The ramblings of a computer geek
In this scenario I had a pair of Palo Alto Firewalls that were providing firewall services as a perimeter pair of firewalls acting in an active/passive cluster. Due to our internal network configuration, use of OSPF etc. the interfaces (ports) on the passive firewall were set to be down/disabled when that firewall was not active. […]
More...I’m currently in the process of moving from FTTC broadband to FTTP broadband, as part of this there is no copper telephone line because its fully fibre optic based. At the time of writing my ISP (plus.net) did not offer their own VOIP telephone service you could port your telephone number to, meaning in the […]
More...The Microsoft Exchange 2016 ESE database engine manages the database engine and database files that make up the Mailbox Databases on the Microsoft Exchange server; it reads and writes data to and from the database and manages the database files through background management tasks. The Exchange databases are based on the JET database engine and […]
More...To find gMSA (Group Managed Service) Accounts i.e. group managed accounts and if your ADUC doesn’t have this as an option you can use a “Custom Search” and click “Advanced”, then use the following string in the “Enter LDAP query:” https://www.mssqltips.com/sqlservertip/5340/using-group-managed-service-accounts-with-sql-server/
More...Just a quick one, let’s say you need to tunnel some traffic over an SSH tunnel, its pretty simple to setup, in this example I’m wanting a local port 3128 on my local machine to be tunnelled over the SSH session to a remote server via another server (i.e. an SSH gateway). Okay, let’s break […]
More...Kerberos is an authentication technology, if you’ve used Microsoft Windows and Active Directory (AD) you will have heard of Kerberos as its the authentication method used to secure an AD Domain and any hosts and devices that are joined to it. I’d like to provide a fairly high-level run through of how Kerberos works, so […]
More...The HPE Nimble Storage array can be managed via a Web Interface, SSH Console or API, you can Active Directory (or LDAP in later NimbleOS version) integrate the array for management access. At the time of writing MFA or 2FA is not natively supported, however I believe it is on their roadmap to add SAML […]
More...I recently came across an odd problem with the links from our Extreme Networks X695 switches to some Dell S5148F-ON switches, the X695 was running: 30.7.2.1, the Dell switch 10.4.3.6C1. Essentially what started the oddity was a transceiver failure. The equipment has been in production for a few months, all was working well. Suddenly a […]
More...NMAP (Network Mapper) is a great tool for scanning a network for hosts and devices. I’m going to write a more in-depth article soon, but for now here is a good command that can be used to scan your network (with a ping scan). By default Nmap will perform a reverse DNS lookup on the […]
More...Microsoft Active Directory uses the concepts of “domains”, a domain is the outer edge of a security compartment; within a domain, user accounts, computer accounts and resources are authenticated and share a common authentication source. There is also the concept of a “forest”, a forest is a collection of domains, in the most basic configuration […]
More...