Easy Parsing of ADFS Security Audit Events

I recently saw an internet meme going around that showed a sticker shaped like a cloud and in the cloud were the words “The Cloud is just someone else’s computer.”.  This is accurate on so many levels. Any company’s cloud solution is simply a series of data centers, geographically managed on the internet so that…

1

Checking for SHA1 Signatures using PowerShell

  Certificates are complex. They can be tough to view and difficult to understand. This is even more true when the topic is related to determining certificate signature details. In the past, there were really no reasons to look so closely at an issued certificates signature details. That has all changed now in conjunction with…

0

Authorization and Getting User Group Memberships

It’s a pretty common occurrence where I have to help determine why a particular user or users are getting an access denied to a resource I know little about. One side of that equation is seeing the object permissions. The other side of the equation for determining access  for a user to a resource is…

0

Making Secure Administration Work: StartScriptAsProcess.ps1

A recommended security practice nowadays is to use a less privileged account when logging into domain joined computers. The idea behind this is that if the session becomes compromised (such as from social attack like “you may already be a winner! emails) the compromise does not have the user’s more privileged credentials to do bad…

0

A Day at the SPA

Note: “A Day at the SPA” is the first in series for updates and republish of “Tspring’s Greatest Hits” blogs from http://blogs.technet.com/ad . Updates for applicability in newer products added. Ah, there’s nothing like the stop-everything, our-company-has-come-to-a-complete-halt emergency call we sometimes get where the domain controllers have slowed to a figurative crawl. Resulting in nearly…

0

Discovering AD Trust Topology

Though many of today’s information technology topics revolve around “the cloud” it’s still very common to be looking at Active Directory trusts.  Active Directory (AD) trusts are the method by which one AD domain can allow access to resources joined to it from identities in other AD domains.  The value in setting up an AD…

1

Poor Man’s Guide to Troubleshooting TLS Failures

Network security has never been more of a hot topic than it is now. There are many different driving forces making network security an ever increasing topic for discussion and review. Network security using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) are particularly focused on since they are layer of network security which…

1

Golden Ticket! You lose! Good day, sir! (Updated)

In unique situations it is possible for a malicious person-who has already compromised a computer using social methods-to craft a Kerberos ticket granting ticket. This ticket granting ticket can then be used to request service tickets in the domain environment and those service tickets could then be passed to services for authorization. Though very rare,…

0

Trimming Down the Certificate Trust List

Public Key Infrastructure (PKI) relies on the certificates which are being utilized to be issued from “trusted” authorities. Put very basically (basically enough to make PKI experts worldwide collectively wince) the certificate being used can be checked against the list to make sure there is a matching trusted issuer certificate in the trusted root list…

0

Changes Brought By Modern Media

When I was a kid growing up I recall the Sunday paper. Every Sunday-and for our family only on Sunday- we would stop by a grocery store or gas station to by the Sunday edition of our local news paper.  It was a tradition, or perhaps simply a routine, where my parents would learn about…

0