Browsed by
Category: Windows

DNS Security – DNSSEC

DNS Security – DNSSEC

Technorati Tags: 70-744 DNSKEY This record stores the public key that is used to crytographically validate signed DNS records. In public key infrastructure (PKI), the DNS server signs the records with its private key, and validates the records’ integrity by using its corresponding public key. Note that in DNSSEC it’s the DNS server that performs the record validation on behalf of DNS clients. Technorati Tags: dnssec RRSIG This record is the digital signature for a particular DNS record. If a…

Read More Read More

Hyper-V Just-Enough-Administration (JEA)

Hyper-V Just-Enough-Administration (JEA)

I decided to write series of articles about Securing Windows Server what I  frequently do. This is first one in this topic. Problem Statement: Company owns virtualization infrastructure with some Virtual Machines. Hyper-V Admins are responsible for overall company virtual machines and have full access to Hyper-V host servers. Together with this admins company has group of other admins that are responsible only for particular Virtual Machines and need control them. In our case this is Monitoring VM. Until JEA…

Read More Read More

Local Admin Password Solution (LAPS) STEP-BY-STEP

Local Admin Password Solution (LAPS) STEP-BY-STEP

Today we will deploy Microsoft LAPS solution to manage local administrator passwords in computers. Its an excellent tool that takes the burden of rotation of local administrator account password or to avoid cases when all workstation have the same password for local administrator account. First we need to download LAPS from the MS download center and install it on Management Computer (Domain Controller). LAPS is installed to “%ProgramFiles%\LAPS”. https://www.microsoft.com/en-us/download/details.aspx?id=46899 For “Managed computers” we can run the installer to install same…

Read More Read More