Mike Danseglio – Interface Technical Training https://www.interfacett.com Wed, 21 Jun 2017 19:26:18 +0000 en-US hourly 1 How Hackers Hack Your Assets – A Security Training Video for Everyone https://www.interfacett.com/blogs/hackers-hack-assets-security-training-video-everyone/ https://www.interfacett.com/blogs/hackers-hack-assets-security-training-video-everyone/#respond Thu, 25 May 2017 18:59:50 +0000 https://www.interfacett.com/?post_type=infct_blogpost&p=11457 In this training video, IT Security Instructor Mike Danseglio presents the philosophy and processes hackers engage in when trying to hack your information and assets. Interface Technical Training offers IT Security Certification Training classes. Our courses are available in class or online with our virtual instructor-led training product RemoteLive™. CompTIA Security + SEC155: CompTIA Security+ Skills … Continue reading How Hackers Hack Your Assets – A Security Training Video for Everyone

The post How Hackers Hack Your Assets – A Security Training Video for Everyone appeared first on Interface Technical Training.

]]>


In this training video, IT Security Instructor Mike Danseglio presents the philosophy and processes hackers engage in when trying to hack your information and assets.


Interface Technical Training offers IT Security Certification Training classes. Our courses are available in class or online with our virtual instructor-led training product RemoteLive™.


While this presentation is intended for System Administrators and those who defend assets, it’s really valuable for anyone who needs to understand how to protect and defend information.

Mike discusses the hacker’s attack methodology. From Setting Objectives, Recon, Exploitation and their need to hide what they’ve done.

Hacker Philosophy:

It’s important for those who need to protect their assets to understand the Hacker’s philosophy. There are three primary tenants to a hacker’s philosophy.

  1. Attackers do not typically attack strong points, they usually go after the weakest parts in an information system.
  2. Most attackers see defenses as obstacles or challenges.
  3. Once inside, attackers usually leave the door open to get back into your systems.

In this video, Mike presents an actual example of a successful malware attack and how the hackers where able to infiltrate a large consumer company.

Hacker Methodology:

Hackers usually have a well-established approach for attacking systems.

Their methodology begins by Setting Objectives. They evaluate what they want and why they want it.

Before a hacker begins to exploit information and assets, they will engage in a recon process to determine what systems (hardware and software) they will be working with. Only after they’ve gathered enough data to determine how they will attack then they will start the exploitation process of hacking information.

Throughout this entire process, hackers will hide what they are doing to avoid detection.

By learning how and why hackers attack, you’ll learn what steps you can take to help protect your information and simple solutions to further secure your environment.

IT Professionals who are involved with defending their information and environments can benefit by using security models such as the Defense In-Depth Model which addresses security processes of behavioral, physical and external and internal network security vulnerabilities in your environment.

Mike informs you that it’s not always about having the best firewalls to help defend your data. Simple vulnerabilities such as non-patched applications and data exchanges can be the weakest link in your environment which can be an easy entry point for a hacker. Mike also presents the simple mistakes we do in our physical environment that can open the door for hackers such as keeping our login and passwords visible in our workspace. IT Professionals can also utilize the Triad or Security – Usability – Cost Effectiveness when determining how to build and maintain their security implementation efforts.

Finally, you will learn about the Three Solution Pillars model of Security. This includes People, Process and Technology. When defenders are engaged in protecting information and assets, they begin with teaching people how to behave in a more secure way. Then the defender can evaluate the process of day-to-day security such as how they onboard new systems and patch existing ones.

For more information on IT Security, see our Tech Blogs and Training Schedule.

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post How Hackers Hack Your Assets – A Security Training Video for Everyone appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/hackers-hack-assets-security-training-video-everyone/feed/ 0
Installing Synaptic Package Manager in Kali Linux https://www.interfacett.com/blogs/installing-synaptic-package-manager-in-kali-linux/ https://www.interfacett.com/blogs/installing-synaptic-package-manager-in-kali-linux/#comments Tue, 08 Nov 2016 20:06:24 +0000 http://www.interfacett.com/blogs/?p=?p=22953 Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project. A great benefit of using Kali comes from the larger Linux community. Open source repositories are … Continue reading Installing Synaptic Package Manager in Kali Linux

The post Installing Synaptic Package Manager in Kali Linux appeared first on Interface Technical Training.

