Welcome back to IT Pro Tuesday!
We're looking for your favorite tips and tools we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.
And as always, we’re updating the full list on our website here. Enjoy.
But on with this week's tools...! Here are the most-interesting items that have come across our desks, laptops and phones this week. Hornetsecurity has no known affiliation with any of these unless we explicitly state otherwise.
Automate creating new users with Azure Automation Runbooks, Microsoft Forms & LogicApps is a blog post explaining an automated approach to onboarding new users. Author RiosEngineer adds, "[For] those who have cloud-only clients, this can be done without the runbooks/workers, as there's a neat AAD new user creation connector available for us. You can add steps in the Logic App to wait for approval before proceeding to the runbook job creation step. That way it only creates after necessary approval by the relevant persons."
A Practical Guide to (Correctly) Troubleshooting with Traceroute is Richard Steenbergen's guide on the proper use of this tool. Covers how traceroute works; how to interpret DNS in traceroute and network latency; ICMP prioritization and rate ICMP prioritization and rate-limiting; asymmetric forwarding paths; load balancing across multiple paths; traceroute and MPLS. Our thanks for directing us to this resource go to spacebootsohno.
Another reverse telnet option, kindly offered by De_Oppresso-Liber: "A slight step up from the reverse telnet configuration mentioned [last week] is to re-task an old router (I use a previously retired 2851) and add an Async HWIC card. I added a HWIC-16A and bought 2x CAB-HD8-ASYNC. The router has connectivity on our management network, and once SSH-ing into that router, I can now console directly into any of 16 devices that are connected. Here's a good article on how to setup a menu system.”
A Free Tool
The Active Directory Replication Status Tool (ADREPLSTATUS) analyzes replication status for domain controllers in an AD domain or forest and displays the resulting data similar to REPADMIN /SHOWREPL * /CSV imported into Excel—only better. Data can also be exported for offline analysis. dangolo adds, "I use this all the time and, while basic, it's quite reliable!"
This nice summary on flow control was kindly shared by VA_Network_Nerd: "Ethernet Flow Control is traffic/protocol agnostic. It doesn't care what kinds of packets are flowing through an interface, it only knows that the interface is about to run out of packet buffer resources; and when that happens, it fires a pause frame, requesting the device on the other end to shut up for a moment and stop sending traffic.
Flow-Control doesn't care about QoS markings [and] will queue up VoIP packets and not think twice about it. Now, 802.1Qbb Priority Flow-Control on the other hand, can be applied to a specific traffic queue on the interface so that only some kinds of traffic (storage traffic) is paused, while other traffic keeps flowing.
As a general concept, we disable flow-control everywhere other than SAN/NAS devices where the storage vendor specifically requests [it] be enabled.… We find it's better to get Flow-Control the hell out of the equation, and just let TCP or our QoS policies handle things."
P.S. Bonus Free Tools
JXplorer is a flexible, cross-platform LDAP browser and editor that can be used to search, read and edit any standard LDAP directory, or any directory service with an LDAP or DSML interface. This extensible and customizable tool offers advanced security integration and support for the more difficult and obscure parts of the LDAP protocol. Our appreciation for this one goes to crankylinuxuser.
Grouper2 is a tool designed to allow pentesters to more-easily find configuration problems in Active Directory Group Policy that can compromise security. lucasni appreciates that it "can help show group policy misconfiguration."
Have a fantastic week and as usual, let us know any comments.