Categories
News

Intrusion Prevention with Fail2Ban

Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks. Written in the Python programming language, it is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, for example, iptables or TCP Wrapper. Wikipedia To assist in further locking down the exposed SSH […]

Categories
How-To Software Technical

Check Point Firewall: Disconnect VPN or Mobile Access Clients

If you have a need to disconnect a user from the firewall forcibly. There are a few ways I am aware of that will force users off the VPN. Installing Security Policy (link)-  clears the cached authentication of the remote user, although this doesn’t seem to disconnect them it prompts them to re-enter credentials. Expire […]

Categories
How-To News

Gain access to former user’s OneDrive data

In most organizations, you will have the employees leave at some point.  In most cases, you will you probably want to access and protect their data. Data such as documents and emails and then transfer ownership to a manager or new employee.  Performing a dump of the users home directories and contents of a hard […]

Categories
How-To Technical

Windows Server 2016, AppLocker Rules

AppLocker rules can be set up by using group policy in a Windows domain and have been very useful in limiting the execution of arbitrary executable files. AppLocker takes the approach of denying all executables from running unless they have specifically been whitelisted and allowed. AppLocker is available in Windows Desktop and Servers.  Desktop Windows […]

Categories
News Technical

Phishing Attacks using Office 365 and SharePoint

The bad guys are at it once again and now have a new slick way of stealing your login credentials, by sending you an invite via email to open a SharePoint document. The link(s) takes you to an actual SharePoint page where you will see a OneDrive prompt. This prompt will have an “Access Document” […]