IT Pro Tuesday #326
Welcome back to IT Pro Tuesday!
In the latest Security Swarm Podcast: “Security of the Windows Boot Process,” we delve into the often-overlooked security of the Windows boot process, revealing how recent leaks have compromised its integrity. These leaks of platform keys, including the infamous “PKFail” incident, have exposed vulnerabilities that threaten the whole system. Discover how these vulnerabilities are being exploited by attackers, the potential risks they pose to your system, and what you can do to safeguard your devices.
We’re looking for favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.
Now on to this week’s list!
A Free Tool
ISIC allows you to test the integrity of IPv4 and IPv6 stacks and their component stacks (TCP, UDP, ICMP et. al.) through the generation of controlled random packets. A nice option for testing IDS systems. Our thanks for the recommendation go to Sagail.
Cheatsheets
Rico’s Cheatsheets offers an impressive collection of searchable cheatsheets that is intended to help developers find whatever they need quickly. Offers resources on command-line coding, keyboard shortcuts, and more—all organized by category, with subsections for simplicity. yehiaserag finds it, “so good if you are jumping into something new.”
A Tutorial
Identify and Remove Inactive Users in Microsoft 365 walks you through how you can use a PowerShell script to clean up inactive users and help improve security for your M365 environment. Explains how the script can generate a list of inactive users, delete them, remove sign-in blocked inactive users, and more. Kindly shared by Clara_jayden.
another free tool
WinSCP is a nice SFTP and FTP client for Windows with a GUI, integrated text editor, scripting, and task automation. It allows you to copy files between a local computer and remote servers via FTP, FTPS, SCP, SFTP, WebDAV or S3 file transfer protocols. A longtime favorite of Pete263.
A Blog
Daniels Networking Blog is the work of senior network architect Daniel Dib, who offers lots of helpful content for those seeking to improve on their networking skills. Offers specific resources on CCIE and CCDE certification topics as well as general engineering and architecture information. clear_byte says, “I like this blog a lot.”
P.S. Bonus Free Tools
Nmap is an open-source utility for network discovery and security auditing. Can be useful for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Uses raw IP packets in novel ways to determine what hosts are available on the network, what services they are offering, what OS versions they are running, what type of packet filters/firewalls are in use and much more. TheDarthSnarf describes it as “awesome, one of my favorite network tools by far.”
dBeaver is a multi-platform database tool that supports all popular databases: MySQL, PostgreSQL, MariaDB, SQLite, Oracle, DB2, SQL Server, Sybase, MS Access, Teradata, Firebird, Derby, etc. jongleurse explains, “It’s on the windows store, so stupid easy to install, and it automatically installs plugins for supported databases. Zero learning curve when compared to other database tools.”