Secure Linus

What is active directory?

Active Directory is like a big book that has information about all the people and things in a place. For example, it can tell you the names, passwords, phone numbers, and other details of the people who work in a company or go to a school. It can also tell you what computers, printers, and other devices are in the place, and who can use them.

Active Directory is a service that helps you manage and secure the users, computers, and other resources on your network. It is like a database that stores information about who can access what and how.

Active Directory security is the process of protecting this information from unauthorized or malicious access. It is very important for cybersecurity because Active Directory controls the access to your network and its resources. If someone hacks into your Active Directory, they can steal your data, damage your system, or impersonate your users.

So, after understanding what active directory is, lets have a look at the hardware and software we will employ to achieve our goal.

Hardware and Software

Gone are the days of having to run Physical servers and Pcs around your house to have a home lab. With the introduction of Virtualization, you can now build a home lab on any modest PC or laptop. You could even take all the steps below to build an active directory domain and spin yourself up a lab in the cloud with Azure or AWS basically for free using either vendor’s 12-month Free Tier.

Now depending on how many VMs you want to run at the same time, depends on the resources the host server will need. To follow along with this tutorial, you will need at least 3 Spare CPU cores, 5GB RAM, 80GB of free disk space minimum. Which is a pretty modest number of resources for a basic Active Directory Lab. Obviously, the more resources you can spare for each Virtual Machine the faster your lab will be.

In this tutorial, I will be using VirtualBox on a 8 cores CPU laptop with 8 gigs or RAM and 256 GB of storage. However, use whatever Virtualization Software you feel most comfortable with. The steps below will pretty much work for any Virtualization Software.

We will need to download the following:

1. Virtual box here. You can download the one that suits your machine whether Windows or Mac.

2. Windows server 2019-2022 ISO here.

3. Windows 10 ISO here

After downloading all these, install virtual box in your machine and we are good to go.

Installing Windows server

I will be using Windows Server 2019 for this so you can follow along if you have one, if you have another version, you can also follow as the process is similar.

· First on the home screen of virtual box, go to Machine on the top menu, and then click on new.

· On the new screen, Enter the details of your machine. I will name mine DC (Short for domain controller). Leave the folder option as it is (recommended), or you can change the location to suit your needs. Then go ahead and choose the Windows server ISO that you downloaded on the ISO Image section and clock next.

· On the next page, choose the amount of RAM and Processor you want your virtual machine to have. I will give it 2GB and 2 CPUs. If you have more resources, be generous to your machine for better performance, but don’t take too much from your host computer.

· After allocating the resources, click next.

· It is time to create a Virtual Hard Disk (VHD), I will give my machine 20 GB and leave everything else intact, and then click next.

· On the summary page you can see all the settings for our machine. Do not panic if you see any that you would like to change as you can do that later. After reviewing click on finish.

· Select the newly created virtual machine and click on Settings. Here we need to change the network settings. Our Server will have two network interfaces. Once connects to the internet and the other one to the internal network.

· To achieve this, Go to Network > Adapter 1 and make sure that it is enabled and attached to NAT. This will allow the virtual machine to access the internet through your host system’s network connection. For the second interface, go to Adapter 2, enable the adapter and change the attached to into Internal network. Click OK to save the settings and close the window.

Start the virtual machine by clicking on the green Start button. The Windows Server 2022 installation wizard will begin.

· Select your language, time and currency format, and keyboard or input method. Click Next.

· Click on Install now.

· Enter your product key if you have one, or click on I don’t have a product key if you want to activate Windows later. Click Next.

· On the operating system we want to install, choose Windows server 2022 (Desktop experience).

Accept the license terms and click Next.

Choose Custom: Install Windows only (advanced).

Select the unallocated space on your virtual hard disk and click Next. The installation will begin and may take some time depending on your system’s speed.

Installation may take a while, and the machine will restart a couple of time.

After the installation is complete, the virtual machine will restart automatically. You will be prompted to set up your administrator password and security settings.

Setting up Network interfaces

After a successful installation and login into our Windows Server, it is time to set up our two interfaces to enable network connectivity.

To achieve this, right click the network icon at the bottom right of your screen and select open network & internet settings. Then choose change adapter options.

Check on each adapter to check their Ip address and determine which is the internal facing adapter and which is external facing. The internal facing network will have an Automatic IP Address (APIPA), 169.254.182.252, it may vary depending on your machine.

This has to be assigned a static IP and gateway.

To achieve this, Right-click on the adapter > Properties > Protocol version 4 (TCP/Ipv4).

