Localization with SwiftUI

    I have been performing a bit of localization lately on an Xcode project and was looking for a way to reduce human errors due to typos and other human errors.

    The best method I found was to create a separate a simple Translation.swift file to storage all the i18n code. Here I extend the LocalizedStringKey struct with my own project based localized strings for easy access on the Xcode autocomplete menu.

    Jul 6, 2020 · Filed in: SwiftUI, iOS, macOS
    Reading Time: 1 minute(s)

    How-to Investigate Active Directory Logon Mischief

    The Windows domain feature for locking accounts can be a helpful feature against malicious attempts to guess a password via brute force.

    The version of netlogon.dll that has tracing included is installed by default on all currently supported versions of Windows. To enable debug logging, set the debug flag that you want by using nltest.exe, the registry, or Group Policy.

    Group Policy

    You will have to adjust a few policy settings to get the DCs to audit logon events. This are usually set correctly, but it can be worth a check of the environment to make sure the DCs are get the proper audit settings.

    Group Policy

    Audit account logon events for domain accounts and Audit logon events for logons to the computer.

    Events

    The Event IDs we are most concerned with are under the Windows Logs > Security section of Event Viewer.

    • 4624
    • 4776
    Jun 2, 2020 · Filed in: Microsoft, Active Directory, Windows Server
    Reading Time: 2 minute(s)

    Live Capture to Multiple Files Using Wireshark

    If you want to live capture a long session, maybe over the course of a couple of hours. You will want to perform this so that you can capture the traffic to multiple files, based on size or duration of time, this makes the results much easier for analysts to work with, transferring, etc.

    I like to create a dedicated directory for the capture session. I usually place them in Capture or ProjectNameCapture directorv. Once the capture session is complete, you can select the interesting PCAP files out of the session and delete or archive the others.

    Launch Wireshark application. Open Capture options, select the Output tab.

    Feb 18, 2020 · Filed in: Wireshark
    Reading Time: 2 minute(s)

    OPNsense Security Device Build

    Just back from a security conference. The major themes of the conference were passwords suck, phishing, policies, and solutions. The conference was great, good food and lots of information taken from the talks.

    Scene

    All this security talk got me to thinking about my own setup, a very old Cisco ASA and Cisco Wireless Router pair meets, but doesn’t give much visibility in to the network, and the number of exploits for this hardware / software must be longer than my arm at this point, so time to upgrade.

    Cisco ASA needs to be replaced because it’s software isn’t current, and protecting against newer attacks isn’t possible. Cisco E4200 has to be replaced because it doesn’t support newer Wi-Fi standards.

    Build

    This post and some that follow will be about a security device build I have ongoing. The journey begins at picking a hardware platform, which there are a lot to choose from. I wanted to keep close to router-style as possible, so I opt for a board with no VGA or other display technologies and had a serial port (yes, RS232).

    Bought a bundle that contains board, case, and power adapter. Basically, the only part required is storage, this can be an SD card or USB flash drive. I will be using mSATA drive for log storage (/var). The board I have has three mPCIe slots, but only one will work with mSATA drives, it’s label accordingly.

    APU2D4 (Without SD and SSD)
    Dec 8, 2018 · Filed in: OPNsense
    Reading Time: 5 minute(s)