Category Archives: Security

Vendors’ response to Meltdown and Spectre Vulnerabilities

Bash ShellShock Bug

The Meltdown and Spectre are two new  vulnerabilities in Intel, AMD and ARM processors which will effect everyone.

There is a very good technical article that the Sophos team have put together explaining in detail the issue, you can read it here, as well as many other websites which are covering the story so I won’t go into much detail, just type Meltdown/Spectre into your favourite search engine.

Instead below is a list of the major vendors which we and customers use and links to any articles they have regarding Meltdown and Spectre and their products.

Keep checking back as I will update this as more details from vendors become available.

If you know of any other Vendor statements regarding the Meltdown/Spectre bugs please add a comment below, and I will incorporate it into the post. Continue reading

Top 10 Blog posts of 2017

Happy New Year!

In 2017 the OxfordSBSGuy.com blog has gone from strength to strength, with 26 posts and 863,000 views. In 2017 I implemented SSL and been working on some tweaks here and there to improve performance.  This year I’m considering a redesign and new hosting is in the pipeline to improve performance further. Thank you for your support.

Below are the top ten articles in 2017

  1. PowerShell: Get-ADComputer to retrieve computer last logon date – part 1 (103,582 views)
  2. PowerShell: Get-ADUser to retrieve password last set and expiry information (83,394 views)
  3. Exchange PowerShell: How to list all SMTP email addresses in Exchange (63,442 views)
  4. How to convert a Hyper-V VHDX to VMDK for VMware Workstation (31,337 views)
  5. PowerShell: Get-ADUser to retrieve login scripts and home directories – Part 1 (31,017 views)
  6. How to install Exchange 2010 (SP3) on Windows Server 2012   (43,232 views)
  7. Server 2012: “Your current security settings do not allow this file to be downloaded” (29,374 views)
  8. Exchange PowerShell: How to enumerate Distribution Lists, managers and members (24,264 views)
  9. Dell PERC: How to clear the foreign configuration on a HDD using the Raid Configuration Utility (21,799 views)
  10. How to resolve VMware Workstation “The network bridge on device ‘VMnet0’ is not running” (21,737 views)

Looking forward to 2018, the industry recently has been focusing on security so I’ll be brushing up on some Security Skills with Sophos and WatchGuard, and with more and more clients moving to Office 365, I intend to write a few more PowerShell scripting to help manage end users and computers in the cloud.

I hope you have a great year!
Carl
www.OxfordSBSGuy.com

WatchGuard Fireware v12.1 released

watchguard

WatchGuard have released Fireware 12.1 on 18 December 2017. This replaces the previous version of 12.0.2.

Full release notes can be found here. Please read them before upgrading! Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading.

Fireware v12.x is not supported on Firebox X 5 Series devices, models 505, 510, 520 or 530.

Continue reading

WatchGuard Fireware v12.0.2 released

watchguard

Note: Fireware v12.1 is now available, see here for details.

WatchGuard Fireware v12.0.2 was released on 4 December 2017. This replaces the previous version of 12.0.1.

Full release notes can be found here. Please read them before upgrading! Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading.

Fireware v12.x is not supported on Firebox X 5 Series devices, models 505, 510, 520 or 530.

Continue reading

Office 365: How to change your Office 365 App Password

Office 365

If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.

If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.

Continue reading

How to enable Windows Time Service Auditing

Windows Server
Accurate time in a domain environment is essential for authentication between clients and servers to work correctly. Kerberos v5 protocol requires a tolerance of less than 5 minutes, anything more than this and you will get authentication errors.

I’ve recently been investigating a a server who’s time leaped 28 days into the future! So wanted to start auditing the Windows Time service to see what made the change.

So in this blog post I’ll show you how to enable Windows Time service auditing.

Continue reading

WatchGuard Fireware v12.0.1 released

watchguard

Note: Fireware v12.1 is now available, see here for details.

Update – 10/11/17 A new build of 12.0.1 (build 546110) has been released for M200 and M300 devices. If you haven’t updated already, maybe wait a week to make sure this build is ok before upgrading. Having a remote Firecluster die on you isn’t fun, as happened with our upgrade to the original 12.0.1 Fireware!

Fireware 12.0.1 builde 546110 M200 M300 issue

Update – 07/11/17 don’t install 12.0.1 on a M200 or M300 Firecluster yet. The download has been temporarily pulled from the WatchGuard website for these products only. 

WatchGuard Fireware v12.0.1 was released on 31 October 2017. This replaces the previous version of 12.0.0.

Full release notes can be found here. Please read them before upgrading! Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading. Continue reading