Prevent Specific File Types from Being Saved in Shared Folders in Windows Server 2012
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 29, 2013
- Length of Class: 19:59
- Research Assistance:
Tracks
Prerequisites
- Know how to Share Files and Folders in Windows Server 2012
Purpose of Class
- This class teaches students how to use File Screening Management on Windows Server 2012 to prevent users from saving specific file types.
Class Notes
- File Screening Management allows administrators to determine what types of files can be stored in a Shared Folder
- Administrators can either prevent file types from being saved, or log when a file of a specific type is saved.
- Screening is done based on File Suffix (.doc, .mp3) This means that if a file named MySong.mp3 is renamed to MySong.txt it will bypass screen.
- File Screening is accessed through File Server Resource Manager MMC
- File Groups are used to group file types together
- File Screen Templates – Create the policy for what should be done with File groups
- File Screens associate File Screen Templates to Shared Folders
- File Server Resource Manager is used to administer File Screening management
Corrections
Lab Setup Used in Demonstration
- The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
- Windows Server 2012 Virtual Machine
- AD, DNS, and DHCP
- ETCG.com Domain Created
- Internal Network Connection in VirtualBox
- Windows 8 Virtual Machine
- Member of ETCG.com domain
- Internal Network Connection in VirtualBox
Study Guide
Resources
Setting Disk Space Quotas on Windows Server 2012
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 23, 2013
- Length of Class: 17:47′
- Research Assistance:
Tracks
Prerequisites
- Comfortable working in the Windows Server 2012 Environment
- Be able to Share Folders on Windows Server 2012
Purpose of Class
- This class teaches students how to configure Quotas on Shared Folders in a Windows Server 2012 Environment.
Class Notes
- Configuring Quotas on Shared Folders allows Administrators to manage how much storage Users are allowed to utilize.
- You can configure either Hard or Soft Limits
- Hard Limits means that once the limit has been reached the user will not be able to add any more data
- Soft Limits means that once the Quota has been reached that alerts will be sent, but user will be able to continue adding data.
- You can set Notification Levels to send emails, messages or log entries when specific Quota Thresholds have been met.
- File Server Resource Manager
- To Install MMC
- Server Management – Manage – Add Roles and Features
- Under Server Roles expand File and Storage Services, then expand File and iSCSI Services, then Check File Server Resource Manager
- To Run
- Server Management – Tools – File Server Resource Manager
- Select Quota Management
- Quota Templates allows you to create Reusable Templates
- Quotas allow you to configure Quotas for Shared Folders on the server
- To Install MMC
Corrections
- Note: Email alerts will not be sent unless SMTP Email Services have been setup.
Lab Setup Used in Demonstration
- The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
- Windows Server 2012 Virtual Machine
- AD, DNS, and DHCP
- ETCG.com Domain Created
- Internal Network Connection in VirtualBox
Study Guide
Resources
Setting Up Roaming Profiles in Windows Server 2012
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 22, 2013
- Length of Class: 17:47
- Research Assistance:
Tracks
Prerequisites
- Comfortable working in the Windows Server 2012 Environment
- Be able to create User Accounts
- Be able to Share Folders on Windows Server 2012
Purpose of Class
- This class introduces students to Roaming Profiles in a Windows Server Environment.
Class Notes
- Roaming Profiles allow users to be able to log into different machines and automatically be give their own Profile
- Shared Profile Folder can be on any File Server on the Network, but for small to medium sized environments it is usually on the Domain Controller.
- If network connection is down you will use the cached profile from the last time you logged in.
- Profiles encompass: files, folders, settings. Applications/ Programs must be installed locally on each machine..
- Steps:
- Create a Share on Your Server called PROFILES and share is with Everyone with Read/ Write Permission
- Create New User (If Needed)
- Open User Profile
- Go to Profile Tab
- Type in Profile Path \\SERVERNAME\profile\%username% (Substitute SERVERNAME with your Server’s Name)
- Login to a computer with User Account that will be made Roaming
- Profile in PROFILES folder will be automatically created.
