The ramblings of a computer geek
During my learning of AWS and its deployment via Terraform, I came across an issue where my EC2 instances kept getting destroyed, even when no changes had been made to them. For example in the plan output: Notice the “# forces replacement” on the security_groups directive. Turns it it was quite a simple fix, although … Read more
So you created an Exchange Online User and Mailbox but you’re still in a hybrid configuration where you are managing Exchange mailboxes on-premise. What this means is that the on-premise Exchange Organisation has no idea that the user exists, it doesn’t appear in Exchange Admin Center and it also probably won’t appear in the GAL. … Read more
Today we had a bit of a stop and think moment with a delegated domain; it was a good thought experiment to walk though. So let’s say you have a sub-domain thing.example.com of the domain example.com. The thing.example.com has been delegated by the administrators of example.com to a 3rd party who will manage the namespace … Read more
From the AWS CLI you can easily see how big a AWS S3 Bucket, firstly login to the AWS CLI and then you can run the command:
Its always best to be using a user account authenticated via SSO (so you can have additional levels of security, e.g. MFA) on-top, and access AWS resources using a temporary Role (to provide the permissions). For most use cases e.g. interacting with the Web Console, using the CLI or performing development tasks via Cloudformation templates … Read more
We are currently going through a migration from on-premise Microsoft Exchange servers to Microsoft Exchange Online (Microsoft 365). We needed to determine what ActiveSync clients were in use to be able to provide guidance to users of what to do. So I wrote a simple script that retrieves all the mailboxes (that are enabled) and … Read more
Let’s say you’re needing to examine the logs using Splunk to find invalid logins, but perhaps the way the logging works from your application, Splunk is not able to identify the IP Address automatically. This isn’t a problem, you can use a Regex. So let’s say you’re looking for the string “failed login for user … Read more
Just like the testing of SMTP using Telnet, you can also perform the same steps if the target server is using TLS, however because telnet won’t do the job here, you can use OpenSSL instead. Here’s a simple example. Firstly get your Username and Password in Base64 format. You’ll get the Base64 encoded strings outputted … Read more
I was having trouble with the previous theme, it was not fully compatible with PHP 8.1, so I’ve swapped to a new theme for now.
Splunk is a great tool for visualising alerts and events, I’ve been creating a dashboard to aggregate all the failed logon attempts from management interfaces of our network switches, firewalls, storage etc. so that if someone tries to brute force password attempt the interfaces we have some visibility. Obviously the queries you need to use … Read more