Дискусије : Заштита

 Коментар
Nešto o komandama
redorange
(poke, mem, kill)
02. мај 2020. у 00.14
aplikativni sloj -.da, ne, fizicki sloj da - ne... mrezni sloj ne sigurno i aplikativni... netsh ne, ostalo da ipx ne, asp oba ne... znaci, vivaldi beta 3, kmeleon 5.41... kad da kupim misa... dll neki nedostaje. fino leti edge, jeste basic spayware google. vitamin c 15 min jel pa pola dana, ceo? jesi li, topa osecaj? jesam. fight me, coverds.
redorange
(poke, mem, kill)
08. мај 2020. у 18.54
kad vozis bicikl cuvas donja rebra... neke info komande trebaju, neke ne. etoh, napisah neke stvari, pa šta drugo nego uciti, pa i komande čak.
redorange
(poke, mem, kill)
08. мај 2020. у 20.04
kod windowsa 8 je sve 8.1 ili čak sad 2012... 2016 koga briga za njega. novembar, decembar i stizu novi procesori veorovatno. onda kupis amd, hp, hp memorija... običan amd, kingston memorije. izadjes sa minolta ili hyweii fotoaparatom i milina. ako još imaš makro. ili 35-80 ili sličan.
redorange
(poke, mem, kill)
09. мај 2020. у 04.54
dnscmd <servername> /config /enableglobalqueryblocklist
DnsServerResponseRateLimiting

Set-DnsServerRecursionScope -Name . -EnableRecursion $false
Add-DnsServerRecursionScope -Name „InternalCli” -EnableRecursion
$True
Export-DnsServerZone

$dns = get-dnsserver
$dns.ServerSetting.SocketPoolSize
The default size of the DNS socket pool is 2,500.
When you configure the DNS socket pool, you can choose a size value from 0 through 10,000. The larger the
value, the greater the protection you have against DNS spoofing attacks. If the DNS server is running
Windows Server 2016, you can also configure a DNS socket pool exclusion list.
Use the following command to exclude port ranges used by the socket pool:
dnscmd /config /SocketPoolExcludePortRanges <excludedportranges>

dnscmd /config /CacheLockingPercent 50
Configure DNS Logging

Import-Module MIMPAM
$r = Get-PAMRoleForRequest | ? {$_.DisplayName -eq „DNSZoneAdmins”}
New-PAMRequest -role $r
Klist purge

Add-DnsServerForwarder
b. Install-ADDSForest
c. Create DNS delegation automatically
d. Install-ADDSDomainController

DNSSEC: Here you get an overview of DNSSEC and both its possibilities and improvements in Windows
Server 2016. You also learn how to configure DNSSEC through the DNSSEC Zone Signing Wizard and
PowerShell.

Set-DnsServerZoneAging europe.pearson.com -Aging $True
-ScavengeServers 172.16.1.12 -PassThru -Verbose
To change the refresh interval to 1 day for scavenging on a local DNS server, enter the following:
Set-DnsServerScavenging -RefreshInterval 1.00:00:00 -Verbose -PassThru

Add-DnsServerResourceRecord
Get-DnsServerResourceRecord
Remove-DnsServerResourceRecord
Set-DnsServerReso urceRecord

Add-DnsServerResourceRecordCName -Name „testserver” -HostNameAlias
„srv1.lab. pearson.com” -ZoneName „pearson.com

Start-DnsServerZoneTransfer -Name ”eu.pearson.com„ on DNS1
c. Repadmin /replicate DNS2 DNS1 DC=eu,DC=pearson,DC=com

You want to configure selective recursion control on your Windows Server 2016 DNS server in your DMZ
to configure different recursion settings for internal and external clients. Which of the following PowerShell
commands can you use? (Choose three.)
a. Add-DnsServerResourceRecord
b. Set-DnsServerRecursionScope
c. Add-DnsServerRecursionScope
d. Add-DnsServerQueryResolutionPolicy
e. Add-DnsServerClientSubnet

