1

How To Use Nslookup To Check DMARC Record

Check DMARC Using NSLookup

One of my customers wanted to verify their Domain Based Message Reporting Conformance (DMARC) record, and followed the post How To Use Nslookup To Check DNS TXT Record but ran into issues. They were not seeing any results.  Hmm strange; the DMARC record had been created and was visible in online diagnostic tools.  Why was it not showing up for them in a manual check?

The below is an example of what… Read the rest “How To Use Nslookup To Check DMARC Record”

4

Exchange 2019 CU12 Released

Exchange 2019 CU12 Released

Exchange 2019 CU12 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site!  Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously.    CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU12 Released”

0

Exchange 2016 CU23 Released

Exchange 2016 CU23 Released

Exchange 2016 CU23 has been released to the Microsoft download centre!  Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously.    CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 h… Read the rest “Exchange 2016 CU23 Released”

0

Microsoft Defender for Office 365 Blog Compiled links

Microsoft Defender for Office 365 Blog Compiled links

Below are a series of links to the main Microsoft Defender for Office 365 blog.  Shortcuts added here as this is one of my shared bookmarks.

Note that some links have KQL queries and IOCs related to that specific attack.

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

12-July-2022

 

 

Evolved phishing: Device registration trick adds to phis

Read the rest “Microsoft Defender for Office 365 Blog Compiled links”
0

Microsoft Teams Source IP Address Used Connecting to On-Premises Exchange

Teams IP Addresses Connecting to Exchange On-Premises

Planning to deploy Office 365 and integrate with your on-premises Exchange infrastructure?  Great!  While running the Exchange Hybrid Configuration Wizard (HCW) will be one of the highlights it should be a boring and uneventful portion of the project.  That will be true if all of the required planning, remediation and preparation was done.  If not you’ll be finding out about those issues pretty so… Read the rest “Microsoft Teams Source IP Address Used Connecting to On-Premises Exchange”

0

Move FSMO Roles Using PowerShell

PowerShell FSMO Role

Rather than kicking it old school and using the classic tools such as AD Users & Computers (dsa.msc) to move FSMO roles, PowerShell makes it nice and easy to get this done rapidly.

In this example we are moving the roles gracefully, but there is also the -Force option.

 

State Of The Nation

To start with, let's confirm where the FSMO roles currently reside:

Using PowerShell To Check FSMO Role Holders

Note that server DC-1.wingtiptoys.ca… Read the rest “Move FSMO Roles Using PowerShell”

0

The Way Things Were–EOP IP Ranges October 2018

EOP IP Ranges From 2018

When discussing network configuration for Office 365, there will be a series of issues and challenges that need to be addressed.  Ideally this is all done in a proactive manner, with the final items addressed in the POC phase.

One of the cornerstone issues is around how access to and from Office 365 will be managed.  This has to address end user access from workstations and publishing your on-premi… Read the rest “The Way Things Were–EOP IP Ranges October 2018”

0

Remote Desktop Connection Manager Download (RDCMan) 2.90

RDCMan 2.90

Welcome to 2022 and a new release of Remote Desktop Connection Manager (RDCMan) version 2.90!

The Sysinternals blog lists the following changes to RDCMan which are well worth reviewing from a security standpoint.

Receives support for Restricted Admin (/restrictedAdmin from mstsc) and Remote Credential Guard (/remoteGuard from mstsc) and bug fixes.

RDCMan Version 2.90

Below you can see the Security Settings tab with these… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.90”

1

Office 365 Autodiscover Lookup Process–Revisited

Previously we looked at the Office 2010 client and how it used Autodiscover to detect Exchange Online (EXO) mailbox settings.  Outlook 2010 is no longer supported, so it is worth updating these notes for a current build of Outlook.

As with the previous post, this is intended as a point in time reference as I personally find it handy as an ongoing reference.  In the updated example below a fully patc… Read the rest “Office 365 Autodiscover Lookup Process–Revisited”

0

Change Certificate Friendly Name To Unique Value

Imagine that you have two certificates installed, but for whatever reason the same friendly name was used for both of them.  You can certainly identity each of them by comparing the valid from/valid to dates or the thumbprint.  That adds just a little extra overhead that you may not want to deal with.

As an alternative, you can modify the friendly name  to a more suitable value.  This allows you to… Read the rest “Change Certificate Friendly Name To Unique Value”