Double click on it and go to use the following Ip addresses. Enter the following:

Ip address: 172.16.0.1

Subnet mask: 255.255.0.0

Leave the default gateway blank.

On DNS enter 127.0.0.1

After that click ok.

Setting up Domain / AD DS

We are going to be setting up Active Directory on our new Windows 2019 server. Active Directory is a directory service that runs on Microsoft Windows Server that allows administrators to manage permissions and control access to network resources. Within Active Directory data is stored as objects, which include users, groups, applications, and devices.

Firstly, start by opening Server Manager (Click o home > Server Manager). This may take a few minutes for it to populate all the data.

Once Server Manager is open Click Manage and then Add Roles and Features.

In the Add roles and features wizard click the third option on the left menu for server selection and you will then be able to select Server Roles.

Tick the box next to Active Directory Domain Services. You will then be prompted with a window showing all the services or features that will be installed. have a quick read through what’s being installed. Make sure include management tools is selected and click add feature.

It is also worth adding the DHCP Server role. This is not needed for the Active directory setup. However, we might as well install it now, so we don’t have to statically assign the IP Address of every device we connect to the LAB.

Click Next to move to features. leave everything as default.

Now click Next through AD DS, DHCP Server and DNS Server leaving everything as default until you get to confirmation. From here click Install

This will now install everything needed for Active Directory Domain Services, DHCP Server, and DNS Server.

After the installation has finished Click Close, to close the Add Roles and Features Wizard.

In Server manager you should now see the Flag has a yellow triangle next to it. click this and select Promote this Server to a domain controller.

You should see the Active Directory Domain Services Configuration Wizard pop up. Select Add a new forest and enter a domain name. I have gone for mydomain.com, but you can call your domain whatever you like. Click Next.

In the Domain Controller Options, set an Directory Services Restore Mode password, confirm the password and then click next.

Verify the Netbois name is correct and click next.

Leave the AD DS database, log files and SYSVOL folder locations as default, click next.

Review all the Configurations we have just set are correct. Click Next.

Once the Server has finished being promoted to a domain controller, Reboot to complete the Installation.

Creating a new Admin User

We need to set an admin user for our domain, mydomain.com, which is different from the default admin account.

To start this go to Home > Active Directory Users and Computers

Next, right-click on Mydomain.com (or whichever name you gave to your domain) > New > User

Enter the First name and Last name of the admin user and the user logon name. I used a-for admin, first name initial and last name, to come up with (a-lobura). Click Next

The next thing will be to set the password and set the password policies. You can provide a default password and force user to change the password to their own password on the next logon, or limit the user from changing the password. I set the password to never expire just for the lab. You can also disable the account.

After creating the password and password policy, the next thing is to add our admin user to the admins group. Right click on the user, and go to Member of and add to admins. Click ok.

After setting the account, restart the machine and on the login, screen choose another user and enter credentials for the newly created account, for the mydomain.com.

Setup Windows DHCP Server

DHCP is not essential for your lab to work, as you could statically assign IP address for every device you connect your LAB too and it would work just fine. Furthermore, you could actually set up DHCP to come from the PFSense router instead if you prefer. Windows DHCP is easy to customize and configure and I have personally been using windows DHCP Server since the days of Windows NT and prefer it over most other DHCP server solutions out there.

In Server Manager go to add roles and features, select Server roles and tick DHCP Server. Add all the features and make sure Include Management tools if ticked.

Once DHCP is installed you should be able to find the DHCP app by searching in the start bar OR can be found in Administrator Tools.

The New Scope Wizard window should pop up, Click Next.

Give the Scope a name and a description, then click next.

Now enter the range of IP addresses you want the DHCP Server to manage. In this tutorial I am using a full 24-bit subnet which is basically 254 IP Addresses, so is going to be everything from 172.16.0.100 to 172.16.0.200 Click Next.

Now Add some exclusions, these are devices which need to be staticky set for example the Active Directory domain controller we just created. Here I have not excluded anything.

Set the lease Duration. This is how long a device keeps an IP Address for before asking for a new one. Leave this on the default of 8 Days, for lab purposes, but for work you should consider a reasonable duration. click Next.

Now we have to configure options within DHCP, like which DNS servers to use and what’s the default gateway. Select Yes. I want to configure these options now and click Next.

Type the Ip address of the default gateway. In this LAB we use 172.16.0.1. Type this address into the IP address field and click Add.

In the DNS option, we leave it blank as our machine will use the loopback address for DNS resolution. Click Next.

Don’t worry too much about adding any WINS information, just leave everything default and click next.

Select yes I want to activate the scope now. and click next.

