Implementing Microsoft RDP Two-Factor

 

Wordmark-Duo

If your like me, chances are you have a server environment at home for testing and for learning.  I have a physic dedicated server at my house running Server 2012 and hosting a Hyper-V environment.  The server, for the most part, is headless, no keyboard, mouse or monitor hooked to it normally.   Remote Desktop is essential to being able to manage the server.  Since much of my testing and tinkering is done from outside of my home network, I reluctantly have the RDP service open to the outside world.  Granted, I have changed the default port and I use a Yubikey to input my super-long password to access the server, there was still something about having it accessible from online that left me uneasy.

Last year at GrrCON InfoSec conference, I spoke with a couple of people at the Duo Security booth about their two-factor authentication system, as two-factor was something that was peaking my interest at the time.  They seemed to have a solid system, but unfortunately it wasn’t until just last week that the company pop’d back up on my radar, after seeing them as a sponsor for GrrCON again this year.

I signed up for an account at their website, duosecurity.com, which was quick, easy, and free.  After signing up, I looked through their list of services, two of them caught my eye, Microsoft RDP and WordPress.
[Read More]

Project JeePi – Raspberry Pi Car Computer!

I spend a lot of time in the my Jeep (2004 Grand Cherokee) and I normally either listen to NPR, Podcasts or Pandora while driving.  I wanted a way to interface Pandora directly to my Jeep without spending a bunch of money.  After researching I devised a plan that would get me what I wanted for about $200, a fraction of the $400+ dollar units.

I already had a Raspberry Pi Computer [LINK] laying around, 512mb model and it was already housed in the perfect case, an indestructible Cool Trays Aluminum Case [LINK].  The RPi is a $35 dollar computer with 512mb of RAM and an ARM Processor, prefect for projects like this!
[READ MORE]

IMG_20130429_171052

Microsoft Windows 8 [Update] & Server 2012

So it’s been a couple of solid months of using the retail version of Microsoft Windows 8 and in my last review I bashed it pretty hard. I have still been using an “after-market” start menu, different from mentioned before. Pokki Menu [Link] is now my weapon of choice.  I still use the “Modern” menu on an extremely limited basis, but I have hooked up a 2nd monitor, a 20″ LCD, to accompany my 30″ Dell LCD, and having that for the menu makes it more useful, however I am still seeking a solution to make the menu always open on the 2nd monitor and stay open, suggestions?  Windows 8 seems quick and performance wise, I am extremely happy.  At this point, I would say, if your still running Windows 7 and contemplating upgrading, do it, get used to it, I don’t think the new UI is going anywhere soon.

A few Windows 8 Keyboard Shortcuts I find extremely useful:

WIN+X: Opens the “Advanced” System Menu
WIN+C: Opens the “Charms” menu – Essential on Windows 8
WIN+D: Opens the “Desktop View”
WIN+R: Opens a “Run” dialog

I have “upgraded” my server hardware as well.  I was running a Dell PowerEdge 2850 Rackmount server and loved it, the downside was, the CPUs didn’t support virtualization.  I decided to utilize some hardware I had around the house, namely an AMD X4 and hard-drives and buy a new motherboard and load it up on RAM and NICs.  Currently the server is sitting with 16GB of memory, but I plan on filling the other 2 slots with another 16GB in the very near future.

Software wise, I am running Windows Server 2012 Core on it and couldn’t be happier.  In it’s current state I am able to spin up 6 Hyper-V Virtual Machines on it with little effort.  Management of all the VMs are made simple by the amazing new Server Manager included in Server 2012, one centralized point to manage servers and the roles and features installed.

RunAsAdmin Tool

RunAsAdmin is an application to help adhere to the best practice of least privileges.  It creates an .exe that the user can double click and it will execute a program with elevated privileges.  Users must be in a local group in order to execute the process.

RunAsAdmin Tool

 

Why Microsoft, Why? Windows 8 (Part 1)

I decided to start a sort of a mini-series on my blog exploring some rather interesting and sometimes downright annoying aspects of my Windows 8 experience.

Here is a short list of aspects that I found to be counter productive in my venture:

  • Metro Modern/Non-Modern Default App Confusion. Meaning, I have had both the Chrome Modern and IE Modern application get… confused, when trying to open the “default” browser when a link is clicked. There doesn’t appear to be any indication if the link will open in the Modern window or the Non-ModernDesktop window… Which causes me to have two browser windows opened with different tabs…
  • Start menu takes up entire screen… okay, this is a given, and I’m starting to get a used to it, but its still distracting to hit the start button and the entire window gets engulfed.  I did however find a nifty little app that will actually restore the start-menu. There are actually a couple of options, one of which is Stardock’s Start8 [LINK] but that carries a $10 price tag.  I happen to find Lee Soft’s ViStart [LINK] which is free and does a great job at emulating the start menu.

  • “Mouse Gestures”. Tasks like opening the side or bottom menus in Metro apps require you to “swipe” your mouse from side to side, or top to bottom, its kinda annoying.
  • One cool feature is to be able to “snap” apps to the left or right side of the screen, restoring some of the multitasking capabilities to  the OS.  However, some “Modern” apps, (like Skype), are completely useless when snapped.   As you can see by the screenshot below, the Skype app turns into a Skype banner ad that takes up 1/6th of my screen when I snap it to the side, but if I am in a conversation it will show the chat.  Give me my contacts, or anything, is that rocket science?

Overall, I think Microsoft was way to focused on unifying their OS and forgot about the traditional hardware (Laptop/Desktop) users when they came up with the concept of the “Modern” Metro layout. The requirement of having multiple “styles” of apps (I.E. Chrome and “Modernized” Chrome) and the fact that “Modernized” apps take up the entire screen set computing back 20 years and eliminates the ability to quickly multitask via multiple windows… I can no longer have a “Skype” window open and just sitting in the background visible while I browse the web, its counter-intuitive. Just my .02′

Write-Host “Post-Breech Exercise”

Ever wanted to go through a “simulated” post-data breech to see how well you would be able to handle it? MiSec has posted the files from the Network Forensic Challenge from this year’s GrrCON. It’s also a great crash course on the Volatility memory dump tool and how to use to it help identify the type of attack and the malicious means used to compromise the system.  You can find the Live Distro iso and the files HERE.  The “solution” can be found HERE.