Search Results

Importing a profile: There are many ways you can go about this, but for this guide, I will provide a link where I downloaded a profile called better default. You can change the layout once you import this profile. Link to Better Default profile - https://www...

This profile is going to be the default that is used, however, keep in mind, this will be dictated by your environment and the type of hunt you are doing. You can tweak them all to your liking, however, this will server as a baseline. This is really more of a...

Creating Search Filters / Columns: This is very useful and will save you time in the long run. What we want to accomplish here is creating your most common filters of data you think you will most likely be looking to dissect out of the pcap. Where to Start A...

A Closer Look: This is not going to be a deep dive into T-Shark, however, what this will show is where you can start taking the same data that we were searching for in the above scenario of looking for user agents. Given this pcap doesn’t have a large amount o...

OBJECTIVE: To configure the Domain Controller to use an external NTP server to keep time reliable and accurate. STEP 1: Open command prompt as an administrator and enter the following command w32tm.exe /config /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.o...

Objective: To disable ipv6 where it is persistent among reboots In case you need more permanent solution to disable IPv6 even after system reboot follow the steps below:STEP 1: As an administrative user open up the /etc/default/grub file using your favorite ...

Objective: To disable or remove cloud-init from your ubuntu 20.04 ServerMethod 1: Disable cloud-init from file This is the safest and the easiest method. We only need to create cloud-init.disabled file in /etc/cloud directory and reboot the system. To cr...

Objective: Get rid of the warnings in the Admin Web Interface "reducing DNS packet size for nameserver OpenDNS Resolver to 1280"STEP 1: You can get rid of the warning by adding a config file like /etc/dnsmasq.d/99-edns.conf and using an editor like nano or vi...

Objective: Change the login password for the Web Interface for piHole. STEP 1: You can change the password by logging in via console or ssh to your pihole server and running the following command sudo pihole -a -p

Objective: To extend the windows server evaluation license for extended use after 180 days The evaluation versions of Windows Server are valid for 180 days by default and can be extended. To extend the evaluation period the following steps can be used: STEP...

It always starts with the generation of a public/private keypair that will be only used for the SSH-process. In this command we use a dedicated label "SSH-KEY" which we later assign to the SSH-config. The default-keylength is typically too small, it's time to ...

There are different ways in IOS to configure users with corresponding passwords. For SSH, the Router/Switch doesn't need the cleartext password. That means you should not configure your users with switch(config)#username USER password PASS   Better configu...

Objective: Install xve-image from source on an ubuntu 20.04 LTS machine in order to convert from XVA to a VMDK to be imported in VMWorkstation Step 1. Navigate to eriklax/xva-img: XVA (Citrix Xen format) virtual disk tool. Supports RAW disk image exports and ...

Objective: Extract the disk from the from the XVA to a raw disk to be converted to VMDK. Step 1. Navigate to a location that you would like to work from. In my scenario, I am working from my user's home directory in a folder name 'XVA VMs' Belows is a screen...

Objective: Use qemu-img to convert the raw disk extracted from the XVA file in our working directory to a vmdk file for the ability to import in VMWare. Step 1. Navigate to a location that you would like to work from. In my scenario, I am working from my user...

Below is an example of YAML to modify "windows_dns::zones": '#{subnet.inAddrArpa}': ensure: "present" "windows_dns::records": '#{int in subnet.nics}': '#{int.ip}_PTR': ensure: 'present' type: 'PTR' node: '#{int.ip}' ...

Deploy the VMs For this little experiment. I am deploying from template from a Windows 10 VM. I have not figured out how to make the interface profile stay private with any persistence and it is annoying. Any way, so the steps are simple. Deploy from Tem...