]]>
Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project.

A great benefit of using Kali comes from the larger Linux community. Open source repositories are common and can deliver virtually any kind of software you might want. You just need to know where to look, and hopefully the name of the package that you want.

One package that I install on every Kali installation is Synaptic Package Manager. It is a GUI-based utility that lets me search for packages across a variety of repositories and install them with two clicks. Synaptic is a mainstay of many Linux distributions because it is simple to use and provides a usable front-end while leveraging the existing Linux package framework. A less recognized benefit is that Synaptic automatically filters out packages that will not run on the current system due to architecture differences, system requirements, and so on. What’s not to love about that?

To install Synaptic Package Manager on Kali Linux, first open a Terminal window.

If you’re not logged in as root type su to become root. You can also preface the next statement with sudo for the same effect.

Next run apt-get update to update the package list.

Then the important bit, run apt-get install synaptic.

001-Installing-Synaptic-Package-Manager-in-Kali-Linux

Press Y and the installation begins. Once the installation is complete you’ll see the terminal prompt.

002-Installing-Synaptic-Package-Manager-in-Kali-Linux

Once installation is complete you can find LibreOffice on the Applications menu or on the quick launch bar.

003-quick-launch-Synaptic-Package-Manager-in-Kali-Linux

When you fire up Synaptic it will take a moment to scan the repositories and packages. Finally, the main Synaptic window appears.

004-quick-launch-Synaptic-Package-Manager-in-Kali-Linux

Notice that there are more than 48000 available packages in the list. That’s why I have rarely been unable to locate a package that meets my needs. I recommend that you click the Search button on the toolbar instead of navigating the menus. It will save you a lot of scrolling time and let you get back to hacking faster.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post Installing Synaptic Package Manager in Kali Linux appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/installing-synaptic-package-manager-in-kali-linux/feed/ 5
Enabling BitLocker Drive Encryption Without a TPM in Windows 10 https://www.interfacett.com/blogs/enabling-bitlocker-drive-encryption-without-a-tpm-in-windows-10/ https://www.interfacett.com/blogs/enabling-bitlocker-drive-encryption-without-a-tpm-in-windows-10/#respond Wed, 06 Jul 2016 19:39:59 +0000 http://www.interfacett.com/blogs/?p=?p=23140 Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements. BitLocker Drive Encryption isn’t new to Windows 10. Encrypting files in Windows goes all the way back to the Encrypting File System (EFS) in Windows 2000. BitLocker … Continue reading Enabling BitLocker Drive Encryption Without a TPM in Windows 10

The post Enabling BitLocker Drive Encryption Without a TPM in Windows 10 appeared first on Interface Technical Training.

]]>
Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements.

BitLocker Drive Encryption isn’t new to Windows 10. Encrypting files in Windows goes all the way back to the Encrypting File System (EFS) in Windows 2000. BitLocker was first shipped as part of the Operating System Who Must Not Be Named (the predecessor of Windows 7). BitLocker has always provided a great level of data confidentiality by encrypting an entire logical drive, not just files.

All modern encryption uses a key, and BitLocker is no different. The best practice is to store the BitLocker key in a Trusted Platform Module (TPM), which is a secure system component that protects cryptographic keys and prevents tampering and unauthorized access. When an attacker tries to steal or modify keys protected by a TPM, the TPM either destroys itself, wipes its own memory, or reduces functionality in a recovery mode. This is normally how BitLocker is deployed, with keys stored in the TPM.

If you are using a Professional or Enterprise version of Windows 10 you can enable BitLocker through BitLocker Drive Encryption applet in Control Panel.

001-enabling-BitLocker-drive-encryption-in-Windows-10-without-TPM

You can see that my C: drive is not currently encrypted. I have the option of turning it on by clicking Turn on BitLocker.

My computer doesn’t have a TPM for BitLocker to use. The default system policy does not permit BitLocker keys on USB removable storage. So I get this error:

002-error-enabling-BitLocker-drive-encryption-in-Windows-10-without-TPM

If you can’t see the image, the error is:

  • This device can’t use a Trusted Platform Module. Your administrator must set the “Allow BitLocker without a compatible TPM” option in the “Require additional authentication at startup” policy for OS volumes.

