How can I find out which Active Directory groups I’m a member of?

The ability to administer and maintain up-to-date user lists and groups is critical to the security of an organization. There are a number of different ways to determine which groups a user belongs to. First, you can take the GUI approach: Go to “Active Directory Users and Computers”. Click on “Users” or the folder that…

DisneyTicketBook_wbelf

Authentication Lessons From the Magic Kingdom: A Closer Look at Kerberos, Part II

Let’s continue our journey into the Magic Kingdom as a way to explore Kerberos. Sure the comparison doesn’t completely track, but it’s close and easy enough to grasp that I think you won’t mind missing—trust me on this—the standard Kerberos protocol diagrams. Back to Disney World: you’re now in the park with your passport booklet…

800px-Syringe_and_hypodermic

Top Five Most Dangerous Software Errors

Over the years, Mitre, the MIT research group, has been analyzing software bugs and missteps that hackers have been able to exploit. Their Common Vulnerabilities and Exposures (CVE) classifications are something of a de-facto standard used for describing the root software causes in an attack.  Working with SANS, the Mitre CVE team has come up…

Magic_Kingdom_2

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers is not futile. An advanced civilization, MIT researchers in the 1980s to be exact, developed open-source Kerberos authentication software, which has stood the test of…

hidden - keys-partial

Deadly credential vulnerabilities found in mobile apps

I’m beginning to be known around here as the bearer of bad news on authentication hacks. Unfortunately, I have more to share. In June, researchers at Columbia University announced they discovered secret login keys hidden in thousands of Google Play apps. Left by developers to access their own cloud-based accounts—on Facebook, AWS, Twitter, and other…

21 Free Tools Every SysAdmin Should Know

Check out our favorite free sysadmin tools that we use to help us work faster and be more awesome. At Varonis we’re always looking for productivity hacks—whether it be keyboard shortcuts or meditation techniques.  Last week, a bunch of us got together and shared our favorite free sysadmin tools—ones we love and use all time….

Varonis SysAdminDayContest Blog

Varonis #SysAdmin Day Twitter Photo Contest – Deadline Extended!

As a Sys Admin you’re your company’s IT hero – putting out fires day in and day out. Well here’s your chance to take a break, and maybe win something for your effort. Keep reading… In honor of the 15th Annual SysAdmin Day on July 25th Varonis invites you to tweet us your best photo,…

Top Minds in Online Privacy

Top 8 Minds in Online Privacy

1. Alessandro Acquisti @ssnstudy Acquisti is a professor of computer science at Carnegie-Mellon University, and is also a researcher at Cylab, a data security research center at CMU. He’s best known for an experiment in which he photographed random students on the Mellon campus and used off-the-shelf facial recognition software to match against head shots…

NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…

rename domain active directory

Risks of Renaming Your Domain in Active Directory

As a sysadmin, there might be moments where you’ll find the need to change, merge, or rename your domain. There are many reasons why you might need to do this, for instance: an organizational restructuring, merger, buyout or expansion. Keep in mind that a rename is not designed to accommodate forest mergers or the movement…