Tag: powershell

PowerShell Profile

Posted by on August 31, 2018 | No comments

Not a lot of people make use of this fantastic feature of PowerShell.

Did you ever with that when you started PowerShell a bunch of modules were loaded, and some stuff you have to run every time was already run and configured?

This is where the power of the PowerShell profile comes in handy. You can read more about profiles and how to differentiate profiles for users or between PowerShell CLI/ISE here. This information is still reasonably current.

A few months ago, inspired by a conversation on Twitter about profiles, I finally setup a few comment aliases and handy functional shortcuts in my profile.

I’ve since tidied it up and modularised it a fair bit, and decided to release it publicly. This has also been a bit of an experiment with using Git for version control as in years gone by I was a devout user of Subversion. I’ve used git before, but only in terms of Visual Studio, where a lot of it’s functionality is hidden.

So, where can you get your hands on a copy? You can head over to the Github project I’ve created and there are some simple install commands over there if you don’t want to go to the hassle of downloading and extracting a zip file.


Tags: , , , , , , ,

Microsoft Edge taking over default applications

Posted by on July 3, 2017 | No comments

I’ve seen a lot of blogs and articles on Edge repeatedly taking over some default file associations.

“An app cause a problem with the default app setting for .pdf files, so it was reset to Microsoft Edge”

Yeah, thanks for that.

There are no really good ways to disable this. Most of the blogs note that you need to set a couple of registry values on Windows 10 and that stops the problem from re-occurring. The problems I have on an Enterprise Admin level, is that these solutions are very manual (sure a few of them give you some .reg key file you can import) and they make a basic assumption that some of the application versions and AppIDs will never change.

So I’ve written a little bit of PowerShell to get the AppID from the current version(s) of Edge and remove the association.

» Read the full post

Tags: , , , ,

IIS HTTPS Security

Posted by on December 3, 2015 | No comments

Recently I’ve been looking at the security of the internet facing systems at work. It’s amazing how many bits of software by default still ship with massively insecure settings.

One of my main focusses has been IIS, and as such the related software we use that is built on top of IIS – Forefront UAG and Forefront TMG.

There is a fantastic website from Qualys that will scan an HTTPS server, check the certificate and all the various options around ciphers in use and what capabilities are/aren’t available and then give you a score based on current best practices. This is also updated quickly and takes into account things like the Poodle vulnerability.

You can visit their SSLLabs site to check the current status of this site, or check your own.

There are a number of articles on the web (and on SSLLabs above) dealing with disabling SSLv2 and SSLv3, which is great but isn’t actually sufficient, and remembering to set all of these things is quite tedious.

I was pleasantly surprised to discover a fantastic powershell script that sets all of the required registry entries for Windows servers to allow you to score an A rating.

It’s important to point out that all of the latest and greatest security options for HTTPS will actually break backwards compatability with some earlier Android handsets, and (shock!) Internet Explorer 6… I’m not going to cover off any changes required if this is important to you, because it shouldn’t be.

Anyway, hass.de has a fantastic script to fix your Windows server schannel security settings. A reboot is required to take effect.

You can read about their options and download the scripts to get your Windows servers an A rating from https://www.hass.de/content/setup-your-iis-ssl-perfect-forward-secrecy-and-tls-12. They also cover the option you can change if you want to get an A+!

Tags: , , , , , ,

Powered by Wordpress and Stripes Theme Entries (RSS) | Comments (RSS)