- Caution
- Profile Information gets Cached on Local Machine (Hacking Vector)
- Cached Profiles take up hard drive space
Corrections
Lab Setup Used in Demonstration
- The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
- Windows Server 2012 Virtual Machine
- AD, DNS, and DHCP
- ETCG.com Domain Created
- Internal Network Connection in VirtualBox
- 2 Windows 8 Virtual Machines
- Both machines are members of ETCG.com domain
- Internal Network Connection in VirtualBox
Study Guide
Resources
Introduction to Metasploit for Penetration Testing and Hacking
Info
- Level: Beginner
- Presenter: Eli the Computer Guy
- Date Created: April 19, 2013
- Length of Class: 24:05
- Research Assistance: Nullset Computer Co (http://nullsetcomputerco.com/)
Tracks
Prerequisites
- None
Purpose of Class
- This class gives students an overview as to why Metasploit is an important tool for Penetration Testing and Hacking.
Class Notes
- Metasploit is a Framework vs. being a purpose built application. You can build your own tools using it much like you can build new toys with Legos.
- Versions for Linux and Windows (And of course is included with Backtrack 5)
- Disable AntiVirus and Firewall Software before using Metasploit
- Metasploit Terms
- Exploit – The way an attacker uses a systems vulnerability
- Payload – Code that is going to be run on attacked system
- Shellcode – payload code that provides an attacker with a Shell interface for compromised system
- Module – A “plugin” for Metasploit to perform specific tasks
- Listener – A component that listens for incoming connections
- Interfaces
- MSFconsole – Console environment where you give commands to Metasploit interactively
- MSFcli – Allows you to run Metasploit directly from the command line. This is used to create scripts that call Metasploit to perform specific actions
- Armitage – Free graphical user interface
- Metasploit Express and Pro – Commercial Interfaces that make working with Metasploit more user friendly
- You can store collected data into built in Database
- PostgreSQL Database created during installation
Corrections
Lab Setup Used in Demonstration
- N/A
Study Guides
- Metasploit the Penetration Tester’s Guide (ISBN: 978-1-59327-288-3)
- Pages 7-11, 14, 20-21
Resources
Introduction to Security with Group Policy Objects and Organizational Units in Windows Server 2012
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 17, 2013
- Length of Class: 26:25
- Research Assistance:
Tracks
Prerequisites
- None
Purpose of Class
Class Notes
- Organizational Units are used to Group Users and Computers together so that you can assign Security to them easily
- GPO’s or Group Policy Objects are the actual Security Policies that will be assigned.
- Security and Permissions are different things.
- GPO’s allow you to do things such as restrict the usage of Task Manager from some users regardless of which computer they log into, or to map a specific drive whenever a user logs in.
- Process to Create and Assign GPO’s
- Create an Organizational Unit
- Move User or Computer Into OU
- Create GPO
- Assign OU to GPO
- Steps:
- Group Policy Management
- Right Click “Group Policy Objects” and Select “New”
- Give Name to GPO Click “OK”
- In Right hand Window Right Click new GPO and Select “Edit”
- Edit GPO to your needs
- In Left Pane Right Click your Domain Name and Select “New Organizational Unit”
- Give Name and Click “OK”
- In Left Pane Right Click new Organizational Unit and Select “Link an Existing GPO”
- Select GPO You want to be linked
- Open Active Directory Users and Computers from Server Manager dashboard
- Go to Users Folder
- Right Click the User you want to be controlled by the Organizational Unit and Select “Move”
- Select Organizational Unit from Folder Tree and Click “OK”
- Go to CLIENT Computer (Windows 8,7,Vista)
- Log in as User and GPO should be in Effect (If user is currently logged in, Log them Out and then back in)
Corrections
Lab Setup Used in Demonstration
The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
- VirtualBox
Windows Server 2012 Machine
- Virtual Machine
- AD, DNS and DHCP have been setup
- Domain ETCG.com has been created
- Networking Configuration in VirtualBox = Internal
Windows 8 Machine
- Virtual Machine
- Already a member of the Domain (Etcg.com)
- Networking Configuration in VirtualBox = Internal
Resources
Introduction to File and Share Permissions on Windows Server 2012
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 17, 2013
- Length of Class: 35:11
- Research Assistance:
Tracks
Prerequisites
- Comfortably be able to use Windows Server 2012 and Windows 8.
