Just two people trying to do IT and Security the right way.
This is episode 200. We’ve come a long way in 200 episodes. LINKS 1. Project Management for the Unofficial Project Manager 2. Shared Calendar - Teams, Sharepoint and Calendar 3. Planner - Teams, Sharepoint and Planner FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’ve been busy. We figured out how to push an emergency patch. Then version 8 of the CIS Critical Security Controls was released. Simplified and reorganized. We’re slowly working our way through the list. Lots to do. LINKS 1. Automox - Our patch management tool 2. CIS Controls Version 8 FIND US ON 1. Facebook 2. Twitter - DamienHull...
I did a lot of work to get our VMware server environment configured. Turns out we’re running out of drive space. LINKS 1. Our VMware Server - mitxpc.com 2. Grafana dashboard for monitoring vCenter 3. Storage requirements for vCenter FIND US ON 1. Facebook 2. Twitter - DamienHull...
Our VMware server is back online with new NVME drives. This project was more work than we had planned for. Still, typical for an IT project. They never go the way you expect them to. FIND US ON 1. Facebook 2. Twitter - DamienHull...
I wanted to “Release the hounds” with bloodhound. I managed to get it working. That’s about all I can say. It was way more work than I thought it would be. LINKS 1. Attacking Active Directory - Bloodhound - This guy knows bloodhound 2. BadBlood - Generate random users and groups in AD 3. Kali Linux - Incase you need it FIND US ON 1. Facebook 2. Twitter - DamienHull...
Our VMware server is offline. We’re missing a part we need to install the drives. While we track that down, we need something to do. Planning labs, learning Visio, and project management are on the todo list. LINKS 1. Project Management for the Unofficial Project Manager FIND US ON 1. Facebook 2. Twitter - DamienHull...
Time to do a security test of Active Directory. Going to be using Bloodhound, Plumhound, mimikats and Ping Kastle. Never used them before. First time for everything. LINKS 1. Bloodhound 2. Plumhound 3. Mimikatz 4. PingCastle 5. BadBlood FIND US ON 1. Facebook 2. Twitter - DamienHull...
Running into some issues with our VMware ESXi server. The not so good news, we don’t have enough drive space. The good news, we can fix that. The really good news, we have way more CPU power than I thought. LINKS 1. Our VMware Server: Supermicro SYS-E300-9D-8CN8TP 2. Alternative VMware Server: Supermicro AS-E301-9D-8CN4 3. SUPERMICRO DUAL NVME M.2 PCI-E 3.0 4. SUPERMICRO 1U PCIE X8 RISER CARD (RSC-RR1U-E8) 5. SUPERMICRO DUAL NVME M.2 PCI-3.0 - Amazon 6. Samsung (MZ-V7S1T0B/AM) 970 EVO Pluss SSD ...
We just put up a tools section on our website. It’s a list of tools we use and some we would like to use. Most are security tools. Things you wouldn’t see outside of security. LINKS 1. Tools FIND US ON 1. Facebook 2. Twitter - DamienHull...
Looks like we need to learn more about Windows Hello. Dorothy got locked out of her laptop. Couldn’t reset her Windows Hello pin. LINKS 1. Microsoft Doc: PIN reset - Didn’t work for me. FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re using our project management process to migrate to new iPhones. It might seem like a simple process. It isn’t. Not when you have to migrate authentication apps for 2FA. If we’re not carful, we could lock our selves out of things. LINKS 1. Book: Project Management for the Unofficial Project Manager FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re working on a project management process. Turns out we’ve been doing it wrong. A good book and few simple steps is all we needed. LINKS 1. Book: Project Management for the Unofficial Project Manager FIND US ON 1. Facebook 2. Twitter - DamienHull...
Our patch process is in place. Time to do a quick weekly patch review. We’ve got this process down to a couple of minutes. That’s it. That’s how long it takes us to review our patch process. FIND US ON 1. Facebook 2. Twitter - DamienHull...
Our endpoint management process is awesome. We can push settings to Windows 10 and we’ve got patching under control. A weekly email tells us how we’re doing. We can manage our systems while sipping coffee. LINKS 1. Microsoft Endpoint Manager 2. Automox FIND US ON 1. Facebook 2. Twitter - DamienHull...
It’s a new year with new goals. This year we’re focusing on IT management, Security and certifications. We’re also trying our best to finish our endpoint management project. We won’t be able to automate everything. Not yet anyway. LINKS 1. Microsoft Endpoint Manager 2. Automox FIND US ON 1. Facebook 2. Twitter - DamienHull...
No break for us this year. We’re diving strait into workstation and laptop management. We’re doing this with Microsoft Endpoint Manger and Automox. LINKS 1. Microsoft Endpoint Manager 2. Automox FIND US ON 1. Facebook 2. Twitter - DamienHull...