And is as easy as that so any new Devices joined to our Lab will now get a dynamic IP Address from this DHCP Server unless the IP address has been statically assigned on the device. This will help when we add a Windows 10 VM to the LAB network and join it to the Active Directory Domain.

Setting up Windows 10 Machine

Having an Active Directory Server on its own network is all good and well but it does not really do much unless you have devices that connect to and use Active Directory.

Installing Windows 10 on virtual box should be similar to installing windows server. Because of that I’m going to go straight to the joining our mydomain.com section.

Go right ahead and install windows 10 in your virtual box and then we can continue.

Joining a Windows 10 WorkStation to the Domain

All we have left to do is join the workstation to our Active Directory domain. You used to just be able to go to system in the control panel to join the pc to the domain However Microsoft are slowly getting rid of the control panel icons and you now need to go to Start -> Settings -> System -> About or just search for system it will take you to the same window.

In the About window, click Rename this PC (advanced) in the far-right menu. If initially, you can’t see the menu. Make sure to maximize the about window for the options to become available.

The System Properties window should appear. Click Change.

Rename the Computer From its default name. Change the member of to Domain: Then enter the name of the Active Directory Domain you created earlier in this tutorial. If you have been following along with my examples this will be mydomain.com.

You will then be asked to enter a username and password. Enter the administrator details you created for your domain

After a couple of seconds, you should get a message welcoming you to the domain. Click Ok

The messages changes telling you the computer needs to restart. Click Ok. Close out the system Properties. On the Window that pops up type Restart Now.

Once the PC has rebooted the Workstation will be fully joined to the Domain and any user from Active Directory will now be able to log into this Computer… Have a go Login with the domain administrator account.

So, you now have a complete self-contained Active Directory Lab, what next? Well, the first thing I would do is create some more users in Active Directory users and computers. I will be creating another tutorial on how to automate this using PowerShell, so follow to keep in touch.

In today's digital age, the security of personal and confidential information is of paramount importance. Two-factor authentication (2FA) is a security feature that adds an extra layer of protection to online accounts. In this blog, we will discuss what two-factor authentication is, how it works, and why it is important.

What is Two-Factor Authentication?

Two-factor authentication (2FA) is a security mechanism that requires users to provide two forms of identification before granting access to an online account. The first factor is usually a password or PIN, and the second factor is a physical object or a biometric characteristic such as a fingerprint or facial recognition.

How Does Two-Factor Authentication Work?

The process of two-factor authentication varies depending on the service provider, but generally, it works as follows:

The user enters their username and password as they normally would.

The system then prompts the user to provide a second factor of authentication, such as a code sent via text message, a fingerprint scan, or a security token.

Once the user provides the second factor, the system verifies it and grants access to the account.

Why is Two-Factor Authentication Important?

Two-factor authentication provides an additional layer of security that can help prevent unauthorized access to online accounts. Passwords can be easily compromised, and cybercriminals can use techniques such as phishing, brute-force attacks, or keylogging to obtain them. However, with two-factor authentication, even if a cybercriminal gains access to a user's password, they will still need to provide the second factor of authentication to gain access to the account.

Two-factor authentication is particularly important for accounts that contain sensitive or personal information, such as online banking, email, or social media accounts. It can also be used to protect corporate networks and sensitive data.

Types of Two-Factor Authentication

There are several types of two-factor authentication:

SMS-based Authentication

In this method, the system sends a code via SMS to the user's phone, which they must enter to verify their identity.

In SMS-based authentication, the system sends a unique code via text message to the user's registered phone number. The user must enter this code within a limited time window to access their account. The code is a one-time password (OTP) that is valid for only a short period, typically a few minutes. The user's phone number serves as the second factor of authentication, which is something they have.

Time-based One-Time Passwords (TOTP)

TOTP is a time-based authentication method that uses a mobile app such as Google Authenticator or Authy to generate a unique code that changes every 30 seconds.

Time-based One-Time Passwords (TOTP) are generated by a mobile app such as Google Authenticator, Authy, or Microsoft Authenticator. The app generates a unique six-digit code that changes every 30 seconds. To log in to their account, the user must enter the code within the specified time window. The app uses a shared secret key that is known by both the app and the service provider. This shared key is used to generate the OTP, and the app and the server can verify the code's validity.

Biometric Authentication

Biometric authentication uses a user's unique physical characteristics such as a fingerprint, facial recognition, or iris scan to verify their identity.

Biometric authentication uses a user's unique physical characteristics to verify their identity. Examples of biometric authentication include facial recognition, fingerprint scans, and iris scans. These biometric characteristics are unique to each individual and are difficult to forge or replicate. To use biometric authentication, the user must have a device that is equipped with a biometric sensor, such as a smartphone, tablet, or laptop. Once the user provides their biometric data, the system verifies their identity and grants them access to their account.

