Mass-Checking SSH Connections using Parallel

Today I wanted to make sure I have SSH access to about 100 servers.
Obviously, I wasn't going to verify the list by hand, so I put all of the servers' names in a file, and wrote this little script:

for NAME in $(cat ~/Desktop/server-names)
do
        echo -n "$NAME …
more ...

Fixing Dynamic DNS on Gargoyle

Note: I switched to inadyn on my home server eventually. I left this article because it's still relevant

I was digging through the logs of my latest Gargoyle installation (a router firmware based on OpenWrt, with a better UI in my opinion), and found out that Dynamic DNS updates were …

more ...


Finding Accounts Trusted for Delegation

As part of a security audit, I was asked to help in finding all accounts marked with "Trusted for Delegation"

What is "Trust for Delegation"

You can try reading the TechNet Article, but in short - delegation (also known as kerberos double-hop) is allowing a service to impersonate clients in order …

more ...

Some PowerShell Snippets for Network Scanning

I recently had to improvise some network scanning using PowerShell. The security guys got somewhat excited, so I decided to upload these snippets.
I think all of them require PowerShell v2+

Checking ping for one IP address

Test-Connection $target -count 1 -quiet

Checking if a TCP port is listening

function …
more ...

Setting Up Samba on Raspberry Pi

After setting up my rPi TorrentBox, I wanted to let my family access the downloaded files.
Since they use Windows (and I don't want to bother their systems with NFS), I wanted to install Samba on the rPi and create a read-only share (and a weak user for them to …

more ...

List all Group Policy Extensions Registered

I use this script to see all GP extensions that my computer can process:

ls 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions' | select `
    @{name='Guid';expression={[guid]$_.pschildname}}
    @{name='Name';expression={$_.GetValue('')}}
    @{name='DllName';expression={$_.GetValue('DllName')}}
    @{name='ProcessWhenNoChanges';expression={!$_.GetValue('NoGPOListChanges')}}
    @{name='IsUserPolicy';expression …
more ...

Raspberry Pi + Deluge = Segmentation Fault

Note: This is relevant to any ARM based device running Linux

I'm trying to use a Raspberry Pi as a torrentbox (an always-on BitTorrent client).
If I ever finish this project, I'll defiantly post my build.
Anyway, I had a really annoying problem - every once in a while, the Deluge …

more ...


setspn Duplicates and Case Sensitivity

Today I found out that the command I use to find duplicate SPNs, setspn -x

is case sensitive, meaning that the following SPNs don't count as duplicates:

HOST/bla
HOST/BLA

This makes sense when using UNIX systems for TGS creation.
However, Active Directory Domain Controllers, being Windows systems, are …

more ...