April 2022
Office 365 outbound spam filter
Microsoft has decided to turn on outbound spam filtering on all new accounts logon as an admingo here https://security.microsoft.com/antispamby default the Anti-spam outbound Policy is set to Default-M$ Controlled aka DON’T FORWARD. Setting this to ON will allow creating email groups that forward to outside contacts.
Rogue DHCP fix
DHCP (Dynamic Host Configuration Protocol) when a device is connected to a network, it shouts for an IP address. the DHCP server answers with an unused IP address, default gateway and DNS servers. Ideally. Problems happen when someone non-technical plugs in a wireless gateway and it responds with IPs and DGW that DON’T get to …
Fortigate Cloud Management
Manage your Fortigate devices at forticloud.com New Firewalls come with an 8 character code physically on a sticker Add existing firewalls to Cloud Mgt interface thusly https://community.fortinet.com/t5/FortiGate/Technical-Tip-Add-FortiGate-device-to-FortiCloud-account-without/ta-p/191123
Update Stand-alone VmWare ESXi
Step1:download patch, Ignore patches < 1 month old, patches are cumulativehttps://customerconnect.vmware.com/patchESXi (not ESX), enter the major build and click searchbeside the patch name click View Detailssearch for “Image Profile Name”record the first item ending in -standard Step2:From ESXi web interface, logon as rootrecord current host version and build # If the host uptime is longer …
Active Directory Clear AdminCount
PingCastle or another Domain health/security tool may tell you that an account isn’t administrator but it has the adminCount set to a number larger than 0. here is how to fix that. Why do we care? this was to have a record of any process that sets itself to administrator, does it’s bad stuff, then …
Exchange Onsite Removal
I encountered this while running PingCastle and cleaning up domain Company had Exchange Onsite then moved to Exchange365 PingCastle reports vulnerable schema class msExchStorageGroup/PossSuperiorComputer logon with a user that is a member of SchemaAdmins. Remember they need to be a member before logging in, the user gets their ticket when logging in. run this super-secret …