7MS #351: Turn Windows Logging up to 11
7 Minute Security6 Maalis 2019

7MS #351: Turn Windows Logging up to 11

Today's episode is brought to you by NoteCast. Try it free for 60 days (no credit card required) and enter code 7MS when completing your signup.

In today's episode, I talk about how the level of Windows server/client logging out of the box is...not really awesome. I then look at how we can create a GPO that turns logging "up to 11" using some free tools and cheat sheets.

If you want to simulate this in your own lab by building out an Active Directory environment, check out part 1 of a Webinar series we've been working on called DIY $500 Pentest Lab, which helps you select hardware/software components you need to build a lab. Then coming up soon is part 2 where we'll build out a Windows 2012 server, promote it to a DC, join a couple clients to it, and prepare to start hacking!

Once your AD and clients are setup, you can start slurping up their logs for free using a Papertrailapp account (not a sponsor). I went ahead and paid for a $7/mo plan so I could get 1GB of storage and a little longer log retention.

Then, I used LOG-MD to audit a Windows workstation and get some great recommendations on what registry settings and security policy tweaks to make. Finally, I started turning this into a GPO so I could begin pushing out these settings en masse. My living/breathing document to capture all this information is in a new gist that I plopped here.

Jaksot(683)

7MS #67: Wifi Sniffing is Fun-Part 2 (audio)

7MS #67: Wifi Sniffing is Fun-Part 2 (audio)

This is a follow-up to episode #64, in which I did some fun wireless sniffing and tried to find sensitive data within it! In the episode I talk about the network “map” of my sniffing setup. It looks like this: Ethernet from client->upstream port of hub My laptop with Wireshark->Hub Wifi access point->Hub To find…

9 Kesä 20157min

7MS #66: I’m Excited to Go Phishing – Part 2 (audio)

7MS #66: I’m Excited to Go Phishing – Part 2 (audio)

This is a follow-up to episode #63, discussing the results of a fun phishing campaign I recently completed. 7MS #66: I’m Excited to Go Phishing – Part 2 (audio)

4 Kesä 20158min

7MS #65: OFFTOPIC-Still Alice (audio)

7MS #65: OFFTOPIC-Still Alice (audio)

Warning, this episode is off topic and has NOTHING to do with infosec! Nope! Instead, it’s a review of the movie Still Alice. Yep. That happened. 7MS #65: OFFTOPIC-Still Alice (audio)

3 Kesä 20157min

7MS #64: Wifi Sniffing is Fun-Part 1 (audio)

7MS #64: Wifi Sniffing is Fun-Part 1 (audio)

I got a fun project involving wireless sniffing, followed up by scraping through packets looking for credit card data! Here’s part 1, which talks about about software/hardware you might need to do this the right way. 7MS #64: Wifi Sniffing is Fun-Part 1 (audio)

28 Touko 20157min

7MS #63: I’m Excited to Go Phishing (audio)

7MS #63: I’m Excited to Go Phishing (audio)

This week I’ll be launching a phishing campaign against an organization that has been well trained to defend against such malicious attacks and links! Will this organization break my company’s 100% success rate for phishing, or will I be able to craft an email to fool at least one person? 7MS #63: I’m Excited to…

21 Touko 20157min

7MS #62: You Should Run LAPS (audio)

7MS #62: You Should Run LAPS (audio)

I’m excited about this! Microsoft has released a tool called Local Administrator Password Solution to help administrators manage local admin credentials for domain-joined machines. Check out this article for more information, and please contact me if you end up running this, as I’d love to hear about your experience. 7MS #62: You Should Run LAPS…

19 Touko 20157min

7MS #61: Why Local Admin Rights Suck (audio)

7MS #61: Why Local Admin Rights Suck (audio)

Users running as local admins on their machine are a big risk! This episode discusses some reasons why, and also here is the link to the Avecto study I mention regarding how many Microsoft vulnerabilities would be thwarted by removing admin rights. 7MS #61: Why Local Admin Rights Suck (audio)

14 Touko 20158min

7MS #60: How Not to Suck at Customer Service (audio)

7MS #60: How Not to Suck at Customer Service (audio)

This episode was inspired by two awesome customer service experiences I had in the past week. It got me thinking: how can we as infosec professionals suck less with our customer service approach? 7MS #60: How Not to Suck at Customer Service (audio)

12 Touko 20158min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
aikalisa
ootsa-kuullut-tasta-2
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
politiikan-puskaradio
aihe
rss-vaalirankkurit-podcast
the-ulkopolitist
rikosmyytit
rss-kovin-paikka
rss-mina-ukkola
linda-maria
rss-hyvaa-huomenta-bryssel
rss-tyolinjalla-pekka-sauri
radio-antro
rss-aijat-hopottaa-podcast
rss-raha-talous-ja-politiikka
rss-kyselytunti
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset