Office 365 – Security (Part 1)

Have you setup MS Office 365? Did you start with security in mind?

Have you reviewed your Security and privacy settings? Nothing is configured out of the box. When implementing o365, start treating the platform as if you were securing your On-Prem infrastructure.

Start with the basics:

  • Password Policies
  • Privacy Statements

Can you add additional security to users?

Have you enabled and enrolled users to use MFA? Is it Enfored MFA?

Has access been restricted?

https://docs.microsoft.com/en-us/sharepoint/control-access-based-on-network-location

Mobile Device Management, are you applying any controls to apps accessing OneDrive?

Has logging been enabled for the Office 365 Security and Compliance reports and stats

Azure Administrator – Tasks and Guides

Your one stop shop for the Azure Administrator resource pool of tasks.

Task

Set the tenant, subscription, and environment for cmdlets to use in the current session.

Plan virtual networks

Configure Azure Multi-Factor Authentication settings

Create DNS records in a custom domain for a web app

Add your custom domain name using the Azure Active Directory portal

Create a route-based VPN gateway using the Azure portal

Connect virtual networks with virtual network peering using the Azure portal

Troubleshoot password hash synchronization with Azure AD Connect sync

Manage device identities using the Azure portal

How to manage the local administrators group on Azure AD joined devices

Azure Load Balancer For RDP

Create a virtual network (classic) with multiple subnets

Point-to-Site VPN routing

Back-end health and diagnostic logs for Application Gateway

All things Azure and Sysadmin stuff

Ping sweep script test

POWERSHELL
import-CSV "" | 
foreach 
{ 
$result = Test-Connection -ComputerName 
$_.Name -Count 1 -Quiet $_.name, $result -join ',' | out-file "c:\scripts\PingSweep\computer_results.txt" -Append 
}       


COMMAND /BATCH SCRIPT
Create list of computers to ping Comupters.txt 

Create batch file pingsweep.bat  

for /f %%s in (computer.txt) do (ping -n 1 %%s) open  cmd pingsweep.bat >> PINGSWEEPQUOTES.TXT 


Please test all scripts in a lab environment. We have no liability for any issues caused.


If you would prefer a more advanced script in PowerShell, check out this  example of a ping script in PowerShell written by Jamie Crookes "Ping utility function/module for PowerShell" can be found here http://www.powerscript.net/handy-ping-utility-function/

PowerShell : Get COMPUTER objects of a specific group ( this example gets the properties “description” of each object )

# Get COMPUTER objects of a specific group ( this example gets the properties “description” of each object ) 
# List in a table format Name and Computer Description Properties

Get-AdGroupMember GROUPNAME | ForEach-Object {
$Computer = ($_.Name)
foreach ($c in $Computer) {
Get-ADComputer $c -Properties Description | ft name, description
}
}

# Expected Output
#Name Descriptions
#----- -------------
#Computername Computer Description
#Computername Computer Description
#Computername Computer Description

List Computers in Specific OU which are Enabled and Output to CSV

# Out puts computer accounts including status Enabled True or False
# Targets a specific OU
# Lists computer names

# OU Variable to set
$OU_HotWiredUK_location = “OU=Computers,OU=HotWiredHQ,OU=UK,DC=test,DC=com”

# Out put CSV to c:\scripts\…
Get-ADComputer -Properties * -Filter * -SearchBase $OU_HotWiredUK_location | Select Enabled, Name, DistinguishedName | export-csv C:\Scripts\OU_HotWiredUK_location.csv

Files Older Than 3 Months Combined Total File Size

A requirement to identify the total file size of all files not used in the last 3 months.

This was the solution

#Run as administrator
#You need to have permission of the files or folders 

$date = (Get-Date).AddMonths(-3)

dir C:\temp -Recurse | ?{$_.lastwritetime -lt $date -and !$_.PsIsContainer} | Measure-Object -Property Length -Sum

# oneliner

dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

 

# resulting data will be in bytes. To convert them to gigabytes, you may do this:

$files = dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

($files.sum / 1gb).ToString(“F02”)

# F02 determines how much digits will appears after comma. In my case – 2 digits.

 

dir C:\temp -Recurse | ?{$_.psiscontainer} | %{

    Write-Host current folder is $_.fullname;

    dir $_.fullname | measure-object -property Length -sum -ErrorAction SilentlyContinue

} >c:\temp\file sizes

Credit to the  Original post script this is based on

vSphere ESXi 6.7 Unable to talk between subnets between hosts

Configuration was :

ESXi 6.7 – vSphere handling all the port groups tagged with VLANs

Firewall – CISCO ASA

 

Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error

Error on the Firewall when capturing ping traffic “No source port  on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”

 

Solution

Sometimes its the simple tick box on the Firewall / ASA config

“Enable traffic between two or more interfaces which are configured with the same security levels”

All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.

Secured By miniOrange