Parsing Windows Firewall Rules

James TaralaScripting, Uncategorized, Windows Auditing

In our last post we discussed how to gather general information about the configuration of a Microsoft Windows Firewall, host based firewall configuration. But what most people are really interested in when doing a firewall audit is how the firewall rules themselves are configured. One of the challenges of auditing a Microsoft Windows Firewall ruleset is how do you parse … Read More

Script for Windows Firewall Baseline

James TaralaBaselining, Windows Auditing

Another baseline an auditor or system administrator might want to consider when assessing their systems is a baseline for the general configuration of the Microsoft Windows Firewall. Many organizations are starting to utilize the built in Microsoft Windows Firewall more and more when protecting even their internal systems. The use of a host based firewall should definitely be on the … Read More

Parsing Active Directory Groups

James TaralaBaselining, Scripting, Windows Auditing

In a previous post we shared a PowerShell script that would allow an auditor to parse a list of groups and group members on a Microsoft Windows system as a part of a security assessment or baselining process. The question has come up though – what if someone wants to follow the same process but parse a list of Active … Read More

Parsing Local Windows Groups

James TaralaBaselining, Scripting, Windows Auditing

One step that has become a staple part of any audit of Microsoft Windows systems is a listing of all the local groups on the system. Listing all the groups on a system with all the members of that group can help establish a baseline for the security configuration of a system. Certainly groups like the local Administrators group is … Read More

Continuous Monitoring with PowerShell

James TaralaWindows Auditing

Welcome back from the holidays! I imagine many of you are just returning from the holidays and are ready get started on those new year’s resolutions. If one of them was to implement continuous monitoring or learn more about scripting, do I have a treat for you! Now that I’m back from some holiday travel myself, I think it’s time … Read More