Hardware Tokens

A hardware token is a physical device that generates a one-time code that the user must enter to access their account.

Hardware tokens are small devices that generate a one-time password (OTP) that is used for authentication. These devices are often in the form of a key fob or USB stick and can be carried around by the user. When the user logs in to their account, they must enter the OTP generated by their hardware token. The token uses a shared secret key that is known by both the token and the service provider to generate the OTP. The OTP is valid only for a short period, typically 30 to 60 seconds.

Smart Cards

Smart cards are physical cards that contain a microprocessor and can be used to authenticate the user's identity.

Smart cards are physical cards that contain a microprocessor chip and can be used for authentication. When the user logs in to their account, they must insert their smart card into a card reader or NFC-enabled device. The card reader communicates with the card's chip to verify the user's identity. Smart cards can also store other types of data, such as personal identification information, financial data, and healthcare information.

Conclusion

Two-factor authentication is a simple but effective way to enhance the security of online accounts. By requiring users to provide a second factor of authentication, it adds an additional layer of protection that can help prevent unauthorized access to sensitive information. With the rise of cyber threats and data breaches, it's more important than ever to implement strong security measures, and two-factor authentication is an excellent place to start.

Passwords have been used for centuries to protect sensitive information and secure access to restricted areas. The origin of passwords can be traced back to ancient times when they were used to control access to secret locations and valuable goods.

One of the earliest known examples of passwords was used in ancient Rome, where a special password was given to soldiers as a means of identifying each other during battles. This practice was also used in medieval Europe, where passwords were used to protect castles and other fortified structures.

In the 1960s, the first computer systems were developed, and with them came the need for secure passwords to protect sensitive data. In those early days, passwords were typically short and easy to guess, often consisting of simple words or numbers.

As computer systems became more advanced, so did the methods used to crack passwords. Hackers began using sophisticated techniques, such as brute force attacks and dictionary attacks, to crack weak passwords and gain access to sensitive information.

Today, passwords are an essential part of online security, protecting personal information and financial transactions from cyber attacks. With the rise of cloud computing and other online services, passwords have become more complex and varied, with requirements for length, complexity, and special characters to make them more secure.

In recent years, advancements in biometric technology, such as fingerprint scanning and facial recognition, have offered alternatives to traditional passwords. However, passwords remain the most common method of authentication and are likely to remain so for the foreseeable future.

In today's digital age, it is becoming increasingly important to have strong passwords to protect your online identity and sensitive information. Weak passwords are easy to guess or crack, leaving your personal data vulnerable to hacking and identity theft. In this blog, we will discuss the advantages of using strong passwords and some tips on how to create and manage them.

Advantages of Using Strong Passwords

Protect Your Personal Information

A strong password can help protect your personal and sensitive information from being accessed by unauthorized individuals. This information could include your financial information, personal contacts, or other private data that you do not want to be compromised.

Prevent Cyber Attacks

Hackers use various methods to crack weak passwords, such as brute force attacks, dictionary attacks, and phishing scams. Using a strong password can help prevent these attacks and keep your online accounts secure.

Secure Online Transactions

Strong passwords are particularly important when it comes to financial transactions, such as online banking or shopping. A strong password can help ensure that your financial information remains safe and secure.

Tips for Creating Strong Passwords

Use a Combination of Characters

A strong password should include a combination of upper and lowercase letters, numbers, and symbols. This makes it more difficult to guess or crack.

Avoid Using Personal Information

Avoid using personal information, such as your name, birthdate, or address, as part of your password. Hackers can easily obtain this information through social media or other means.

Use Long Phrases

Consider using long phrases as passwords, as they are harder to crack. For example, "ILoveMyDog2021!" is a strong password that combines a phrase with upper and lowercase letters, numbers, and symbols.

Use a Password Manager

A password manager can help you create and manage strong passwords for all your online accounts. It stores your passwords securely, and you only need to remember one master password to access all your accounts.

Change Your Passwords Regularly

It is essential to change your passwords regularly, at least once every six months. This ensures that your passwords remain strong and secure.

In conclusion, using strong passwords is vital in today's digital age to protect your online identity and sensitive information. By following the tips mentioned above, you can create and manage strong passwords for all your online accounts. It is essential to remember that passwords are just one aspect of online security. Other measures, such as two-factor authentication and staying vigilant for phishing scams, are also important for protecting your online security. Remember, your online security is in your hands, and by taking a few simple steps, you can stay safe and secure in the online world.