Overcoming Issues Installing Azure Active Directory Connect

27th of November, 2018 / / No Comments

AzureADConnect

Having recently gone through the process of implementing a custom AADConnect staging installation for a large enterprise customer with more than 30,000 users, with a view to it serving as a fall back to an existing production AADConnect installation.

The requirement being to setup an Azure virtual machine running Windows 2016 Datacentre, AADConnect and SQL Server Standard 2017 (locally installed). Rather than SQL Express which comes by default but suffers limitations which preclude its use in large environments.… [Keep reading] “Overcoming Issues Installing Azure Active Directory Connect”

Protect Your Business and Users from Email Phishing in a Few Simple Steps

1st of August, 2017 / / No Comments

The goal of email phishing attacks is obtain personal or sensitive information from a victim such as credit card, passwords or username data, for malicious purposes. That is to say trick a victim into performing an unwitting action aimed at stealing sensitive information from them. This form of attack is generally conducted by means of spoofed emails or instant messaging communications which try to deceive their target as to the nature of the sender and purpose of the email they’ve received.… [Keep reading] “Protect Your Business and Users from Email Phishing in a Few Simple Steps”

Social Engineering Is A Threat To Your Organisation

12th of July, 2017 / / No Comments

social_engineering
Of the many attacks, hacks and exploits perpetrated against organisations. One of the most common vulnerabilities businesses face and need to guard against is the result of the general goodness or weakness, depending on how you choose to look at it, of our human natures exploited through means of social engineering.
Social engineering is a very common problem in cyber security. It consists of the simple act of getting an individual to unwittingly perform an unsanctioned or undersirable action under false pretenses.… [Keep reading] “Social Engineering Is A Threat To Your Organisation”

Cloud Security Research: Cross-Cloud Adversary Analytics

12th of July, 2017 / / No Comments

Newly published research from security firm Rapid7 is painting a worrying picture of hackers and malicious actors increasingly looking for new vectors against organizations with resources hosted in public cloud infrastructure environments.
Some highlights of Rapid7’s report:

  • The six cloud providers in our study make up nearly 15% of available IPv4 addresses on the internet.
  • 22% of Softlayer nodes expose database services (MySQL & SQL Server) directly to the internet.
  • Web services are prolific, with 53-80% of nodes in each provider exposing some type of web service.
[Keep reading] “Cloud Security Research: Cross-Cloud Adversary Analytics”

Security Vulnerability Revealed in Azure Active Directory Connect

10th of July, 2017 / / No Comments

Microsoft ADFS
The existence of a new and potentially serious privilege escalation and password reset vulnerability in Azure Active Directory Connect (AADC) was recently made public by Microsoft.
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-whatis
Fixing the problem can be achieved by means of an upgrade to the latest available release of AADC 1.1.553.0.
https://www.microsoft.com/en-us/download/details.aspx?id=47594
The Microsoft security advisory qualifies the issue as important and was published on Technet under reference number 4033453:
https://technet.microsoft.com/library/security/4033453.aspx#ID0EN
Azure Active Directory Connect as we know takes care of all operations related to the synchronization of identity information between on-premises environments and Active Directory Federation Services (ADFS) in the cloud.… [Keep reading] “Security Vulnerability Revealed in Azure Active Directory Connect”

Ubuntu security hardening for the cloud.

Hardening Ubuntu Server Security For Use in the Cloud

26th of October, 2016 / / 1 Comment

The following describes a few simple means of improving Ubuntu Server security for use in the cloud. Many of the optimizations discussed below apply equally to other Linux based distribution although the commands and settings will vary somewhat.

Azure cloud specific recommendations

  1. Use private key and certificate based SSH authentication exclusively and never use passwords.
  2. Never employ common usernames such as root , admin or administrator.
  3. Change the default public SSH port away from 22.
[Keep reading] “Hardening Ubuntu Server Security For Use in the Cloud”

Are There Sufficient Standards in Cloud Computing Today?

26th of October, 2016 / / No Comments

The hybrid cloud may be a hot topic with adoption growing faster than ever but should we be concerned about a lack of established standards?

What is the Hybrid Cloud?

Private clouds, whether owned or leased, generally consist of closed IT infrastructures accessible only to a business which then makes available resources to it’s own internal customers. Private clouds are often home to core applications where control is essential to the business, they can also offer economies of scales where companies can afford larger, long term investments and have the ability to either run these environments themselves or pay for a managed service.… [Keep reading] “Are There Sufficient Standards in Cloud Computing Today?”

cloudready

Run Chromium OS without having to buy a Chromebook thanks to CloudReady

19th of October, 2016 / / No Comments

Thanks to the good folks at Neverware, you can now run Google’s cloud centric OS on a wider range of hardware than just Chromebooks alone. To enable this, what Neverware have done is repackage Google’s Chromium operating system.  This OS is at the core of it’s range of branded laptops, and is now made available to all.

The differences
Where Google build and maintain open source versions of Android and Chromium, their real value proposition is to add proprietary features onto both before selling them on branded devices.… [Keep reading] “Run Chromium OS without having to buy a Chromebook thanks to CloudReady”

How to make a copy of a virtual machine running Windows in Azure

How to make a copy of a virtual machine running Windows in Azure

6th of October, 2016 / / No Comments

I was called upon recently to help a customer create copies of some of their Windows virtual machines. The idea was to quickly deploy copies of these hosts at any time as opposed to using a system image or point in time copy.
The following PowerShell will therefore allow you to make a copy or clone of a Windows virtual machine using a copy of it’s disks in Azure Resource Manager mode.

Create a new virtual machine from a copy of the disks of another

Having finalized the configuration of the source virtual machine the steps required are as follows.… [Keep reading] “How to make a copy of a virtual machine running Windows in Azure”

Enterprise Cloud Take Up Accelerating Rapidly According to New Study By McKinsey

19th of September, 2016 / / No Comments

A pair of studies published a few days ago by global management consulting firm McKinsey & Company entitled IT as a service: From build to consume show enterprise adoption of Infrastructure as a Service (IaaS) services accelerating increasingly rapidly over the next two years into 2018.
Of the two, one examined the on-going migrations of 50 global businesses. The other saw a large number of CIOs, from small businesses up to Fortune 100 companies, interviewed on the progress of their transitions and the results speak for themselves.… [Keep reading] “Enterprise Cloud Take Up Accelerating Rapidly According to New Study By McKinsey”