Here is a litle script i’ve build by digging through differents article to match what i needed :


#Extracting the date
$day = get-date -Format dd
$month = get-date -format MM
$year = get-date -format yy
$hour = get-date -Format hh
$min = get-date -Format mm
$today = $day+$month+$year+"-"+$hour+$min
$myFile = "c:\DATA\stats" + $today + ".txt"

#Getting stats from each zone and send all to the text file
Get-DnsServerZone | select zonename | Get-DnsServerStatistics > $myFile

#Sending stats file per email
$PSEmailServer = "email server IP"
Send-MailMessage -From "dnsserver@domain.com" -To "who need the report@domain.com" -Subject $Today" DNS Stats" -Attachments $myFile

First save that into a .ps1 file and then run that through a schedule task with that batch file

@ECHO OFF
PowerShell.exe -Command "& ‘getstats.ps1’"
PAUSE

Tagged with:  

How to secure IIS

On 2 October 2015, in IT Procedure, Servers, by Himselff

I’ve merge together a couple of tweak i’ve found and validate with this SSL Testing Tool :

SSLLAB

Here is the Regtools :

1. Disabling the SSLv3



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000

2. Disabling Ciphers RC4



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000

Ref : https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices.pdf

Tagged with:  

In elevated command line : sc delete “service name”

Tagged with:  

Fix: Disable the SSDP service –

Pre-NOTE: If you rely on SSDP for your connection, then this will obviously disable that. Either use a DHCP server or enter a static IP address instead.

1. Go Start and search for “Computer Management”. Click on it.
2. Select Services and Applications->Services in the left box.
3. Scroll down to find SSDP Discovery.
4. Right click it and select Stop. (If it is already stopped ignore this step)
5. Right click again and select Properties.
6. In the Startup Type dropdown menu, select Disabled. Hit Ok.

Tagged with:  

1. Download the iso from Microsoft web Site

2. Burn the iso or emulate it

3. In command line , enter the following to open the wizard :

– lpksetup

4. Browse to get the file from your language

5. Once the installation complete, select your new language and check the box to allow the lang to be available to Windows Screen

6. Reboot the server and your done.

Tagged with: