Niello - Hugo Theme

Your site slogan.

DNS Tools

General Tools nslookup - standard tool, comes with most OSes http://MXToolbox.com - Very useful site for doing DNS things, generally focused on email related checks - as the name implies - but still includes more general DNS lookup options Test-Connection - in PowerShell 6, this is really more of a super charged ping - but throw -ResolveDestination at it and it will do a lookup for you dnssec-analyzer - for testing DNSSEC Whois Lookup - mxtoolbox’s whois lookup hasn’t worked for me the last number of times I’ve used it, this one does… I’m pretty sure I’m forgetting 1 or 2, so I will come back and add them when I remember…

DNSSEC

How it works with Cloudflare Cloudflare hosts my DNS. It provides me a simple interface for management, 2FA for login and acts as a CDN. So it was an easy choice years ago to move DNS there. Since I’ve been thinking about DNS a lot lately I decided to see if I could setup DNSSEC for my own domain. It took my about 5 minutes. In Cloudflare - under DNS, hit the button to Setup DNSSEC. It will generate the required details to add to your Domain Registrar.

How DNS Really Works

View from the client A client system - phone, dekstop, laptop, server - looking to find an IP address for a name, lets use www.clintmcguire.com as an example, sends a DNS request to its configured name resolvers. Name resolvers are either statically assigned by a network administrator or handed out by DHCP. The client sends a request - typically via UDP - on port 53, to the name resolver. This is a question, asking for the Resource Record (RR) details that match a name/domain name.

How DNS Works

DNS Analogy The analogy typically used to explain what DNS does is to compare it to a Phone Book. Which isn’t a great analogy, when you look at how DNS works. I think I have a better analogy. The downside of my proposed analogy, is that it requires some additional explaining - although I suspect people coming out of school today aren’t very familiar with phone books anymore either… Here is my suggestion for a better analogy…

NTP

Time in Windows - for Domains In a Windows Domain, the default config is for the PDC to get time from an external time source, the other DCs to get time from the PDC and the domain members to get time for a DC in their Site. So only the PDC should need to be modified. The commands to configure the PDC to get time from the NTP Pool servers:

Find Azure Market Place Image Offers from PowerShell

Following up on my post about finding Azure Images by Publisher, here is how to get all the SKUs for the specific Offers. Get-AzVMImageSKu is the command to run. It requires Location, Publisher, and Offer. For example: Get-AzVMImageSku -Location ’eastus’ -publisher ‘fortinet’ -Offer ‘fortinet_fortigate-vm_v5’ This will return the two SKUs - “fortinet_fg-vm” and “fortinet_fg-vm_payg” You can take the SKUs and use those to deploy new VMs.

Find Azure Images by Publisher

First install the PowerShell Az Module. On Windows, open an elevated PowerShell window and run: Install-Module -Name Az -AllowClobber On MacOS, use sudo to open pwsh, then run: Install-Module -Name Az -AllowClobber Once the Az module is installed, exit the elevated/sudo PowerShell session and open a regular PowerShell session.

Compare file hash with PowerShell

Once you’ve downloaded the file use Get-FileHash to calculate the SHA256 hash. $hash = (Get-FileHash .\filename.exe).hash Copy the hash value from the website and assign it to a variable to compare. $webhash = "3...f' [Paste the full SHA256 hash in the quotes] Then use PowerShell to compare this to the published hash. if ($hash -eq $webhash){$true} This will return either “True” or nothing, if “True” then the hashes match. Or if you want to do it in one line: If ((Get-FileHash .\filename.exe).hash -eq "3..f"){$True} [Published SHA256 goes in the quotes.]

Resolve all Remote Hosts that you are Connected

I was looking into an certificate issue a client was having with their web proxy and in testing I thought it might be helpful to resolve the DNS names for all the open connections on ports 80 and 443. A quick netstat -anop tcp shows too many connections to bother doing manually and scraping the output with PowerShell would be possible, but isn’t my first choice. Thankfully Get-NetTCPConnections will show very similar details to the netstat above, so I started there.

Stop all processes with the same name

I have a utility server that I connect to frequently and for some reason or other, that I haven’t had time to investigate yet, a certain Citrix related process launches and re-launches. Over the course of weeks there can be 30+ instances of this process running under my user account. The specific process doesn’t take up much CPU or RAM, but it is annoying and if I someone else is using the server for real work, then those resources could be better allocated.

We use cookies on this website to give you the best experience on our site and show you relevant ads. To find out more, read our privacy policy and cookie policy.