Step 2. In the console tree, double-click the DHCP server you want to configure, right-click IPv4 or IPv6,
and then click Properties.
Step 3. Click DNS, click Advanced, and then check Enable Name Protection

set-dnsserverresponseratelimiting-exceptionlist

set-dnsseerzonetransfer
update-dnsservertrustpoint
ge t-netipinterface
get-netipaddress

route add 10.0.0.0 netmask 255.255.0.0 192.168.1.1 metric 5

Add-DnsServerClientSubnet -Name ”BlockedSubnet„ -IPv4Subnet
172.16.0.0/16
Add-DnsServerQueryResolutionPolicy -Name ”Blackhole Policy„ -Action
IGNORE -ClientSubnet ”EQ, BlockedSubnet„

Add-DnsServerZoneTransferPolicy -Name ”IntTransfer„ -Action IGNORE
-ServerInterfaceIP ”ne,10.0.0.50„ -PassThru -ZoneName ”pearson.com„

Add-DnsServerQueryResolutionPolicy -Name ”BLPol„ -Action IGNORE -FQDN
”EQ, *.baddomain.com„ -PassThru

tep 1. Create the DNS client subnets with PowerShell:
Add-DnsServerClientSubnet -Name ”AmericaSubnet„ -IPv4Subnet
”192.0.0.0/24, 182.0.0.0/24„
Add-DnsServerClientSubnet -Name ”EuropeSubnet„ -IPv4Subnet
”141.1.0.0/24, 151.1.0.0/24„
Step 2. Create the zone scopes with PowerShell:
Add-DnsServerZoneScope -ZoneName ”pearsongiftservices.com„ -Name
”SeattleScope„
Add-DnsServerZoneScope -ZoneName ”pearsongiftservices.com„ -Name
”DublinScope„
Step 3. Add records to the zone scopes with PowerShell:
Add-DnsServerResourceRecord -ZoneName ”pearsongiftservices.com„
-A
-Name ”www„ -IPv4Address ”192.0.0.1„ -ZoneScope ”SeattleScope
Add-DnsServerResourceRecord -ZoneName „pearsongiftservices.com”
-A
-Name „www” -IPv4Address „141.1.0.3” -ZoneScope „DublinScope”
Step 4. Create the DNS Policies with PowerShell:
Add-DnsServerQueryResolutionPolicy -Name „USA6To9Policy” -Action
ALLOW -ClientSubnet „eq,
AmericaSubnet” -ZoneScope „SeattleScope,4; DublinScope,1”
-TimeOfDay „EQ,01:00-04:00”
-ZoneName „pearsongift services.com” -ProcessingOrder 1
Add-DnsServerQueryResolutionPolicy -Name „EU6To9Policy” -Action
ALLOW -ClientSubnet „eq, EuropeSubnet”
-ZoneScope „SeattleZScope,1; DublinScope,4” -TimeOfDay
„EQ,17:00-20:00” -ZoneName „pearsongift services.com”
-ProcessingOrder 2
Add-DnsServerQueryResolutionPolicy -Name „USAPolicy”
-Action ALLOW -ClientSubnet „eq, America Subnet” -ZoneScope
„SeattleScope,1” -ZoneName „pearson giftservices.com”
-ProcessingOrder 3
Add-DnsServerQueryResolutionPolicy -Name „EUPolicy”
-Action ALLOW -ClientSubnet „eq, EuropeSubnet” -ZoneScope
„DublinScope,1” -ZoneName „pearsongiftservices.com”
-ProcessingOrder 4
Add-DnsServerQueryResolutionPolicy -Name „RestOfWorldPolicy”
-Action ALLOW --ZoneScope
„DublinScope, 1; SeattleScope,1” -ZoneName
„pearsongiftservices.com” -ProcessingOrder 5

