Dan Franciscus

Using Wireshark to Sniff an SMB transmission

by File in: How-To

Have you ever wondered what is happening under the hood when connecting to a Windows share?  There is one easy way to find out. Use a packet sniffer such as Wireshark. What is Wireshark? Wireshark is a simple to install and easy to use packet capturing tool that is supported on both Windows and Linux. […]

How to Configure IPSec on Windows

by File in: How-To

There are many applications which will implement authentication and encryption of network traffic through a separate third party program. However, the Microsoft operating system can also implement this natively through the configuration of IPSEC. In this article we will look at what IPSEC is and a simple example of implementation.   What is IPSEC? Internet Protocol […]

How to Use the Microsoft Anti-Malware Script Interface

by File in: Script

Hackers are increasing the malware attacks executed in memory. One of the main execution methodologies for in memory attacks is to execute a script directly without ever writing to disk.  Traditional anti-virus works by comparing signatures to files on disk. But what do we do when the executing code never touches the disk? Or worse, […]

Defending Against Remote Desktop Protocol Attacks

by File in: Windows

As of Feb 5, 2019, shodan.io shows a total of 2,430,941 computers connected to the internet by way of remote desktop. Out of these, 507,957 belong to computers in the United States. This voluminous number of servers and workstations, depicted in the figure below, are increasingly subject to cyber-attacks. Since 2016, attacks against the remote […]