When a TPM is not available BitLocker can still work. Removable storage, typically a USB memory stick, must be provided for the key. BitLocker will create the key and store it on the USB stick. From that point on, the USB stick must be inserted whenever Windows 10 starts.

To enable these options, you must configure the policy. In a domain-joined computer, you will typically do that through Group Policy. In this article I’m illustrating how to do it on a standalone system.

To enable BitLocker on a system with a TPM by storing the key on a removable USB stick, follow these steps:

Press Windows + R to bring up the Run dialog, type gpedit.msc and press Enter. This launches the Local Group Policy Editor.

Navigate to Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption \ Operating System Drives

003-gpedit-msc-BitLocker-drive-encryption-in-Windows-10-without-TPM

Double-click Require additional authentication at startup. This lets you set the configuration for using removable memory or TPM with BitLocker.

004-require-additional-authentication-at-startupgpedit-msc-BitLocker-drive-encryption-in-Windows-10-without-TPM

Click Enable to access the other options. Rather than paraphrasing, here’s the full description for these options:

This policy setting allows you to configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLocker with or without a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.

Note: Only one of the additional authentication options can be required at startup, otherwise a policy error occurs.

If you want to use BitLocker on a computer without a TPM, select the “Allow BitLocker without a compatible TPM” check box. In this mode either a password or a USB drive is required for start-up. When using a startup key, the key information used to encrypt the drive is stored on the USB drive, creating a USB key. When the USB key is inserted the access to the drive is authenticated and the drive is accessible. If the USB key is lost or unavailable or if you have forgotten the password then you will need to use one of the BitLocker recovery options to access the drive.

On a computer with a compatible TPM, four types of authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can use only the TPM for authentication, or it can also require insertion of a USB flash drive containing a startup key, the entry of a 4-digit to 20-digit personal identification number (PIN), or both.

If you enable this policy setting, users can configure advanced startup options in the BitLocker setup wizard.

If you disable or do not configure this policy setting, users can configure only basic options on computers with a TPM.

Note: If you want to require the use of a startup PIN and a USB flash drive, you must configure BitLocker settings using the command-line tool manage-bde instead of the BitLocker Drive Encryption setup wizard

That’s the hard part. Notice that the last note specifies that you’ll need to use manage-bde.exe at a command-prompt to turn on BitLocker. So that step is slightly harder than using the Control Panel wizard. But you should only need to do it once. I will cover using manage-bde.exe to enable BitLocker in a different article.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post Enabling BitLocker Drive Encryption Without a TPM in Windows 10 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/enabling-bitlocker-drive-encryption-without-a-tpm-in-windows-10/feed/ 0
How to Span Two Monitors with One Background Image in Windows 10 https://www.interfacett.com/blogs/how-to-span-two-monitors-with-one-background-image-in-windows-10/ https://www.interfacett.com/blogs/how-to-span-two-monitors-with-one-background-image-in-windows-10/#respond Fri, 20 May 2016 20:12:52 +0000 http://www.interfacett.com/blogs/?p=?p=22916 Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements. It’s even got some nice user interface improvements, one of which I want to describe in this article. Many people use two (or more) monitors. I love … Continue reading How to Span Two Monitors with One Background Image in Windows 10

The post How to Span Two Monitors with One Background Image in Windows 10 appeared first on Interface Technical Training.

]]>
Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements. It’s even got some nice user interface improvements, one of which I want to describe in this article.

Many people use two (or more) monitors. I love having two monitors, it really helps improve productivity when I’m writing, researching, or editing content. One source of frustration has been the desktop background image. I prefer to have one background image that spans both monitors, but some versions of Windows have not supported this configuration.

Luckily Windows 10 has built-in support for using a single background image across multiple monitors. There are a couple of tricks that make it look great. Here’s how I recommend that you do it:

First, I figure out my cumulative monitor resolution. For example, I have two 1920×1080 monitors sitting side-by-side, so I add the width of the monitors together but use the height of one.

001-windows-10-display-panel

This makes my cumulative resolution 3840×1080.