You wake up, the servers down and there’s no DR plan. Good times! Nothing teaches you more then a disaster you weren’t prepared for. On the bright side, there’s SOC training to prep for. FIND US ON 1. Facebook 2. Twitter - DamienHull...
How can Microsoft 365 business premium help us? How can it make our lives easier? Are their features we should be using? We migrated to 365. We got the basics working. Now it’s time to dig a little deeper. FIND US ON 1. Facebook 2. Twitter - DamienHull...
The end of the year is right around the corner. Time to start thinking about next year. We’re also adding another tool to our toolkit. FIND US ON 1. Facebook 2. Twitter - DamienHull...
Learning some interesting things about ITIL and Microsoft 365 conditional access. ITIL will help us organize Section 9. 365 conditional access will help us lock down Azure AD. This should make it harder for the hackers to get in. LINKS 1. ITIL - Wikipedia Article for those who don’t know what this is 2. What is Conditional Access? 3. Manage emergency access accounts in Azure AD FIND US ON 1. Facebook 2. Twitter - DamienHull...
This week we’re working on DR plans and Password Polices. The DR plan is for our DNS servers. We can’t afford to lose them. The password policy is about reducing risk with longer passwords. We’ve also got another tool for the toolbox. LINKS 1. psftp 2. SANS Polices 3. SANS Password Policy - Link to the PDF 4. Wireshark FIND US ON 1. Facebook 2. Twitter - DamienHull...
We don’t know much about 365 conditional access polices, but they look awesome. We’re also adding tools to the toolbox and deploying new devices. No rest for the crazy. LINKS 1. What is Conditional Access? 2. What are security defaults? 3. Nmap FIND US ON 1. Facebook 2. Twitter - DamienHull...
Our Microsoft 365 has failed logins from Russia. What do we do? Time for a risk assessment. We’re going to make our 365 more secure. Microsoft 365 1. Error Codes - Lookup the error codes 2. Security Defaults DeepBlueCLI 1. DeepBlueCLI - The GitHub site 2. Webcast: Attack Tactics 7 – The Logs You Are Looking For - Covers DeepBlueCLI 3. Log Analysis Part 2 – Detecting Host Attacks: Or, How I Found and Fell in Love with DeepBlueCLI - Good article Sysmon 1. Getting Started With Sysmon FIND US ON 1. ...
We’re talking about weekly tasks, 365 authentication issues, and training. On the training front we have ITIL 4, SOC and Windows 10. LINKS 1. The SOC Age Or, A Young SOC Analyst's Illustrated Primer - Presentation from BHIS 2. SOC Core Skills w/ John Strand 3. ITIL 4 Foundation Course FIND US ON 1. Facebook 2. Twitter - DamienHull...
This week we connected Jitibt to 365, found hidden licensing and learned how to be a SOC analyst. You can now contact us by sending email to [email protected]. LINKS 1. Black Hills Information Security Youtube Channel 2. CIS Benchmarks 3. Jitbit FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re learning how to manage emergency accounts and data retention in 365. The good news, Microsoft has some pretty cool tools for data retention. The bad news, retention policies are a bit confusing. LINKS 1. MJFChat: How to Handle Office 365 Backups 2. Microsoft 365 Retention Policies 3. Manage emergency access accounts in Azure AD FIND US ON 1. Facebook 2. Twitter - DamienHull...
We’re slowly creating our test environment for Microsoft 365. We’re also looking at ways we can backup 365. Slow and steady wins the race. We’re two people learning to be 365 admins. Breaking something could equal a lot of downtime. We can’t afford downtime. LINKS 1. MJFChat: How to Handle Office 365 Backups 2. Microsoft 365 Retention Policies FIND US ON 1. Facebook 2. Twitter - DamienHull...
We did it! We migrated to 365. There were a few bumps along the way. Nothing major. We’re doing a quick review of the process and next steps. We have to learn how to be 365 admins. FIND US ON 1. Facebook 2. Twitter - DamienHull
Time to prep for a long winter with Covid-19. We want a nice environment for IT projects and studying. We still need to finish our Windows 10 cert. We’ve got other Microsoft 365 certs to look at. I’m finally going to get the ITIL cert. Lots to do this winter. LINKS 1. Microsoft Learn 2. ITIL Training - This is the one I’m looking at. I’m sure there are others. FIND US ON 1. Facebook 2. Twitter - DamienHull...
Yup, another 365 migration review. Overall we’re doing pretty good. We still need to make sure we’re moving in the right direction. Are we achieving our goals? What are our goals? How are we doing? How do we feel about the project? LINKS 1. Microsoft 365: Getting started - Even at this stage this is still relevant 2. Plan your setup of Microsoft 365 for business - We’re close to running the setup wizard 3. Microsoft 365 identity models and Azure Active Directory - Windows 10 Authentication FIND ...
