Configure SSHD for Security

The Secure Shell daemon should be hardened to prevent unauthorized access before being put into production.

Verify that /etc/ssh/sshd_config contains the following lines and that they are not commented out.

  • Protocol 2
  • IgnoreRhosts yes
  • HostbasedAuthentication no
  • PermitRootLogin no
  • Banner /etc/issue (See banner example below)
  • PermitEmptyPasswords no
  • AllowTcpForwarding no (unless needed)
  • X11Forwarding no
  • AllowUsers <username1> <username2> (Optional)
  • DenyUsers <username1> <username2> (Optional) Continue reading “Configure SSHD for Security”

Javascript and CSS to Show and Hide Div

I wanted a way to show and hide div elements in a web page by clicking on other elements. Initially I wanted to do it with CSS only and avoid using javascript, but I just couldn’t find an easy way to do it.

The code bellow will create a series of radio buttons that correspond to different Windows operating systems. When a radio button is clicked the “showhide()” function is called. The function will hide all the div elements and then show just the div element that was selected with the button click. If a different radio button is clicked the “showhide()” function is called again which hides all the elements and shows the new element that was selected. Continue reading “Javascript and CSS to Show and Hide Div”

Reset Secure Channel

Problems with a host’s secure channel can be responsible for a number of authentication issues.

Each host that is joined to Active Directory maintains a local secret, or password, that is created by the client and stored in Active Directory. The client will initiate a password change every 30 days by default. Active Directory will store the current password as well as the previous password in the computer object for the joined host. Each time the client creates a new password, it creates the new password locally and stores it in the registry and then attempts to update the password in Active Directory. If the Active Directory password update is unsuccessful, the client keeps the newly created password and continues to attempt updating the Active Directory password. Continue reading “Reset Secure Channel”

PowerShell to Create Multiple Hyper-V VMs

I’ve created the exact same lab a dozen times with the same three Linux hosts. It’s time to automate the process with a script. The scripts assume that the virtual switches are already created, although their creation or a check to verify their existence could easily be added.

The first host, RT-ISP-01, is a router that has one interface on the connected to the “External” switch for access to the Internet and an interface on the “Network A” and “Network B” private switches. The other two hosts, SVR-A-01 and SVR-B-01, are attached to the “Network A” and “Network B” respectively.

Each host gets 512MB of RAM and a single 40GB hard drive.

The initial setup of these Linux hosts require that legacy interfaces are used at first. The script removes the default interface and adds the appropriate legacy interfaces.

Each host has its DVD drive configured to contain the Linux install ISO so that it is ready to go when the host is started. Continue reading “PowerShell to Create Multiple Hyper-V VMs”