Next, I point my browser at images.google.com. You’ve probably heard of Google before.

I search for the background theme I’m interested in. For example, I searched for dragons.

002-windows-10-display-panel

Lots of dragons to choose from! But I want dragon that will look great across two monitors. So I click Size and then click Exactly.

003-windows-10-display-panel

This lets me type in my resolution. I use the cumulative resolution from earlier of 3840×1080. Now Google Images narrows my choices to dragon themed images that are exactly the right size for my background.

004-windows-10-display-panel

Next I save the image to a local folder. It doesn’t really matter which folder.

Then I launch the Settings app and click Personalization. For Background I choose Picture and then click Browse. I browse to my awesome dragon picture and click OK.

Finally, under Choose a fit, I click Span. This is the important detail. Span looks amazing if the picture is exactly the right size so there’s no cropping or scaling (get it?! Dragons, scaling?!?!)

That’s all it takes! I hope you enjoy this feature.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post How to Span Two Monitors with One Background Image in Windows 10 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/how-to-span-two-monitors-with-one-background-image-in-windows-10/feed/ 0
Installing Every Possible Penetration Testing Tool in Kali Linux https://www.interfacett.com/blogs/installing-every-possible-penetration-testing-tool-in-kali-linux/ https://www.interfacett.com/blogs/installing-every-possible-penetration-testing-tool-in-kali-linux/#respond Tue, 17 May 2016 21:00:46 +0000 http://www.interfacett.com/blogs/?p=?p=22909 Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project. Kali recently began moving towards a rolling distribution. This allows both the core Debian operating system … Continue reading Installing Every Possible Penetration Testing Tool in Kali Linux

The post Installing Every Possible Penetration Testing Tool in Kali Linux appeared first on Interface Technical Training.

]]>
Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project.

Kali recently began moving towards a rolling distribution. This allows both the core Debian operating system components and the applications to update much more frequently with fewer dependency breaks. This is big deal, both because all future development will be on the rolling distribution and because the current distribution will not be supported after April 15th 2016.

This nearly-constant update rhythm is great for penetration testers. Kali will now have the very latest builds of essential tools like Metasploit, Kismet, and aircrack-ng. It will also get Debian Linux updates more frequently to support newer hardware and integrate bugfixes.

A frequently overlooked detail when installing Kali is that the installation ISO comes with only some of the available penetration testing tools. Kali’s developers and distribution owners make an effort to strike a balance between including all tools by default and the ever-increasing size of the ISO. There are also some tools that won’t work on some systems, like the GPU brute-force cracking tools that only work with specific video cards. In that light, it makes sense to leave some tools out.

What’s great is that installing the full set of tools is very simple. First, open a Terminal window.

If you’re not logged in as root type su to become root. You can also preface the next statement with sudo for the same effect.

Next run apt-get update to update the package list.

001-Possible-Penetration-Testing-Tool-in-Kali-Linux

Now run apt-get install kali-linux-all.

002-Possible-Penetration-Testing-Tool-in-Kali-Linux

This command installs all possible penetration testing tools from the Kali repository. You can see that on my fully updated installation, Kali has 435 extra tools that it can install.

There’s always a downside though. Here, the downside is that much more space will be used. As a reference, my Kali Linux installation now takes up 15.1 GB of space, compared to about 10 GB from a fresh installation. In my opinion this is a worthwhile trade-off, and I always install all tools on my Kali systems.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post Installing Every Possible Penetration Testing Tool in Kali Linux appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/installing-every-possible-penetration-testing-tool-in-kali-linux/feed/ 0
The Importance of Updating Kali Linux Rolling Distribution https://www.interfacett.com/blogs/the-importance-of-updating-kali-linux-rolling-distribution/ https://www.interfacett.com/blogs/the-importance-of-updating-kali-linux-rolling-distribution/#comments Wed, 27 Apr 2016 16:15:24 +0000 http://www.interfacett.com/blogs/?p=?p=22852 Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project. Kali recently began moving towards a rolling distribution. This allows both the core Debian operating system … Continue reading The Importance of Updating Kali Linux Rolling Distribution

The post The Importance of Updating Kali Linux Rolling Distribution appeared first on Interface Technical Training.

]]>
Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project.

