Example Event Viewer XML Filter
Here’s a quick example, which might help you, it filters by specific attributes (which you can’t get through the GUI) when you’re attempting to create a Custom View for Event Viewer.
Notepad++ Multiselect Move to End of Line
Let’s say you have three lines and you multi-select the beginning by holding ALT, then dragging down, so you end up with the cursor blinking across all three lines at once: You then add some something at the beginning of all three lines by typing across multiple lines at once: But now you want to … Read more
Microsoft Windows RC4 Cipher Retirement (for Kerberos)
Assuming you have your Microsoft Windows Domain Controllers sending their event logs into Splunk, here is a query that will pull out the pertinent details you need to find anything that is still running non-compliant RC4 for ticketing. Note that your index and Log names may vary.
Reset Active Directory KRBTGT Password
The periodic reset of the KRBTGT password is now recommended by Microsoft to be carried out every 180 days. Resetting the password periodically reduces the risks of a Kerbroasting attack being successful. To ensure the KRBTGT password is fully reset you MUST perform this reset operation twice. And you MUST wait a bare minimum of … Read more
Remove netlogin Configuration
Bit odd, but more cosmetic issue than anything. When wanting to remove netlogin from a port (e.g. 1:45) you can just run: But you may still see the configuration regarding timers, reauth-period and re-authentication, its not obvious how to make this disappear, although its still there in the background. All you need to do is … Read more
Google Sheets – Colour Whole Row based on Column Value
A useful visualisation on your Google Sheets is where you perhaps have a column for “Yes” or “No” or “Done” or “Not Started” and when this cell changes value, the whole row changes colour to make it obvious that action/item has been completed. You can do this as follows: Let’s say you have a spreadsheet … Read more
Add VIM Colour Scheme
If like me you struggle to read dark blue comments on a black screen when using VIM, you can set a colour scheme in VIM by creating a file with these contents in your home directory. Add the following: There are a number of other colour schemes to suit your tastes.
Reset Active Directory KRBTGT Password
The periodic reset of the KRBTGT password is now recommended by Microsoft to be carried out every 180 days. Resetting the password periodically reduces the risks of a Kerbroasting attack being successful. To ensure the KRBTGT password is fully reset you MUST perform this reset operation twice. And you MUST wait a bare minimum of … Read more
Private VLAN (PVLAN) for Host Isolation
Private VLANs provide isolation between ports within a Layer-2 service. Although the configuration is fairly simple, it can become very complex and it also has a number of caveats to how it works and how it can be used. The article explains what Private VLANs are, a brief summary of how they work and then … Read more
WPAD (Web Proxy Auto Discovery Protocol)
The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file that provides them with configuration needed to determine their browser’s (or system) web proxy configuration (if present or not). The file an be published via DHCP (scope option) or via DNS, in our case we use DNS. … Read more