- Be able to create Users and Groups on Windows Server 2012
Purpose of Class
- This class teaches students about the basic concepts of File and NTFS Permissions in a Windows Server 2012 Environment.
Class Notes
- Permissions and Security are different things
- Permissions allow Users, or Groups access to Resources such as Files, Folders and Printers
- It is best to assign Permissions to Groups and not to Individual Users
- Share and NTFS Permissions are different
- Share Permissions only matter when Resources are being accessed over the network. If a User is Local the Permissions are ignored.
- NTFS Permissions are used whether Resources are access over the Network or Locally.
- Over the Network is there are both Share and NTFS permissions set on a Resource then the Most Restrictive Permission is the one that will be applied.
- In General it is best to set Share Permissions to a resource to Everyone with Full Control, and then use NTFS Permissions to grant or restrict access.
- Share Permissions allow you to access Resource through UNC (Universal naming Convention) \\SERVERNAME\SHARE
- The FAT, FAT 16 and FAT 32 file systems used in Windows 95 and 98 could only use Share Permissions.
- Inheritance means that Permissions set to parent Folders will be inherited by Child Resources
- Log in and Out for New Permissions to be applied
- By Default Creators of Resources are the Owners.
- Resource Owners can set permissions to Resources.
Corrections
Lab Setup Used in Demonstration
The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
Windows Server 2012 Machine
- Virtual Machine
- AD, DNS and DHCP have been setup
- Domain ETCG.com has been created
- Created 2 Users and 2 Groups
- Networking Configuration in VirtualBox = Internal
Windows 8 Machine
- Virtual Machine
- Already a member of the Domain (Etcg.com)
- Networking Configuration in VirtualBox = Internal
Resources
Building a Virtual Computer Lab with VirtualBox for Penetration Testing and Hacking Tests
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 12, 2013
- Length of Class: 58:40
- Research Assistance: Nullset Computer Co (http://nullsetcomputerco.com/)
Tracks
Prerequisites
- None
Purpose of Class
- This class teaches students what is needed to build a Virtual Environment for hacking and Penetration testing
Class Notes
- VirtualBox is owned by Oracle and is Opensource and Free to Use.
- VirtualBox runs on All Major Operating Systems and Can Run All Major Operating Systems other then OSX.
- Install VirtualBox Guest Additions to provide full functionality for your Virtual Machine
- The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
- Creating Virtual Machines
- Minimum RAM – Your Virtual Machines will be under a light load therefore you don’t have to give them a lot of RAM
- Dynamic Allocation Hard Drive Space and Create a 50GB Hard Drive. This will allow the hard Drive to only use the space it needs and dynamically grow to the maximum size you have set.
- Cloning Virtual Machines allows you to create a copy of a Machine before you damage it.
- Sharing Folders between Virtual Machine and Host
- Drag and Drop allows you to drag files from the Host to the Virtual Machine and Vice Versa
- Shared Folders allows you to connect to folders on the Host from the Virtual Machine
- Network Configurations
- NAT – Creates a basic Virtual Network with DHCP and DNS that allows Virtual Machines to connect to the Internet or outside network.
- Bridged – Makes it so that the Virtual Machine appears to be directly connected to the LAN with all functionality as if it is.
- Internal – Allows you to completely segment your Lab Network so that the Virtual Machines cannot connect to the LAN unless a Virtual Router is configured to do so.
- You may create a Virtual Router using an OS such as m0n0wall or Smoothwall and connect multiple network connections to provide more complicated Network layouts.
- Connecting to Optical Drive or ISO File allows you to Boot off of a “LiveCD” for a Virtual Machine.
