Month: February 2015
Internet Usage Policy Against Inappropriate Content
A recent posting in Spiceworks caught my attention. It seems that this admin was asked to generate an Internet usage report on a fellow employee. The next thing he knows, the employee was let go. Of course he felt somewhat guilty about it. Another poster was talking about a fellow user who has been surfing porn … Continued
Add Sensitive User Accounts to the Active Directory Protected Users Group
Microsoft introduced the Protected Users group in Windows Server 2012 R2 and Windows 8.1, and it’s designed to harden accounts that are group members, in particular to protect against pass-the-hash attacks by disabling the use of NT LAN Manager (NTLM), a legacy authentication protocol that’s still present in Windows for backwards compatibility. The extra protections … Continued
Ten Simple Ways to Prevent Security Breaches in VMware Server
VMware is one of the leading virtualization product developers. Virtualization helps make the best use of hardware resources. Implementing and managing VMware infrastructure is simple and provides great performance with high availability and business continuity through simplified disaster recovery solutions. Most critical applications such as Exchange, SQL or SharePoint exist in a VMware environment, so … Continued
Another Vector for Malware Spread
Those who study epidemics, talk about the spread of disease through what they call “vectors”. Some are spread through food, water, human contact, and so on. In the computer world, viruses and malware spread through vectors. Most are rather familiar, like viruses from downloading things you shouldn’t, e-mail, and so forth. Most IT types would … Continued
Secure PowerShell Remoting Using Constrained Endpoints
PowerShell Remoting is enabled in Windows Server 2012 (and later) out-of-the-box, and while many IT shops see this as a potential security risk, PowerShell is in fact one of the most secure ways to administer servers if best practices are followed. In this article, I’m going to show you how to configure Windows Server 2012 … Continued
Stopping Skeleton Key Malware from Causing Data Breaches
Proving the old adage that “criminals never sleep,” a new piece of malware is making headlines. The aptly named Skeleton Key malware, detected in mid-January, bypasses the password authentication protection of Active Directory. Just as skeleton keys from the last century unlocked any door in a building, Skeleton Key malware can unlock access to any … Continued