Blog du Tristank

So terrific that 3 of 4 readers rated it "soporific"

How To (quickly) Tell If You’re 5 Years Out Of Date On Security Updates

There’s a fun indicator you can use to quickly evaluate whether you’ve been missing security updates for the last five years (ish) on older Operating Systems (i.e. Win2008-2008 R2), and it’s the build number. Not infallible, but then not often wrong. Back In The Day, Build Numbers Were Even More Useful Very helpfully, the Windows… Read more

Conditional Formatting Text in Excel from PowerShell

Hopefully a helpful note, as this had me confused for a while… I wanted to add text-based conditional formatting to an Excel sheet I was creating from PowerShell – so I could colour one of the columns automatically depending on the values. I used the technique any self-respecting dabbler would: I recorded a macro in… Read more

Note: Surface Pro Volume-Up Reset

I once experienced a problem with my Surface Pro 3 where the keyboard (and screen rotation) stopped working while I was working in another State. I can never find the instructions I used to fix it, so I thought I’d post them here. Note: For Surface Pro devices only. Hold Power and Volume Up for… Read more

The RDP Ghost is real.

Recently, when connecting to a reasonably-sleepy Windows system, I’ve seen the RDP Ghost. An 8 bit rendition of a scary, scary ghost. It scared me. If you’ve seen it, you’re not alone. It’s a thing. I hope – one day – to capture a screenshot of this apparition. The Rules appear to be that you… Read more

Krebs’ Immutable Truths of Data Breaches

A rationale for more stringent risk assessment. Or indeed any risk assessment for internet connected assets, regardless of size or perceived value to others. Krebs’s Immutable Truths About Data Breaches “There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations… Read more

Website Security Suggestion: Get rid of cruft! (script included)

Right: One of my pet hates is cruft on a production website. Cruft is stuff – files – which has accumulated because nobody’s paying attention. Cruft includes sampleware. Developer experiments. Readmes. Sample configs. Backups of files which never get cleaned up. Just general accumulated stuff. It’s website navel lint. Hypertext hairballs. Cruft. Has. No. Place…. Read more

Sunsetting TMG 2010 with some (free!) Best Practices

Long and boring post ahead. So: KITTENS! There. Fluffy now. As one of the Premier Field Engineers performing ISA Server Health Checks and then Threat Management Gateway (TMG) configuration reviews (by default, from my long association with Proxy 2.0 and then ISA), I was reviewing a document I put together for a customer just before… Read more

Simple IIS Kerberos Q&A

Posting a hopefully-useful tidbit. Hi Tristan, Do you have by any chance a guide on how to set up IIS for kerberos auth? I’m helping my customer and I’m a beginner with IIS. It is a farm of 6 IIS servers, they will be using a service acct. DNS is configured to do the following… Read more

Tip: Check that your Offline Root CA is actually Offline, mmkay?

I spend a fair whack of time chatting PKI and certificates with customers, and tyre-kicking their environments as part of the Active Directory Certificate Services Assessment (or ADCSA – available via Premier Support). Many customers have a fairly standard design, often deployed by a partner (it’s the “off the shelf plus customize” option), which includes… Read more

Huh.

You find lots of draft posts when your user interface changes… Hi! I’ve been waiting for my blog to migrate for what seems like forever. Now it’s back, and Open Live Writer’s a thing, and so I guess I might be back too. Sweet. Somewhere to jot things and rant a bit. FAQ: Yep, still… Read more