Corrections
Lab Setup Used in Demonstration
- The ETCG Host Computer Specs are:
- ASUS Model: CM6870US01
- 16 GB of RAM
- 1 TB 7200 RPM Hard Drive
- i7 3.4 GHz Intel Processor
Resources
Introduction to Practical Hacking and Penetration Testing
Info
- Level: Beginner
- Presenter: Eli the Computer Guy
- Date Created: April 9, 2013
- Length of Class: 41:09
Tracks
Prerequisites
- None
Purpose of Class
Class Notes
- The first rule of Hack Club is, “Don’t talk About Hack Club.”
- Legitimate Reasons to Hack Include:
- Regaining Access to Systems that Owners have Locked Themselves Out Of (This happens a derpressing amount of the time)
- Demonstrating Security Vulnerabilities to Owners so that they can make educated decisions about their systems security requirements.
- Playing with your own systems to better learn how they work.
- To perform Hacking you need a solid understanding of TCP/IP Networking and Linux.
- You should be able to comfortably use the Linux CLI and be able to troubleshoot problems.
- You should have a working knowledge of how to administer the types of systems that you will be attacking.
- Hacking Can Violate…
- Terms of Service- Discretion of Service Provider – Can have services terminated
- Civil Law – Preponderance of Evidence – Can be sued for damages
- Criminal Law – Beyond a Reasonable Doubt – Can serve jail time
- Intelligence Services – ??? – Nasty Things can Happen to You…
- If you hack systems that you do not own it is best to consult a lawyer to have a strong contract written so that owners of systems can grant you permission to test their systems.
- “Hacking” systems that you own my violate license agreements
- The Second Rule of Hack Club is, “Don’t Talk About hack Club!”
- Hacking Systems that you are not authorized to access can result numerous felony level criminal charges being leveled against you:
- Aaron Schwartz – Committed Suicide when confronted with up to a 30 year jail term for downloading files
- Eric J. Rosol – Up to $20,000 fine and 5 years in Jail for using LOIC as part of a larger “hacktivist” attack against a website
- Protect Yourself by:
- Do not install “hacking” utilities onto computers that you use for other purposes.
- Use an isolated network and computer to perform hacking tests
- Don’t trust ANYONE… and for the love of all that is geeky DO NOT ASK Random YouTube Personalities how to commit felonies…
- Giving assistance to someone you know is planning to violate the law is a criminal act!
- The Third Rule of hack Club is, “DON’T TALK ABOUT HACK CLUB!!!!”
- Beware of affiliating yourself with any group. Being a “hacker”, and being a “member” of Anonymous are two entirely different things.
Corrections
Lab Setup Used in Demonstration
- None
Resources
Hacking to Harvest User Login Credentials Off of the Network for Web Services Using Subterfuge
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 5, 2012
- Length of Class: 15:07
- Research Assistance: Nullset Computer Co (http://nullsetcomputerco.com/)
Tracks
Prerequisites
- Ability to Administer a Linux System
- Solid Foundation in Networking
Purpose of Class
- This class teaches students how to use Subterfuge to harvest credentials sent in clear text to web services over the LAN.
Class Notes
- Subterfuge is open source software that makes it easy to perform Man in the Middle Attacks
- Subterfuge uses ARP Poisoning
- By default Subterfuge will harvest User Credentials for Web Services that are passed over the network
- Subterfuge runs on Linux (I used Ubuntu for the class)
- To install Subterfuge you must:
- Download files from website
- decompress files
- install Python on computer
- Run Installation Python Script
- Start the Subterfuge Service
- Open Firefox and go to 127.0.0.1
- Click “Start” Icon in upper right hand corner of page.
- Subterfuge can be “quirky”, and can degrade overall network performance.
Resources
Hacking to Acquire Passwords from HTML Forms Password Boxes
Info
- Level: Intermediate
- Presenter: Eli the Computer Guy
- Date Created: April 4, 2013
- Length of Class: 12:58
- Research Assistance: Nullset Computer Co (http://nullsetcomputerco.com/)
Tracks
Prerequisites
- Understand HTML and Web Browsers.
Purpose of Class
- This class teaches students how to display in plain text information in Password Boxes on HTML Forms.
Class Notes
- Use “Inspect Element” tool in any modern web browser to change the Text Box Type from “Password” to “Text”
- Older Web Services stored Password of previously logged in users.
Resources
