Since you are starting from scratch again, this is a good article to read.

https://social.technet.microsoft.com/wiki/contents/articles/34981.active-directory-best-practices-for-internal-domain-and-network-names.aspx

@tonyshowoff

For anyone interested..

https://www.us-cert.gov/ncas/alerts/TA17-132A

Here is another tip for you...

In this day and age, vulnerability scans should be a part of every network including SMB. Especially when you consider the risks today. Is vulnerability scanning expensive? well it can be, but there are some open-source and low cost options.

OpenVAS

OpenVAS is a fork of the opensource nessus project. Nessus shutdown their opensource program in 2005. After that OpenVAS was born. I have seen OpenVAS packaged with other tools and sold such as AlienVault. Even though the GUI looks different the backend is OpenVAS.

Pros

• open-source (free)
• reliable updates and lots of forum style support
• Quick and Easy to setup

Cons

• Slow. An OpenVAS scans take longer to run and use more resources compared to paid solutions
• Weekly updates vs daily updates (like paid solutions)
• Resource intensive. Small networks (50 servers) may need a dedicated server with 8GB-16GB RAM

How to start your first scan

Ok so step one is to go to Configuration > Targets

Click the Star (top left) to Add A new Target

Let's just use one target for now. Name it whatever you want and just type in IP in manually

Otherwise I would use a text file

Then go to Configuration > Credentials

Add a credential and save it

Now go back to Configuration > Targets and edit the one you already made and go to SMB and select the credential you just made

Next go to Scan Management > Tasks

Then click the star to create a new task

Name it whatever you want and select the scan target you just created

Once you are finished with the task click the green play button to start the scan

@scottalanmiller said in Pentest - Who would you recommend?:

@Carnival-Boy said in Pentest - Who would you recommend?:

@IRJ said in Pentest - Who would you recommend?:

You definitely don't want a pen test, you need a security assessment. There will be plenty of things to fix, and after securing the network then you could do a pen test the following year.

Same thing. What do you think an assessment will do that a pentester won't (and vice versa)?

One is only testing penetration from a set of attacks. Most security vulnerabilities are not penetration so aren't part of that test (like SQL Injection is not penetration) plus it tests attacks, not risks.

Example.. which tells you how long it will take to break through a door, hitting it with a hammer or knowing a lot about the door? If you know enough about the door, you know where it is weak or if the hinges are about to give out. If you just hit it with a hammer, you might get lucky and get in on the first swing or you might never hit it hard enough to break the hinge.

Both are valuable, but one tells you a lot more, typically.

Yes, alot of people use security assessment and pentesting as interchangeable terms but they are much different. Pen testing is only done when you feel you've already covered everything found on a security assessment.

Inspired by @Nic post.

I know alot of geeks love reddit, but the website is so ugly I just can't look at it. Does anyone else feel this way or is just me?

@rojoloco said in Make Encrypted Connection in Home network:

@bnrstnr said in Make Encrypted Connection in Home network:

The threat of having ISPs be able to sell personally identifiable information is enough for some people I know to want VPN... If there is nothing in it for me other than more spam, why would I want them to be able to see ANYTHING that I do? Something nefarious to hide definitely isn't a prerequisite.

Well, paranoia is the primary reason people want to hide. But as far as I'm concerned, the more someone says "I have nothing to hide, but...", the more I believe that they do.

Sorry guys, but I have to disagree here. If we can't trust certain vendors with our data because of a bad history, we certainly CANNOT store our data with the government. If you compare a shitty company like Symantec or Intuit with the government. The government has 1000000x worse track record with exploiting people

I never thought I would be buying a smartwatch. For me the cost and lack of function were just too much to justify. I came across a budget smart watch on amazon and decided to research some other budget models. I read some reviews on the U8 watch and they were actually pretty impressive for such a low cost device.

www.amazon.com/gp/product/B0158CCLFG?psc=1&redirect=true&ref_=oh_aui_detailpage_o01_s00

Some features on the watch include:
receive and make calls from your watch
receive phone notifications
control your camera and take photos
sync your phonebook and call log
play music
anti lost feature
barometer, altimeter and pedometer

Here is an interesting article that explains how to use tasker to really unleash the full power of the watch.
www.abidibo.net/blog/2015/04/01/how-get-best-your-u8-smartwatch/

@wirestyle22 said in Active Directory Migration Questions:

1. If you migrate an account from a subdomain to the root domain does the account remain on the old domain? Migrate means to move, so it's not a copy. I think it most likely does not remain on the original domain but I wanted to ask anyway.

2. If you have a file server on a subdomain and migrate a user from the subdomain to the root domain but then move the file server over to the root domain as well, how are the directory permissions resolved within the file server? There is a point there where none of the AD user accounts (assuming you move them all) can't resolve.

I'm sure I will think up more I'm foggy today

1.) No. See ADMT

https://technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx

2.) You shouldn't be assigning permissions by users. Only groups

The page is nice, but people have to search it out. Groups are really nice because Facebook users join a group called "information technology" for example. That group has 2,000 members and make posts similiar to a forum. As the users are more activity on the group, they get group feeds on their regular facebook feed.

You join the group, post your links and people follow the traffic. If you post in a group of 2k people you are likely to get at least exposure to 100 different people if not more than that. You do this on multiple groups and you can quickly grow.

Another strategy I use is interact with the group and find out their interests. For example I find out what fishing lures they like to use in the group and go out and buy and test them. Then write an article on how to fish them with the fish I caught.

You could have the group ask open questions and post them on ML for members to answer. Then post a link to thread in reply to a comment. That will really engage the users.

OneDrive is such a terrible product. It's really flaky for me. Every other cloud storage I've used is leaps and bounds better. It's almost unbelievable how bad it is.

@Romo said:

5/7 as well

Perfect score

So, I'm guessing you aren't actually missing updates . nessus is probably looking at a reg key entries in addition to windows updates. Quite a few MS updates do requite additional configuration such as reg key changes.

You need to review "plugin output" for each vulnerabilities. This section of the report tells you exactly why you failed the particular check.

You can also view source code of each plugin. The plugins are usually VB or power shell scripts for windows machines.

These aren't your typical crappy free t-shirts

Youtube Video

SAM overclocked