December 3, 2020

DeepRacer European Seaside Circuit Waypoints

I’ve been getting into AWS DeepRacer, and in wanting to build a model to compete in the current competition, I wanted to get an idea of the waypoints so I could reward certain behaviors in turns and straightaways. You can run a 5 minute model with print(params[‘waypoints’]) somewhere to get them back in the logs, formatted as a list of tuples. I took the set, […]

July 13, 2020

Adding a site to the SCUTTLE backup scope.

Today I got word that another website wanted to be included in the SCUTTLE backup scope. I’ve mentioned before there are a couple of steps to make that actually happen, you can probably reason through most of them. DNS has to be set up, then the apache config, then the certificate, then database work to add a Wiki object and a corresponding Domain object. DNS: […]

October 6, 2016

Use nested traversal groups to allow access to ABE-enabled grandchild folders.

Say you have the following structure: \\DOMAIN\DFS\Folder1\ <– UserA can access this folder. \\DOMAIN\DFS\Folder1\Folder2 <– UserA has no privileges on this folder. \\DOMAIN\DFS\Folder1\Folder2\Folder3 <– UserA has modify access to this folder, subfolders and files. \\DOMAIN\DFS\Folder1\Folder2\Folder4 <– UserA has no privileges on this folder. With ABE, the UserA will not see Folder2 even though Folder3 is something they do have access to. So permissions are added […]

May 12, 2016

Use GPO to change the default behavior of potentially malicious file extensions.

If you’re like me and don’t have direct control of your own email filtering, or want to go a step beyond, you’re going to want a way to prevent non-PE viruses from running. Software Restriction Policies are good for this if you’re using them in a whitelist capacity, provided that you’ve also added the extension to the Designated File Types. From a blacklist standpoint it’s […]

April 7, 2016

DangItBobby.ps1 – Remotely disable a NIC given only a username.

So I have a code offering today, which I’m calling DangItBobby.ps1. It lets you remotely disable the NIC of a computer given only the username that is logged in. In essence, when in the middle of a ransomware infection, and you see that the owner of all the files is changing to Bobby, you run the script and provide credentials of a local admin account. […]

March 21, 2016

Quick Tips: Share Permissions do more than you think.

While rebuilding a piece of my lab for file server and DFS services, I had an odd set of symptoms. I had a user in a security group that was not set to be able to change permissions, and no ability to take ownership, in the NTFS permissions. Yet they were able to add permissions to give others elevated access, or even elevate their own […]

March 18, 2016

Ransomware is the future.

When I first started fighting ransomware in late 2013, I had a premonition that this was something serious. While CryptoLocker was rather easily defeated in the enterprise and ultimately killed by killing the botnet, media outlets and tech sites ran with the story. It showed this small group making millions and millions of dollars. Guess what? More people started writing ransomware. Cut to now. Ransomware-as-a-service is […]

March 2, 2016

Setting up secure Home Folders without touching AD.

In preparing for a new file server schema, I’ve been playing with home folders and quotas. I wanted to come up with a “home folder” solution that met a couple needs: Worked well with Windows 7 through 10 Did not involve the client support team having to set the home folder in each user’s AD profile Did not rely on folder redirection or roaming profiles Set-and-forget […]