How to remotely manage IIS on Windows Server Core

Recently whilst trying to configure a WSUS Server Core instance in my lab I needed to change the IIS configuration. On any normal Windows Server that would be an easy task of course, but with Server Core there’s no GUI.

In this quick ‘How To’ post I’ll be covering the steps necessary to remotely manage IIS on Windows Server Core from both a Windows 10 client and via another ‘full fat’ Windows Server computer.

Read More

How to Enable PowerShell Transcript Logging

Since its release in 2008 PowerShell has quickly become one of the most powerful system administration tools for Windows. The modern cmdlet’s offer more functionality than its cmd predecessor, however this has sometimes been exploited by nefarious actors to perform attacks and bypass traditional security measures.

In this post I’ll be covering the steps necessary to setup PowerShell transcript logging to a networked file share.

Read More

How to store BitLocker keys in Active Directory

BitLocker is a fantastic way to protect the data stored on computers and thwart some offline tampering attacks. However, if you’re using BitLocker within a business environment, keeping track of the recovery keys can be quite burdensome. Thankfully Microsoft has developed a way to automatically save BitLocker recovery keys to active directory.

In this post I’m going to be going through the process, step-by-step, to enable BitLocker recovery key saving to active directory. Plus we’ll take a look at how computers that are already encrypted can retrospectively have their recovery keys backed up to active directory.

Read More

Setting up the Modern Honeypot Network

The main part of my honeypot network is an amazing piece of free open-source software called the ‘Modern Honeypot Network’, or MHN for short. MHN acts as a centralised server allowing for the automated deployment of various honeypots (Dionaea, WordPot, etc) and the collection of data generated by those honeypots. This data is then presented to the user via a web interface.

In this post I’m going to be detailing the steps I took to setup my very own MHN server and deploying my first honeypot.

Read More

Installing Docker and Portainer on PhotonOS

It recently occurred to me that simple tasks such as setting up an internal web server or database were taking too long. Each time I needed to setup a website I was manually provisioning a VM, installing Debian, configuring the system by hand, installing Nginx, etc. There has to be a better way.

Enter docker. I’ve know about containers for awhile now but have yet to take a look. In this post I’m going to be installing Docker within my HomeLab on top of VMware’s new Photon OS, and showing how to manage the system with Portainer.

Read More

How to setup vSphere encryption

With the release of vSphere 6.5 VMware have drastically improved the state of vSphere security by implementing new features such as VM-level disk encryption, encrypted vMotion and support for the new secure boot model. Unfortunately, unlike Microsoft’s Hyper-V, VMware took the path of relying upon an entirely separate key management system for the storing of encryption keys.

In this guide I’m going to be showing you how to setup vSphere’s encryption features from scratch, suitable key management solutions, and my personal recommendations.

Read More

Updating Cisco Nexus switch firmware

My HomeLab network was recently treated to a networking upgrade in the form of a Cisco Nexus 5010 switch. Whilst it’s been working absolutely fine, it occurred to me the version of NX-OS (Cisco’s operating system for Nexus devices) installed was from 2009 and could probably do with an update.

Nexus devices run NX-OS, not Cisco iOS, as is typically seen on other Cisco products such as the Catalyst switch range. As such the upgrade process is a little different for this operating system.

In this post I’ll be showing how I sourced the firmware for my device and the steps required to update it to the latest NX-OS version as of September 2018.

Read More

Hacking Wi-Fi with Kali Linux

My home Wi-Fi password has always been rather simple and memorable. It makes it easy to give out to guests, input on devices without keyboards, and remember when needed. I always knew it was a little insecure, but how insecure?

In this post I’ll be showing you how you can put your home WPA2 Wi-Fi network password to the test with free open-source tools and less than £30 worth of hardware.

Read More

Intel Optane 900P SSD – My HomeLab Review

The recently launched Optane 900P solid state drive is Intel’s first consumer storage product to depart from the use of conventional NAND flash and instead utilise Intel’s much newer 3D XPoint technology.

3D XPoint promises higher random I/O performance (up to 550K read IOPS), lower latencies and far better endurance.

In this post I’ll be installing an Intel Optane 900P SSD in my HomeLab and taking a look at its real world performance within a VMware ESXi environment. Most importantly, we’ll see how the added performance translates into real-world improvements with Windows virtual machines.

Read More

Barkly Runtime Malware Defence

Shortly after publishing my previous blog post, I accidentally stumbled upon Barkly. They represent a new breed of security technologies which have departed from traditional signature based detection methods and instead utilise machine learning and behaviour analysis for malware prevention.

At the time, I hadn’t heard of Barkly before. After a quick search online I found no independent reviews or any real exposure within IT communities such as Reddit’s /r/Sysadmin, /r/NetSec or Spiceworks. This needed to change, so I reached out to Barkly for a review copy and they were kind enough to hook me up with a trial.

In this post I’ll be putting Barkly through its paces and seeing how well it performs against a variety of threats, including ransomware, trojans, and exploits.

Read More