Windows Server Backup Functions Windows Server Backup (WSB) is a feature native to Windows Server that has the purpose to creating and recovering backups for servers. WSB provides several configuration on backups such as its location, schedules and the items that will be backed up. Particularly, you can customize what kind of data that will… Continue reading Backup and Recovery
Category: Security
Data Encryption
BitLocker Functions Essentially, BitLocker is a built-in feature in several Windows operating system that helps encrypt drives. The minimum requirements for enabling BitLocker on a computer is to have at least two partition and a TPM (Trusted Platform Module). The one other partition is for the one that will be encrypted by BitLocker. TPM is… Continue reading Data Encryption
Implementing DNSSEC
In the practice labs, we utilize a DNS zone with DNSSEC in the main server which also serves as the AD. As like a real world scheme, there would be other servers which considered a non-authoritative server that will hold DNSSEC keys provided by the main server. This is where the concept of trust anchor… Continue reading Implementing DNSSEC
Implementing a Network Policy Server
In the lab, to establish a secure VPN connection for clients, a RADIUS server is created to authenticate users that are connecting remotely. Therefore, in Windows Server 2016, Network Policy Server has the purpose of implementing a RADIUS server. Authentication Method A RADIUS server by itself is an authentication protocol that uses a shared secret… Continue reading Implementing a Network Policy Server
Wi-Fi Access Point Security
Security Access Management Security has to be applied to all access point in any kinds of school, large or small to make sure that the school only give access to people who are authorised to access the school information. For authentication, there are 2 approaches which are through user or device authentication. Device authentication provides… Continue reading Wi-Fi Access Point Security
Firewall Rule Based Management
Small Web Hosting Company Study Case Windows 2016 Web Server Public/Private IP 103.28.251.162/192.168.0.1 Windows 2016 Server Public/Private IP 103.28.250.99/192.168.0.2 Web Server Firewall Configurations HTTP : HTTP uses port 80 for communications. Thus port 80 has to be open. From the firewall settings, the World Wide Web Services (HTTP) should be on so it can respond for… Continue reading Firewall Rule Based Management
NAT and OpenSSH
NAT Firewall NAT stands for Network Address Translation which is a process of providing access of private network computers using a public IP to connect to the internet. The main idea of NAT is to assign private IPs in the network so that it would use the NAT for any communications to the internet. This… Continue reading NAT and OpenSSH
Managing Certificates
AD Certificate Services and CA Web Enrollment Active Directory Certificate Services equips a server with the ability to establish and manage certificate authority (CA) and certificates. Depends on what services will be installed in a server, AD certificate services also provides enrollment services to help the interaction between clients and CA regarding certificates. One of… Continue reading Managing Certificates
Understanding PKI Concepts
Root CA and Subordinate CA We will hear these terminology from the PKI authentication happening in various communication made between server and users. Certificate Authority (CA) is basically a company or an organization who has the rights to create a certificate for a certain server for its public key validity. Users will rely on certificates… Continue reading Understanding PKI Concepts
Scanning and Remediating Vulnerabilities with OpenVAS
Figure 1. SSL Vulnerability from OpenVAS scan SSL Vulnerability in Lab 5 On a OpenVAS Scan executed in a Windows Server system, a severity level of 5.0 (medium) is shown. This LDAP scan shows several vulnerabilities and one of the is an SSL vulnerability which is a weak SSL cipher with 5.0 severity level. It… Continue reading Scanning and Remediating Vulnerabilities with OpenVAS
Marcellus's Blog 