Kali recently began moving towards a rolling distribution. This allows both the core Debian operating system components and the applications to update much more frequently with fewer dependency breaks. This is big deal, both because all future development will be on the rolling distribution and because the current distribution will not be supported after April 15th 2016.

This nearly-constant update rhythm is great for penetration testers. Kali will now have the very latest builds of essential tools like Metasploit, Kismet, and aircrack-ng. It will also get Debian Linux updates more frequently to support newer hardware and integrate bugfixes.

There’s always a downside though. Here, the downside is that you need to update Kali more often. As an example, I installed Kali yesterday and immediately ran apt-get update and apt-get dist-upgrade to update the installed components. That’s to be expected, the installation ISO was built weeks ago. What I did not expect was that this morning I also checked for updates. After only one day, here’s what I see:

001-Kali-Linux-Rolling-Distribution

So in less than 24 hours with the default Kali Linux installation I went from fully up-to-date to needing 32 packages.

The benefits of frequent updates outweigh the drawbacks. But you need to ensure that you regularly update Kali. Otherwise you’re missing out on this amazing benefit.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post The Importance of Updating Kali Linux Rolling Distribution appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/the-importance-of-updating-kali-linux-rolling-distribution/feed/ 1
Installing .NET Framework 2.0 3.0 and 3.5 in Windows 10 https://www.interfacett.com/blogs/installing-net-framework-2-0-3-0-and-3-5-in-windows-10/ https://www.interfacett.com/blogs/installing-net-framework-2-0-3-0-and-3-5-in-windows-10/#comments Mon, 11 Apr 2016 22:51:21 +0000 http://www.interfacett.com/blogs/?p=?p=22793 Windows 10 is quite an impressive operating system. It’s fast, it has tons of security improvements, and is usually compatible with older apps. One quirk that I encountered recently was when I went to install mRemoteNG, a remote desktop client application. It requires the .NET Framework to work. That’s fine, because Windows 10 comes preconfigured … Continue reading Installing .NET Framework 2.0 3.0 and 3.5 in Windows 10

The post Installing .NET Framework 2.0 3.0 and 3.5 in Windows 10 appeared first on Interface Technical Training.

]]>
Windows 10 is quite an impressive operating system. It’s fast, it has tons of security improvements, and is usually compatible with older apps.

One quirk that I encountered recently was when I went to install mRemoteNG, a remote desktop client application. It requires the .NET Framework to work. That’s fine, because Windows 10 comes preconfigured with the latest .NET Framework. Right? Wrong.

This particular app requires the older .NET Framework 3.0. Although the newer .NET Frameworks will try to emulate backwards compatibility, and developers can code to allow different versions, mRemoteNG insisted on having its specific version installed.

Luckily Windows 10 has built-in support for this exact scenario. Here is the easy way that I made this app work.

First I downloaded and extracted the app to a new folder. Using the installer would not work with this method, I had to have an extracted app.

Next I just double-clicked the .exe associated with the app. I was presented with this dialog:

001-Installing-NET-Framework-in-Windows-10

Nice! Windows 10 detected that I am launching an app that requires the older version of .NET Framework. And it’s offering to install the proper version for me.

Next I had to exhibit patience. This was a particularly slow download for some reason.

002-downloading-NET-Framework-in-Windows-10

Windows then installed the framework for me…

003-install-NET-Framework-in-Windows-10

 

004-Installing-NET-Framework-in-Windows-10

…and the app fired right up!

005-Installing-NET-Framework-in-Windows-10

That’s all it takes! I hope this app makes it easier for you to run older .NET apps.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post Installing .NET Framework 2.0 3.0 and 3.5 in Windows 10 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/installing-net-framework-2-0-3-0-and-3-5-in-windows-10/feed/ 1
Using MSInfo32 to Check For SLAT Support in Windows 10 https://www.interfacett.com/blogs/using-msinfo32-to-check-for-slat-support-in-windows-10/ https://www.interfacett.com/blogs/using-msinfo32-to-check-for-slat-support-in-windows-10/#respond Mon, 04 Apr 2016 17:51:05 +0000 http://www.interfacett.com/blogs/?p=?p=22779 Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements. It’s even got features that you might not expect to find, like Hyper-V. For instructor-led Windows 10 training, see our course schedule. Windows 10 now runs a … Continue reading Using MSInfo32 to Check For SLAT Support in Windows 10

The post Using MSInfo32 to Check For SLAT Support in Windows 10 appeared first on Interface Technical Training.

