FileACL

ein kostenloses tool welches mir eben viel arbeit und zeit gespart hat ist FileACL:

· View ACLs on any NTFS local or remote drive
· Set ACLs on any NTFS local or remote
· View Ownership
· Change Ownership
· Uses Backup and Restore Rights to view/change ACL/ownership on non accessible files/dir
· recurse through files and directories
· [WIN2K] Inheritance auto-propogation aware
· shows RAW SID and/or Access Mask for an ACE
· Apply RAW SID and/or Access Mask (you could put ACL related to non-available domain trustees !)
· Address Deny rights
· Treats ALL inheritance matters of NTFS (unlike Windows NT 4.0 GUI)
· Batch Mode to dump permissions to a file and reapply later (/BATCH)

Windows Server 2003 Remote Desktop Connections remote aktivieren

wem passiert das nicht: man setzt einen neuen 2003er server auf, geht zurück zu seinem arbeitsplatz und will remote weitermachen – doch man hat vergessen, die remote desktop connections zu aktivieren…. ärgerlich.
doch man kann dies auch remote aktivieren – und zwar direkt in der registry unter “HKLM – System – CurrentControlSet – Control – Terminal Server”; einfach den wert “fDenyTSConnection” von 1 auf 0 setzen
ein wenig warten, und schon sollte es funktionieren

es geht auch per script – siehe technet. weitere nützliche beispielscripte gibt es hier.

btw: hier gibts den terminal services advanced client (jetzt teil des administration tool packs)

DHCPing

DHCPing is a lightweight and featureful security tool written in PERL and designed to test the security of various flavors of DHCP implementations around.
It was originaly written to test DLINK small offices/home offices routers but rapidly became a more general tool ready to test even major implementations like ISC. Many options allow DHCPing users to craft malicious DHCP/BOOTP packets “a la HPING”
Also DHCPing offers several embedded macro commands, several sets of predefined attacks directed toward specific vendors vulnerabilities along with a set of generic attacks.

TechNet Virtual Lab

Ever wanted to test Microsoft’s newest software in a sandbox environment? Wouldn’t it be great to be able to test new servers immediately, without formatting hard drives or dedicating one or more computers to the project? Now you can, with the TechNet Virtual Lab.

folgende labs stehen zur verfügung:

  • Desktop Deployment
  • SQL Server
  • Exchange
  • ISA
  • Microsoft Identity Integration Server (MIIS) 2003
  • Microsoft Operations Manager (MOM) 2005
  • Microsoft Systems Management Server (SMS) 2003
  • Security
  • Windows Server 2003
  • SetACL

    xcacls, cacls, showacl, showaccs, subinacl oder perms sind ganz nette tools; und für kleine sachen durchaus ausreichend. doch ein wirklich brauchbares tool ist SetACL – verfügbar als command line version bzw auch als activex control zum einbinden in z.b. vb

    unter anderem können folgende objekte verwaltet werden:

  • Files and directories on NTFS volumes
  • Registry keys (but not values)
  • Network shares
  • Printers
  • Services
  • Active Directory objects
  • Processes
  • der command line syntax ist – aufgrund des mächtigen funktionsumfanges klarerweise – heftig, aber die hilfe ist leicht verständlich. die administration durch dieses tool war noch nie so einfach…

    PasswordUpdater.exe

    das MOM 2005 Resource Kit beinhaltet ein sehr praktisches tools namens “PasswordUpdater.exe”
    mithilfe dieses tools kann man nach einer passwortänderung eines ad user-accounts diese änderung auf x servern bei folgendem nachziehen:
    – Windows Services (Account Name)
    – COM+ Applications (Identity)
    – Task Scheduler (Run As)
    – AT (Service Account)
    – VDirs in IIS (Anonymous User & UNC User)

    HowTo: Build a Complete Citrix MetaFrame Lab with VMware Workstation

    Most IT Professionals agree that having a lab for proper testing and staging is crucial to a stable, successful Citrix environment. However, some may argue that labs are complicated, costly and seemingly unjustified. Although these may seem like valid points, the risk of having your production environment come crashing down due to an untested patch or software upgrade proves that it’s well worth the time and cost of setting up a lab.

    A lab is a great tool to have at your disposal. You can use it to test a new software release or security patch or possibly a new printer driver that a client is requesting. Perhaps you just want an environment where you can learn more about the inner workings of Citrix, Web Interface or Secure Gateway. If you’ll be faced with upgrading your production environment to MetaFrame Presentation Server 3.0, it’s best to do a “dry run” in a lab before victimizing your production environment and possibly causing serious downtime.

    Many times, people don’t build labs because there is no spare hardware, no space available, or simply no time to commit to assembling a lab. However, with the advent of server virtualization, building a lab can be accomplished with significantly less hardware and in a much shorter amount of time.

    hier gibts den ganzen spannenden artikel: brianmadden