EX413 prep: my cheat sheet
I used Sander van Vugt's EX413/LPI3 video training to prep for my EX413 exam and expanded upon all that information by performing additional research. All in all, I've spent roughly sixty hours over...
View ArticleEX413: it's been one heck of a ride!
2017-11-02: Updates can be found at the bottom. Five weeks ago, I started a big challenge: pass the RedHat EX413 "certificate of excellence" in Linux server hardening. I've spent roughly sixty hours...
View ArticlePasswordState, Active Directory and Sudo: oh my!
Recently I've gone over a number of options of connecting a Linux environment in an existing Active Directory domain. I won't go into the customer's specifics, but after considering Winbind, SSSD, old...
View ArticleBack in the saddle:CompTIA PenTest+
It's been a few months since I last took a certification exam: I closed last year with a speed-run of RedHat's EX413, which was a thrill. Since then, I've taken some time off: got into Civ6, read a few...
View ArticleClik here to view.
Cincero CTF036 - 2018 edition
Image credits go to Cincero, who took photos all day. Another year, another CTF036! No longer under the Ultimum flag, but this time organised by Cincero / Secured by Design. Same awesome people,...
View ArticleCompTIA PenTest+ experience
I've taken the day off, despite things being quite busy at the office, to have a little fun. Specifically, I've just arrived back home after sitting the CompTIA PenTest+ Beta exam. Taking an exam for...
View ArticleMicrosoft OCSP Responders, nShield HSMs and vagueries
Over the past few months I've built a few PKI environments, all based on Microsoft's ADCS. One of the services I've rolled out is the Microsoft OCSP Responder Array: a group of servers working together...
View ArticleMatching Windows certificates to nShield protected keys (kmdata)
Over the past few weeks I've had a nagging question: Windows certutil / certlm.msc has an overview of the active certificates and key pairs for a computer system, but when your keys are protected by an...
View ArticleInventory of certificates, private keys and nShield HSM kmdata files
Building on my previous Thales nShield HSM blog post, here's a nice improvement. If you make an array with (FQDN) hostnames of HSM-clients you can run the following Powershell script on your RFS-box to...
View ArticleClik here to view.
Handy tool to troubleshoot your Microsoft ADCS PKI
It has been little over a year now since I started at $CLIENT. I've learned so many new things in those twelve months, it's almost mindboggling. Here's how I described it to an acquaintance recently:...
View ArticleKeywords for this week: Windows, Linux, PKI and DAMTA
It's gonna be a busy week! Most importantly, I'll be taking CQure's "DAMTA" training: Defense Against Modern Targeted Attacks. Basically, an introduction to threat hunting and improved Blue Teaming....
View ArticleSynology vagueries: slow transfers, 100% volume util, very high load average,...
I've been a very happy user of Synology systems for quite a few years now. The past few weeks I've ran into quite some performance issues though, so I decided to get to the bottom of it. Symptoms: CPU...
View ArticleCFR-310 beta exam experience
I guess I've found a new hobby: taking beta-versions of cybersec certification exams. :) Three months ago I took the CompTIA Pentest+ beta and not half an hour ago I finished the CertNexus CFR-310...
View ArticleClik here to view.
Passed the PenTest+ beta exam!
A bit over three months ago, I took part in CompTIA's beta version of the PenTest+ exam. It was a fun and learning experience and despite having some experience, I didn't expect to pass. Turns out, I...
View ArticleAnother quarter, another beta
I took the CompTIA Linux+ beta (XK1-004) today and I wasn't very impressed... It's "ok". I have no recent experience with LPIC or with the previous version of Linux+, only with LPIC from ten years ago....
View ArticleQuery ADCS (Active Directory Certificate Services) for certificate details
I think Microsoft's ADCS is quite a nice platform to work with, as far as PKI systems go. I've heard people say that it's one of the nicest out there, but given its spartan interface that kind of makes...
View ArticleKerberos authentication in MongoDB, with Active Directory
I've been studying MongoDB recently, through the excellent Mongo University. I can heartily recommend their online courses! While not entirely self-paced, they allow you enough flexibility to finish...
View ArticleCertificate life-cycle management with ADCS
Following up on my previous post on querying ADCS with certutil, I spent an hour digging around ADCS some more with a colleague. We were looking for ways to make our lives easier when performing...
View ArticleClik here to view.
I got accepted as SANS Facilitator!
The excitement is palpable! A number of past colleagues waxed lyrically about SANS trainings: in-depth, high-tech, wizardry, grueling pace and super-hard work! And at the same time one heck of a lot...
View ArticleClik here to view.
Expanding my homelab
For the past X years, I've ran my homelab on my Macbook Air. I've always been impressed with how much you can get away with, on this light portable, sporting an i5 and 8GB of RAM. It'll run two...
View Article