Friday 28 December 2018

Windows 10 unable to access SYSVOL and NETLOGON on 2008 R2 Domain Controllers


I found some help here:
Looks like the SMB security needs to be weakened to allow Windows 10 to access these shares.
Enable the following policy:
  • Computer -> Administrative Templates -> Network -> Network Provider -> Hardened UNC Paths
You can either put the following in "Show Values":
  • \\*\NETLOGON    RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0
  • \\*\SYSVOL    RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0
Or put an entry for each DC:
  • \\DCNAME    RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0

Wednesday 26 December 2018

Linux Mint 19.1 as guest on Virtualbox 60

Same steps as this post, but no need to add repos:
https://blog.thefoleyhouse.co.uk/2018/10/ubuntu-1804-bionic-beaver-as-virtualbox.html

Essentially:

  • sudo apt update
  • sudo apt install virtualbox-guest-utils virtualbox-guest-dkms dkms linux-headers-generic build essential

Monday 3 December 2018

Geo-location with Wireshark and Geolite2

Turns out Wireshark has built in ASN, City and Country geo-location using Geoip products. You can purchase a (presumably) more accurate version, or use the free version from here:
https://dev.maxmind.com/geoip/geoip2/geolite2/

More details on the Wireshark Wiki (GeoIP link appears broken):
https://wiki.wireshark.org/HowToUseGeoIP

You can get endpoint statistics:

And in capture: