О проекте

Автор: :

Windows Notepad: Insert Time and Date into Text or Log File

Notepad is one of Window’s best tools. As I frequently use it with logs, here are a couple of time and date tricks I have learned over the years.
Notepad is simple and full of little tricks. I use it for creating and using log files all the time. Here are a couple of ways to use Notepad to automatically insert the time and date. These techniques work for all versions of Microsoft Windows, including XP, Vista, and Windows 7.

Automatically insert a timestamp every time a file is opened:

A simple way to record what you are doing at certain times is with a .LOG file in Notepad. Using this method, each time you open and close Notepad, a timestamp is created to time your activities more efficiently. Simply open the document, record what you did, save the file, and then close it.

Читать далее…

Ссылки. Security

Пусть тут поживут. Постоянно приходится искать :)

- Определение LM\NTLM

https://secpfe.com/wordpress/en/2017/03/01/controlling-and-restricting-ntlm-usage-part-i/

https://secpfe.com/wordpress/en/2017/03/02/controlling-and-restricting-ntlm-usage-part-ii-audit-and-detection/

https://github.com/secpfe/NTLMHound/

 

- ATA и ATA Playbook

https://docs.microsoft.com/en-us/advanced-threat-analytics/what-is-ata

https://gallery.technet.microsoft.com/ATA-Playbook-ef0a8e38

 

- Identifying Clear Text LDAP binds to your DC’s

https://blogs.technet.microsoft.com/russellt/2016/01/13/identifying-clear-text-ldap-binds-to-your-dcs/

 

- LAPS Audit Reporting via WEF PoSH and PowerBI

https://blogs.technet.microsoft.com/kfalde/2015/11/18/laps-audit-reporting-via-wef-posh-and-powerbi/

 

-LAPS and permission to join computer to domain

https://blogs.msdn.microsoft.com/laps/2015/07/17/laps-and-permission-to-join-computer-to-domain/

 

- Pass-the-Hash

https://technet.microsoft.com/en-us/security/dn785092

(Mitigating Pass-the-Hash and Other Credential Theft v1, Mitigating Pass-the-Hash and Other Credential Theft v2, How Pass-the-Hash works PDF)

 

- Administrative Tools and Logon Types

https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material#ATLT_BM

 

- Privileged Access Workstations (PAW)

https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations

 

- Privileged Access Workstation (PAW) Content

https://gallery.technet.microsoft.com/Privileged-Access-3d072563

 

Update 31.07.2017

Microsoft Advanced Threat Analytics Proof of Concept Playbook

https://gallery.technet.microsoft.com/Advanced-Threat-Analytics-591ca681

 

Update 21.08.2017

Troubleshooting ATA known issues

https://docs.microsoft.com/en-us/advanced-threat-analytics/suspicious-activity-guide

Update 26.08.2017

Understanding ATA Suspicious Activity Alerts

 https://blogs.technet.microsoft.com/enterprisemobility/2016/11/04/understanding-ata-suspicious-activity-alerts/

 

 

MIM фильтрация заблокированных пользователей

Сегодня возникла задача отфильтровать заблокированных пользователей при импорте в MIM Sync Service. Т.к. задача как возникла, так и рассосалась, а вот табличку со значениями userAccountControl я решил сохранить. Мало ли, вдруг задача опять неожиданно возникнет снова :)

Value

Description

512

 Enabled Account

514

 Disabled Account

544

 Enabled, Password Not Required

546

 Disabled, Password Not Required

66048

 Enabled, Password Doesn’t Expire

66050

 Disabled, Password Doesn’t Expire

66080

 Enabled, Password Doesn’t Expire & Not Required

66082

 Disabled, Password Doesn’t Expire & Not Required

262656

 Enabled, Smartcard Required

262658

 Disabled, Smartcard Required

262688

 Enabled, Smartcard Required, Password Not Required

262690

 Disabled, Smartcard Required, Password Not Required

328192

 Enabled, Smartcard Required, Password Doesn’t Expire

328194

 Disabled, Smartcard Required, Password Doesn’t Expire

328224

 Enabled, Smartcard Required, Password Doesn’t Expire & Not Required

328226

 Disabled, Smartcard Required, Password Doesn’t Expire & Not Required