Block AppData, Temp and hardening Office by GPO

24 בMay 2017

Hi everyone, these days are the hardest days we have been experiencing, so many attacks, some security breaches we found. accordingly, I want to share with you the policies you have to deploy and the highlight you have to take under your consideration for implementing. Let's begin because we have a lot of work! Due to CryptoLocker, we need to ensure that we block the possibility to run executable files on Temp and AppData folders. We can disallow it to any user and prevent to run execution file or 7z, RAR, Wz, files on App data by creating a new “Addition Rules” policy in Group Policy, * Make...
תגיות:
אין תגובות

How to configure Credential Guard Windows 10

20 בMay 2017

How to configure Credential Guard Windows 10 I would like to show you how to configure credential guard in Windows 10, the Credential guard is one of the major security features that comes with Windows 10, Credential Guard protects us against hacking and obtaining of credential in Windows, undoubtedly, you have heart about Mimiktaz tool, which can obtain your password as clear-text simply by perform pass-the-hash, pass-the-ticket or build Golden tickets. You know what, don't say I am not a friend, let’s demonstrate you a couple of actions with Mimiktaz. Download the tool from Google, it is available for anyone. - Make sure AV...
תגיות:
תגובה אחת

Prevent downloading attachments through OWA

16 בMay 2017

Hi Guys, I want to show you beneficial settings you might configure on your Office 365, considering we use in Office 365 we are limited to harden Office 365, and looking for any way to secure Office 365 capabilities and harden users experience, thereby today I want to present you how can we prevent from user downloading attachments from OWA in Office 365 and preventing information leakage out. Go to Office 365 to Permissions and then "Outlook Web Polices" then click on + Then, uncheck the "Direct File Access": further, you can enable files viewing: Then, assign the new policy to the particular mailbox: Probably you...
תגיות:
אין תגובות

Windows Server 2016 RDP tuning

10 בMay 2017

last Saturday I read Windows Server 2016 turning about that have written by Philip Steele and Liza Poggemeyer both guys have been done an amazing job! I was so glad to introduce rich details which could be effective for your as well. According to their best practice, there are several changes we have to do into.RDP file which can reduce RDSH performance. So, before deploying by GPO the RDP shortcut please following the followings points: Open the RDP file as TXT and edit the file, then add the following values: wallpaper:i:0- won't redirect the wallpaper on TS side. drag:i:1 - this value reduces bandwidth...
תגיות:
אין תגובות

How to create catch all Office 365

7 בMay 2017

How to create catch all in Office 365 Hi Everyone, in this article I would like to show you how can we catch any mail that delivers to our domain, Even if the SMTP of the recipient is invalid or not existing. The purpose is to learn sender’s behavior toward my domain and catching mails. You can create a mailbox that will contain all emails that were sent by mistake or were misspelled/misaddressed and track there the traffic. Please note that NDR won’t send to the second side and it is not applicable for Hybrid & Co-existence environments, likewise, Microsoft Office 365 Support team not...
תגיות: ,
אין תגובות

How to allow Organizational Forms in office 365

25 בApril 2017

In our Exchange legacy versions we used in the Organization Forms Library, which allows for users to create forms on Outlook, and build custom forms. It's pretty useful for some departments, By default in office 365 Organization Forms isn't created, we have to create it using Powershell, Two weeks ago my customer asked me to help him about this case, therefore I decided to share these commands with you New-Mailbox -PublicFolder -Name "Public Folder" Name Alias ServerName ProhibitSendQuota ---- ----- ---------- ----------------- Public Folder PublicFolder dbxpr07mb318 99 GB (106,300,440,576 bytes) New-PublicFolder -Path "\NON_IPM_SUBTREE\EFORMS REGISTRY" -Name "Organizational Forms Library" Name Parent Path ---- ----------- Organizational Forms Library \NON_IPM_SUBTREE\EFORMS REGISTRY Set-PublicFolder...
תגיות:
אין תגובות

ADFS down disable Office 365 SSO

16 בApril 2017

Hi guys, Today, I would like to talk a little bit about what happens while ADFS is down,  how can we allow to users to access to Office 365 resources, how should we act? Before I am presenting you the Powershell commands we should run in this scenario I would make sure all of you understand what is Office 365 SSO with ADFS, A couple of months ago I made a good article about how can we configure AD Azure join in for SSO to Office 365, Whether you read it or not I put URL for you: http://pelegit.co.il/configure-azure-ad-join/ Use in Azure AD...
תגיות:
אין תגובות

Upgrade SCCM to 1702 Step By Step

15 בApril 2017

Hello everyone, As most of you already heard, last month Microsoft released a new update for SCCM thereby, In this guide you're going to see how to upgrade SCCM version to 1702 . It is going to be pretty quick, SCCM upgrade is not complicated anymore, it is quite straightforward, please follow the new features on the new version: https://docs.microsoft.com/en-us/sccm/core/plan-design/changes/whats-new-in-version-1702 Let's begin: Open SCCM and go to Administration and then click on "Cloud Services > Updates and Services" Check the dmpdownloader.log file to monitor the download process Run the prerequisites checker before and once it went successfully click on Install update pack Select the features you want...
תגיות:
אין תגובות

Exchange indexing not working well

8 בApril 2017

Hi folks! I want to share with you interesting case I had this week at one of my customers, the CTO complained about that many users weren't able to search content on  Outlook 2013 in Terminal. I thought about several potential things such as Outlook versions, caches, Microsoft Updates,  and just at the end of possibilities, I went to the server to check some event logs. I opened the event viewer and found the following warning event: Database number 1: Database number 2: I opened Exchange Shell and run this: Get-MailboxDatabaseCopyStatus * | ft -auto Found that both databases were failed status in contentindexstate row The solution was pretty...
תגיות:
אין תגובות