Amar Kulo

Me and my unorganized thoughts

What’s the point of security policies if you are not going to follow them up?

This post is more like a rant then a post but it is what it is.

In everyday work and life I keep finding people that think that policies are good to have but not so good to follow up and I’m really struggling to comprehend that kind of thinking, especially when it’s about security. I don’t get it why is it so hard to realize one simple fact, you don’t compromise with security. 

Continue reading

Project log: Cyclone PCB factory – part 1

Yesterday I have started building Cyclone PCB factory, a small PCB cnc machine with 3D printed parts. I have browsed a bit trough my parts stock at home that I have after lot of building and rebuilding of different kind of 3d printers and found that I almost have everything needed and everything that I don’t have is ordered from Aliexpress so I’ll write updates as the project goes.

Parts that I have right now:

  • Ramps and Arduino mega
  • stepper motor drivers
  • 1 NEMA 17 motor
  • threaded rods
  • B608ZZ bearings
  • washers, nuts and screws
  • power supply that can deliver 12V
  • 3d printer to print out parts

Continue reading

Integrating database of pwned password hashes with Microsoft AD

Few weeks ago, Troy Hunt has released password hash dumps from haveibeenpwned.com site. Dumps are large, splitted to 3 parts and contains 324+ millions of hashes. In this blog post I will show you how to integrate that large hash dump with Microsoft Active Directory and enable DC servers to check against that list before allowing user to change their password.

Microsoft has one feature that has been present since Windows server 2003 and it’s called password filters. It’s not often used as it’s meant to be used as an additional method for adding more complexity to password requirements in larger organisations. The smaller organisations and companies are sticking with the rules that are already present in Windows (both server and workstations), which are:

  • enforce password history
  • minimum password age
  • maximum password age
  • minimum password length
  • password must meet complexity requirements
  • store passwords using reverse encryption

There are some commercial solutions that can add more complex requirements to this list, but price tag is quite high. As soon as you see “contact us for price” you can count with that.

Continue reading

How to reinstall macOS when you get “application is damaged” error

Today I was trying to reinstall an older Mac Mini and installation keep failing with error: “This copy of the Install macOS Sierra.app application is damaged, and can’t be used to install macOS.”

I have tried Yosemite, High Sierra beta (the latest one b6) but still the same error happened so I started wondering why it would fail. One look in the terminal on date and time showed that Mini thought it’s 2001 so package couldn’t be verified and thus installed as verification failed.

Continue reading

Here we go again

So  I have decided to start blogging again, to write down some of stuff I do, some of things I like, my experiments and projects, security, programming stuff, operating systems, sysadmin stuff, tips and tricks,  etc.

Let’s hope that I continue this time to more than few posts :-/

 

In case you are looking for older posts, they are here.

© 2017 Amar Kulo

Theme by Anders NorenUp ↑