3. You have a DNS server named DNS1 (10.0.0.10) with an AD-integrated DNS zone for pearson.com, and
you have configured three secondary DNS servers named DNS2 (10.0.0.49), DNS3 (10.0.0.50), and DNS4
(10.0.0.51) as secondary DNS servers. You want to restrict zone transfer from DNS1 only to DNS3 through
DNS server zone transfer policies. Which command can you use?
a. Add-DnsServerZoneTransferPolicy -Name „IntTransfer” -Action IGNORE -
ServerInterfaceIP „ne,10.0.0.10” -PassThru -ZoneName „pearson.com”
b. Add-DnsServerZoneTransferPolicy -Name „IntTransfer” -Action IGNORE -
ServerInterfaceIP „ne,10.0.0.50” -PassThru -ZoneName „pearson.com”
c. Add-DnsServerZoneTransferPolicy -Name „IntTransfer” -Action ALLOW -
ServerInterfaceIP „ne,10.0.0.49” -PassThru -ZoneName „pearson.com”
d. Add-DnsServerZoneTransferPolicy -Name „IntTransfer” -Action ALLOW -
ServerInterfaceIP „ne,10.0.0.51” -PassThru -ZoneName „pearson.com”

Import-DnsServerTrustAnchor
b. Dnscmd /retrieveroottrustanchors
c. Add-DnsServerTrustAnchor -Root
d. Add-DnsServerTrustAnchor -KeyProtocol DNSSEC -CryptoAlgorithm RsaSha256

RRSIG

Get-DnsServerResourceRecord -name CL1 -zonename pearson.com -RRType
RRSIG | FL *

Get-DnsServer ResourceRecord -ZoneName „sec.contoso.com” -RRType
„DNSKEY”
-ComputerName DNS1 | %{ $_.RecordData | Add-DnsServerTrustAnchor
-PassThru -Verbose
-Name „pearson.com”}

Import-DnsServerResourceRecordDS -ZoneName pearson.com -DSSetFile „c:
windowssystem32dnsdsset-corp.pearson.com”
Get-DnsServerResourceRecord -ZoneName pearson.com -RRType DS

QueryType : RRSIG
Key : 53115
TypeCovered : NS
Algorithm : 8
LabelCount : 2
OriginalTtl : 3600
Expiration : 26.11.2016 13:18:00
Signed : 16.11.2016 12:18:00
KeyTag : 53115
Signer : pearson.com
Signature : {123, 110, 37, 254...}
Name : pearson.com
Type : RRSIG
CharacterSet : Unicode
Section : Answer
DataLength : 168
TTL : 3600

DANE support is specified in the Internet Engineering Task Force (IETF) Request For
Comments (RFC) 6394 and 6698

Netsh DHCP Add SecurityGroups
Step 2. Restart the service: Restart-Service DHCPServer
Step 3. Authorize the DHCP server in ADDS: Add-DHCPServerinDC <hostname or IP address>
If you want to manage a remote DHCP server, you must install the Remote Server Administration Tools
(RSAT) component. The following PowerShell command installs the DHCP Manager utility on your system:
Add-WindowsFeature RSAT-DHCP

$DNSDomain=„pearson.com”
$DNSServerIP=„172.16.1.10”
$DHCPServerIP=„172.16.1.10”
$StartRange= „172.16.1.150”
$EndRange=„172.16.1.200”
$Subnet=„255.255.255.0”
$Router=„172.16.1.1”
Install-Windows Feature -Name 'DHCP' -IncludeManagementTools
cmd.exe /c „netsh dhcp add securitygroups”
Restart-service dhcpserver
Add-DhcpServerInDC -DnsName $Env:COMPUTERNAME
Set-ItemProperty -Path registry::HKEY_LOCAL_MACHINESOFTWARE
Microsoft ServerManagerRoles12 -Name ConfigurationState -Value 2
Add-DhcpServerV4Scope -Name „DHCP Scope” -StartRange $StartRange
-EndRange $EndRange -SubnetMask $Subnet
Set-DhcpServerV4OptionValue -DnsDomain $DNSDomain -DnsServer
$DNSServerIP -Router $Router
Set-DhcpServerv4Scope -ScopeId $DHCPServerIP -LeaseDuration
1.00:00:00

netsh dhcp server import
b. netsh dhcp server export
c. Backup-DhcpServer
d. Restore-DhcpServer
e. Remove-Item
f. Stop-Service
redorange
(poke, mem, kill)
09. мај 2020. у 05.00
Another TXT Attack - osnove koje treba znati
 Коментар Запамти ову тему!

Looking for PomPom Keychains?
.