Friday, July 19, 2013

Randomly Selecting Computers from AD

I often have the need to grab a list of random workstations or servers to use in an audit or testing or for some other function. Here's an example of the command I use to get that list. In this case, I'm getting a list of 50 random Windows 7 workstations.

get-adcomputer -filter {operatingsystem -eq "Windows 7 Enterprise"} | get-random -count 50 | select DNSHostName

Here's the same example querying from a different domain than the one I'm currently in.

get-adcomputer -searchbase "DC=another,DC=domain,DC=com" -server another.domain.com -filter {operatingsystem -eq "Windows 7 Enterprise"} | get-random -count 50 | select DNSHostName

Even if you're querying the same domain, you may have valid reasons for using -searchbase and -server parameters to scope down your search.

Sunday, June 23, 2013

The Monty Hall Problem

OK. This is an entirely non-Infosec related post, but it was a fun thing to do this weekend so I thought I'd post it.

I was discussing the "Monty Hall Problem" with a friend last week and despite my attempts at explaining why the "Always Switch Doors" technique gives you the best chance of winning he simply had a gut reaction that there must be some flaw in the explanation. After all, this is such a non-intuitive answer that mathematicians debated for years over the solution. Although there now exist formal mathematical proofs of the solution, that's not very fun and doesn't give me an excuse to play in PowerShell.

So, I decided to write a game simulation.

For those not familiar with the problem, it goes like this:

Sunday, June 9, 2013

Chain of Command

This post isn't specifically InfoSec in nature, but it is definitely related. When doing investigations or verifying authorization for specific requests, I often have the need to find a user's chain of command. In most organizations, certain requests require the manager's approval, while other requests may require director or VP approval. Looking this up manually can take a lot of clicky-clicky that I'm not a huge fan of.

To make this process easier, I wrote a little function that searches Active Directory for a specified user and, using the Manager property of the user object, loops through to return each manager's manager until reaching the Chief Executive Officer.

Wednesday, June 5, 2013

The Inaugural Post

This post won't be shocking. It won't be amazing. You may even forget it ten minutes from now. That is, until you need to do something similar.

I was doing some research on a bunch of URLs and many of their names were not indicative of their use. Unfortunately, the web-filtering category that they belong to is a bit broad and I needed more fine-grained information on what kind of content they contained. I really needed to see the sites for myself.

I could have opened a web browser, highlighted the URL, Ctrl-C, Ctrl-V, etc. but with over 100 sites to look at that wasn't going to happen. There are already going to be more manual steps than I would like in this process, and I'm WAY too lazy efficient for all that.

PowerShell to the rescue.