let us know how you have used it or even modified it for your needs.
This is a preview of
SpamHaus SBL Checker PHP Script – Takes domain and returns number of assigned SBLs and total blocked IPs.
. Read the full post (225 words, estimated 54 secs reading time)
We had a client with OpenVPN setup on a CPanel server and they kept getting these alerts. We decided to do some digging.
The IPTables that they were running for some reason created a route issue.
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -j SNAT --to-source SERVER-IP
Here’s the failure in /var/log/chksrvd.log:
echo "Enter the container ID to activate TUN/TAP on:"
vzctl set $CTID --devnodes net/tun:rw --save
vzctl set $CTID --devices c:10:200:rw --save
vzctl set $CTID --capability net_admin:on --save
vzctl exec $CTID mkdir -p /dev/net
vzctl exec $CTID mknod /dev/net/tun c 10 200
vzctl exec $CTID chmod 600 /dev/net/tun
vzctl restart $CTID
From time to time, either for troubleshooting or information purposes, there exists a need to get certain user information out of Active Directory. Though Microsoft has a bunch of great commands that query AD, I had run into a third-party software that met my need of getting information quickly. Quest has some great free Powershell scripting tools that help users get certain information out of Active Directory.
At this time, I needed to pull a summary of certain user’s accounts for auditing purposes and decided to script something together that would at a glance display pertinent information.
This is a preview of
Using Powershell and Quest ActiveRoles Management to get User Information from Active Directory
. Read the full post (665 words, estimated 2:40 mins reading time)
To remove an application with PowerShell you need to do two actions:
- Remove the provisioned package
- Remove the “installed” package from the user account.
To remove the provisioned package you use the command Remove-AppxProvisionedPackage (Microsoft) and to remove the installed package you use the command Remove-AppxPackage (Microsoft) .
According to Microsoft, the Remove-AppxProvisionedPackage cmdlet removes app packages (.appx) from a Windows image. App packages will not be installed when new user accounts are created. Packages will not be removed from existing user accounts. To remove app packages (.appx) that are not provisioned or to remove a package for a particular user only, use Remove-AppxPackage instead. (link)
1) Click on File Tab
2) Then Click on account setting
3) Double click on the IMAP account
4) Click on More Settings… Button
5) There will be three tabs on you dialog box. Click on Advanced.
6) Under Folder : Root Folder Path : Type the words “Inbox”
Tired of all those annoying Windows Apps that cause security issues and other problems and annoyances?
This script will nicely remove them all for you automatically.
foreach ($ID in $IDs)
#check id is in the range
if ($ID -ge 1 -and $ID -le $apps.count)
#Remove each app
Remove-AppxPackage -Package $apps[$ID] -ErrorAction SilentlyContinue
if (-not(Get-AppxPackage -Name $AppName))
Write-host "$AppName has been removed successfully"
Write-Warning "Remove '$AppName ' failed! This app is part of Windows and cannot be uninstalled on a per-user basis."
$errorMsg = $Messages.WrongID
$errorMsg = $errorMsg -replace "Placeholder01",$ID
$customError = PSCustomErrorRecord `
-ExceptionString $errorMsg `
-ErrorCategory NotSpecified -ErrorID 1 -TargetObject $pscmdlet
This is a preview of
Powershell Script – Remove ALL Windows 8.1 Apps and App Store to clean up
. Read the full post (464 words, estimated 1:51 mins reading time)