So you’re a fully signed up ‘tin foil hatter’ and you have an old app that communicates over the internet but doesn’t use SSL?
Not to worry, there is a solution for you and its called stunnel.
Stunnel is available for both Linux and Windows, and simply put creates an SSL tunnel from one machine or server to another.
So why use stunnel? Well stunnel…
… provides an extra layer of security to an internet based application.
… secures data previously transmitted in plain text.
… protects your exploitable services by hiding them behind stunnel.
So what else can it be used for? Well…
… you could use it to fool certain websites into thinking you are in a different location.
… it can be used as a simple ‘bouncer’ for pretty much anything!
You can never have too many logs, said the tree surgeon to the forest. We all know the importance of reviewing the event logs, not only for troubleshooting current issues, but to predict future ones. There are plenty of paid enterprise solutions for this, but let’s take a look at some free options.
Mr Roboto’s Event monitor
This tool will allow you to monitor windows machines live, using a default polling time of 5 seconds. You can choose from the usual event viewer categories and as an additional bonus DNS / FRS / DS are also included. Once you have selected the categories you’d like to monitor, you can then select the log type, error, warning, information, audit success and audit failure.
In the server box, type the hostname or IP of the machines you would like to monitor, separated by a comma.
This is a handy tool if you’re keeping an eye out for a specific entry, or a server that is playing up.
This is a question I’ve seen pop up a lot which can be achieved multiple ways. If you are looking for a fully fledged signature manager I would recommend something like CodeTwo’s ExchangeRules, you can trial this without paying if you don’t mind an advert being appended to your email, otherwise their prices are pretty reasonable.
Anyway, today we will look at the free way! There are 3 parts to achieving the goal.
1. VBS script to generate signature
This creates a
very simple signature which pulls attributes from active directory.
Set objUser = CreateObject(“WScript.Network”)
userName = objUser.UserName
domainName = objUser.UserDomain
FUNCTION GetUserDN(BYVAL UN, BYVAL DN)
Set ObjTrans = CreateObject(“NameTranslate”)
objTrans.init 1, DN
objTrans.set 3, DN & “\” & UN
strUserDN = objTrans.Get(1)
GetUserDN = strUserDN
I’ve used these in the past when merging file shares from multiple sites to a single site.
Three sites, each with the same folder hierarchy (A-Z).
Each office generally dealt with separate clients but there were still duplicates to be found. To save manually auditing 100s of folders, I used a combination of a simple dir command and the PHP scripts below.
To output all folders I used: dir /s /AD /b > textfile.txt on each file server. This gave me 3 text files to compare. Using the PHP script to compare these files displayed all of the duplicates, from here I could manually sort out any duplicates before merging the 3 file shares.