Author Archives: Jarrod

Configure the EFS Recovery Agent

Configure the EFS recovery agent

By default the Encrypting File System (EFS) uses self signed certificates that are tied to a user account. Should these be lost a user will no longer be able to access their encrypted files. We can configure the EFS recovery agent which can decrypt the certificates of other users, thereby providing access to their encrypted files.

Read more »

Manage EFS and BitLocker Certificates, Including Backup and Restore

Manage EFS and BitLocker Certificates, Including Backup and Restore

This guide will show you how to manage EFS and BitLocker certificates, including backup and restore. The certificates are important in order for EFS and BitLocker to work correctly, if they are lost then your data may be too. Therefore it is important that we backup these certificates and also know how to restore them.

Read more »

Determine requirements and scenarios for implementing Shielded VMs

Determine requirements and scenarios for implementing Shielded VMs

In this post we’ll determine requirements and scenarios for implementing shielded VMs. In a traditional environment where virtual machines run on a hypervisor host, it’s possible for the administrator of the virtualization layer to get full access to the virtual machines.

For example if you buy a VPS from a provider, you are given access to the guest operating system. It is technically feasible for a malicious or compromised administrator account to gain access to the virtual machine.

This is where shielded VMs in Windows Server 2016 come in to save the day.

Read more »

Configure Firewall Rules for Multiple Profiles Using Group Policy

Configure Firewall Rules for Mulriple Profiles Using Group Policy

Rather than manually configuring Windows Firewall rules individually on each server, we can instead configure firewall rules for multiple profiles using group policy, allowing us to roll them out to a group of computers at once.

In this example we’ll be working with Windows Server 2016, however the steps are very similar in previous versions of the Windows operating system.

Read more »

21 ss Command Examples In Linux

SS Command Examples For Linux

The Socket Statistics (ss) command is similar to netstat, in that it is used to display useful network socket information.

For some time now the netstat manual page has noted “This program is obsolete. Replacement for netstat is ss.”, so this is going to be a useful command to know how to use moving forward.

Fortunately a lot of the options are similar to the ones used by netstat, however there are a few differences as we will see.

Read more »

Implement Policy Changes and Staging with Dynamic Access Control

Implement Policy Changes and Staging

This post will show you how to implement policy changes and staging with regards to auditing using Dynamic Access Control (DAC). This allows us to stage and test a central access policy before actually using it in production. This is a useful feature, as implementing DAC can be complex to work with.

Read more »

How to Restore a Deleted File in Linux

Restore a deleted file in Linux

If you’ve accidentally deleted a file in Linux, don’t worry, you can probably still restore it as long as that area of disk has not yet been overwritten. This post will show you how to easily restore a deleted file in Linux.

Foremost is able to search a disk or raw image file to recover files based on their headers, footers, and internal data structures.

Read more »

Install PowerShell 5 in Windows Server 2008 R2

Download WMF 5.1 to a Windows Server 2008 R2 System

Windows Management Framework (WMF) 5.1 contains PowerShell 5.1. By default Windows Server 2008 R2 SP1 runs the older PowerShell version 2. By downloading and installing WMF 5.1 to a Windows Server 2008 R2 system, we can upgrade it to PowerShell version 5.1.

Read more »

Implement Work Folders in Windows Server 2016

Implement work folders

In this post I’ll show you how to implement Work Folders with a Windows Server 2016 file server and Windows 10 client. Work Folders allow a user to access their files from an internal file server remotely over the Internet.

Read more »

Prevent File/Directory Modification, Deletion and Renaming in Linux

Immutable files in Linux

In order to prevent a file or directory from being accidentally or intentionally modified, renamed or deleted in Linux, we can set the immutable flag which will disable this functionality.

Read more »