]]>
Windows 10 is quite an impressive operating system. It’s fast, it runs all of my old apps (even my retro games!), and it has tons of security improvements. It’s even got features that you might not expect to find, like Hyper-V.

For instructor-led Windows 10 training, see our course schedule.

Windows 10 now runs a full version of Hyper-V. It’s quite a powerful hypervisor implementation that can run a variety of operating systems as virtual machines. I’ve got it running various versions of Kali Linux, Windows Server, and Windows client.

Hyper-V in Windows 10 has a specific hardware requirement. The CPU must support Second Level Address Translation, or SLAT. Most newer Intel i5 and i7 processors support SLAT, but some (notably mobile-optimized processors) don’t. You need to check the system before you can be sure that Hyper-V will work.

One way to check for SLAT support in Windows 10 is to use the built-in MSInfo32 tool. This tool pumps out a ton of data but has one quirk that I need to explain.

Running MSInfo32 is pretty simple:

First, click the Windows flag at the bottom-left of the primary monitor. Or just tap the Windows key. This brings up the new Start menu.

Type msinfo32. You’ll see a System Information icon highlighted. Just press Enter to launch it.

After a moment the System Information tool appears. The information on SLAT and Hyper-V is right there on the first screen, at the very bottom:

01-Using-MSInfo32-to-Check-For-SLAT-Support-in-Windows-10

This is actually my Lenovo X230 laptop. It runs an Intel i7 CPU, and most i7 implementations have full hardware support for Hyper-V. So I can immediately confirm that the system supports SLAT and can run Windows 10 Hyper-V!

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post Using MSInfo32 to Check For SLAT Support in Windows 10 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/using-msinfo32-to-check-for-slat-support-in-windows-10/feed/ 0
How to Create a Bootable USB Windows To Go Installation for Windows 10 https://www.interfacett.com/blogs/how-to-create-a-bootable-usb-windows-to-go-installation-for-windows-10/ https://www.interfacett.com/blogs/how-to-create-a-bootable-usb-windows-to-go-installation-for-windows-10/#comments Mon, 21 Mar 2016 16:11:05 +0000 http://www.interfacett.com/blogs/?p=?p=22751 I am a huge Windows 10 fan. I’ve had great success with deployment and configuration so far. Most of the functionality I want from both Windows 7 and Windows 8.1 is in there, along with lots of new features and improvements. For instructor-led Windows 10 training, see our complete class schedule.  Windows 8 introduced the … Continue reading How to Create a Bootable USB Windows To Go Installation for Windows 10

The post How to Create a Bootable USB Windows To Go Installation for Windows 10 appeared first on Interface Technical Training.

]]>
I am a huge Windows 10 fan. I’ve had great success with deployment and configuration so far. Most of the functionality I want from both Windows 7 and Windows 8.1 is in there, along with lots of new features and improvements.

For instructor-led Windows 10 training, see our complete class schedule

Windows 8 introduced the concept of Windows To Go, a feature that installs and runs the operating system entire on a USB stick. This makes Windows fully portable including configuration, applications, and local storage. It runs super quick and works on most modern PCs. Windows 10 still supports Windows To Go and improves performance even further. I tend to use Windows To Go when I need a portable application installation, especially when travelling.

Here’s how I build my Windows To Go stick with Windows 10.

First, I gather the necessary supplies. These are:

  • A working PC running Windows 7 or later. I build the image from a current PC.
  • A blank USB stick. It must be 8GB or larger, preferably 16GB or larger for local storage, and should be USB 3.
  • The original installation ISO from Microsoft. I use MSDN to download an ISO directly from Microsoft to avoid malware that might be introduced by third parties.
  • Rufus. It’s a fantastic little (< 1MB) utility for formatting and imaging bootable USB sticks. I always grab the most current version directly from the author’s site Rufus- Create bootable USB drives the easy way.

Before mucking with the software I insert the USB stick in the PC and make sure it is recognized. I also remove any other USB or removable media to prevent mishaps.

