I hereby claim:
- I am romelsan on github.
- I am romel (https://keybase.io/romel) on keybase.
- I have a public key ASD7DbdEmxcIYcbwCQna5T58VtETEYd9ZAOfxzVwhvXeSAo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
# SMB Security v0.3 | |
# By Romel Vera (https://www.github.com/RomelSan) | |
# Enforce SMB v3 basic security | |
# License: MIT | |
# Build: December 8, 2017 | |
# Check SMB Server Configuration: | |
Get-SmbServerConfiguration | | |
select EnableSMB1Protocol, EnableSMB2Protocol, EncryptData, RejectUnencryptedAccess, RequireSecuritySignature |
# SMB Check v0.3 | |
# By Romel Vera (https://www.github.com/RomelSan) | |
# This tool checks and enforces SMB v3 basic security | |
# License: MIT | |
# Build: December 8, 2017 | |
#=========================================================================== | |
# Check Admin | |
#=========================================================================== | |
function Test-IsAdmin { |
#------------------------------------------------------------------------------------- | |
# Create Self signed root certificate | |
# -dnsname -DnsName domain.example.com,anothersubdomain.example.com | |
# -Subject "CN=Patti Fuller,OU=UserAccounts,DC=corp,DC=contoso,DC=com" | |
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature ` | |
-Subject "CN=P2SRootCert" ` | |
-KeyExportPolicy Exportable ` | |
-HashAlgorithm sha256 -KeyLength 4096 ` | |
-CertStoreLocation "Cert:\CurrentUser\My" ` | |
-KeyUsageProperty Sign ` |
* start the SSH service with systemctl | |
sudo systemctl enable ssh | |
sudo systemctl start ssh | |
sudo systemctl restart sshd | |
* Allow Or Deny SSH Access To A Particular User Or Group In Linux | |
sudo nano /etc/ssh/sshd_config | |
* Add or edit the following line: |
<NotepadPlus> | |
<UserLang name="RouterOS" ext="rsc" udlVersion="2.1"> | |
<Settings> | |
<Global caseIgnored="yes" allowFoldOfComments="no" foldCompact="no" forcePureLC="0" decimalSeparator="0" /> | |
<Prefix Keywords1="no" Keywords2="no" Keywords3="yes" Keywords4="no" Keywords5="no" Keywords6="no" Keywords7="no" Keywords8="no" /> | |
</Settings> | |
<KeywordLists> | |
<Keywords name="Comments">00# 01 02 03 04</Keywords> | |
<Keywords name="Numbers, prefix1"></Keywords> | |
<Keywords name="Numbers, prefix2"></Keywords> |
# Mikrotik Personal Queue Tree based on Priority for devices | |
# Mark in Mangle (Global Internet, Devices Download, Devices Upload) | |
/ip firewall mangle | |
add action=mark-connection chain=prerouting comment="Internet Download" in-interface=ether10-Internet new-connection-mark=Internet_conn passthrough=yes | |
add action=mark-packet chain=prerouting connection-mark=Internet_conn new-packet-mark=Internet passthrough=no | |
add action=mark-connection chain=forward comment="Main Camera Download" dst-address=192.168.0.10 new-connection-mark=Camera_Conn_FW packet-mark=Internet passthrough=yes | |
add action=mark-packet chain=forward connection-mark=Camera_Conn_FW new-packet-mark="Camera_Download" passthrough=no |
# Minimum size of USB stick 6GB | |
# Set here the path of your ISO file | |
$iso = 'C:\Users\localuser\Downloads\en_win10.iso' | |
# Clean ! will clear any plugged-in USB stick!! | |
Get-Disk | Where BusType -eq 'USB' | | |
Clear-Disk -RemoveData -Confirm:$true -PassThru | |
# Convert GPT |
# List privileged services that don't come with Windows 10 | |
# Exclusion List for Win10 built in | |
$exclusion = @('AppVClient', 'ClickToRunSvc', 'COMSysApp', 'diagnosticshub.standardcollector.service', | |
'msiserver', 'ose', 'perceptionsimulation', 'SecurityHealthService', 'Sense', | |
'SensorDataService', 'SgrmBroker', 'Spooler', 'ssh-agent', 'TieringEngineService', | |
'TrustedInstaller', 'UevAgentService', 'vds', 'VSS', 'wbengine', 'WinDefend', 'wmiApSrv', | |
'WSearch', 'SamSs') | |
# Get Service List with LocalSystem and Startmode Auto and does not contain svchost.exe (Also exclude the ones from the list) |