InfoSec News & Write-Ups

Implementing Microsoft RDP Two-Factor



If you’re like me, chances are you have a server environment at home for testing and for learning.  I have a physic dedicated server at my house running Server 2012 and hosting a Hyper-V environment.  The server, for the most part, is headless, no keyboard, mouse or monitor hooked to it normally.   Remote Desktop is essential to being able to manage the server.  Since much of my testing and tinkering is done from outside of my home network, I reluctantly have the RDP service open to the outside world.  Granted, I have changed the default port and I use a Yubikey to input my super-long password to access the server, there was still something about having it accessible from online that left me uneasy.

Last year at GrrCON InfoSec conference, I spoke with a couple of people at the Duo Security booth about their two-factor authentication system, as two-factor was something that was peaking my interest at the time.  They seemed to have a solid system, but unfortunately it wasn’t until just last week that the company pop’d back up on my radar, after seeing them as a sponsor for GrrCON again this year.

I signed up for an account at their website,, which was quick, easy, and free.  After signing up, I looked through their list of services, two of them caught my eye, Microsoft RDP and WordPress.
[Read More]

Write-Host “Post-Breech Exercise”

Ever wanted to go through a “simulated” post-data breech to see how well you would be able to handle it? MiSec has posted the files from the Network Forensic Challenge from this year’s GrrCON. It’s also a great crash course on the Volatility memory dump tool and how to use to it help identify the type of attack and the malicious means used to compromise the system.  You can find the Live Distro iso and the files HERE.  The “solution” can be found HERE.