Next, I fire up Rufus.

001-Bootable-USB-Windows-To-Go-Installation-for-Win-10

Rufus automatically recognizes the USB drive. Then I click the icon to the right of the Create a bootable disk using option. This opens a file browse window. I browse to the Windows 10 ISO that I downloaded from MSDN and click OK.

Most important is that I click the Windows To Go option as shown here.

002-RuFus-Bootable-USB-Windows-To-Go-Installation-for-Win-10

Now all I need to do is click Start. Rufus automatically formats the USB stick as bootable and copies the Windows 10 files into the proper locations.

After about 5 minutes Rufus announces that it’s finished. Now that USB stick can be used as a boot device (on any PC that boots to USB) to run a full copy of Windows 10.

Enjoy!

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post How to Create a Bootable USB Windows To Go Installation for Windows 10 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/how-to-create-a-bootable-usb-windows-to-go-installation-for-windows-10/feed/ 1
CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important https://www.interfacett.com/blogs/cehv9-certified-ethical-hacking-white-hat-vs-black-hat-why-ethical-hacking-is-important/ https://www.interfacett.com/blogs/cehv9-certified-ethical-hacking-white-hat-vs-black-hat-why-ethical-hacking-is-important/#respond Wed, 16 Mar 2016 19:48:21 +0000 http://www.interfacett.com/blogs/?p=?p=22741   Transcription I’m Mike Danseglio, and I’m an instructor here at Interface Technical Training. One of the classes I teach here at Interface is Certified Ethical Hacking CEHv9. I Ethical hacking is a critical skill-set for anybody to have that’s in IT Security. Ethical Hacking is all about learning how hackers attack systems, how they … Continue reading CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

The post CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important appeared first on Interface Technical Training.

]]>

 


Transcription

I’m Mike Danseglio, and I’m an instructor here at Interface Technical Training. One of the classes I teach here at Interface is Certified Ethical Hacking CEHv9. I Ethical hacking is a critical skill-set for anybody to have that’s in IT Security.

Ethical Hacking is all about learning how hackers attack systems, how they look for vulnerabilities, how they examine systems, how they check security, how they use IT techniques and tools that typical IT users would use but in a negative way, in a very bad way, to try to find compromises and vulnerabilities to destroy businesses, extort money, steal, loot, and to do all kinds of very negative, nasty things.

White Hat vs. Black Hat

There’s a differences in the skill-sets here between the IT Professionals that usually Defend systems (White Hat).

They typically understand these are good practices. It’s good to have a firewall in place. It’s good to have a malware scanner in place. It’s good to isolate networks.

That’s not a bad skill-set to have, but a different skill-set is what an Attacker brings to the equation.

The attacker, or (Black Hat), typically brings to the table more of a skill-set of, “I know what the defenders are usually going to do”. They’re usually going to have a firewall. They’re usually going to have malware scanners. What kind of ways can I work around the malware scanners? What different kind of exploits or vulnerabilities can I find in the firewall so that I don’t have to worry about those firewalls stopping my attack? How do I work, how do I get my nefarious negative job, with all of those defenses in place?”

Learning those techniques of the attacker, understanding the “other-side” of IT Security helps enormously to protect a network. Because when you think as an attacker, you think, “I’m setting up this firewall, and it’s this, and it’s that, and the other.” But I wonder how an attacker would look at the firewall. An attacker might use this tool, might use this technique, might probe this way.

While I should have defenses against that, let me find out by banging on the thing, by throwing scanners, Nmap throwing Metasploit at it and other different kinds of spectrum tools, both very focus and very broad at this defense and see, “Does it hold up?” Because this is what an Attacker is going to do.

Not, in theory, theoretically, yes, that firewall should protect against this but in practice, how many times do you try to hack your own firewall to see if you can? That’s what we learned in CEHv9 Certified Ethical Hacking, being able to actually test the defenses with real tools and real techniques that attackers use. That’s the difference between just learning how to protect, and learning how to check the protection, and find the vulnerabilities before an attacker finds them.

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

The post CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/cehv9-certified-ethical-hacking-white-hat-vs-black-hat-why-ethical-hacking-is-important/feed/ 0