3 Important security measurements for Windows Server & IIS

Windows Server security: When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security measurements. Securing your (web) server is important to keep hackers out and your data safe. Here are some steps you can take to secure and harden your Windows Server (IIS) web or file server.

Continue reading “3 Important security measurements for Windows Server & IIS”

Intrusion Detection with Windows Event ID’s

Found via cyber-ir.com: This paper is the best I have ever read on how to build IOC’s with Windows Event ID’s. I highly recommend you to read it, it contains very useful information and some very interesting behavioural examples of attacker activity. If you are looking to enhance your detection in your core network this is the document!

Continue reading “Intrusion Detection with Windows Event ID’s”

Windows Server 2016 licensing model

Mark O’Shea writes on TechNet that the licensing model for Standard and Datacenter were changed with Windows Server 2016, and he introduces the changes. The information is pulled from the Windows Server 2016 Licensing Datasheet, and if you need more details you can also download the Windows Server 2016 and System Center 2016 licensing FAQ. Spoil alert (tl;dr): you’ll be paying on a core-basis, instead of per CPU.

Continue reading “Windows Server 2016 licensing model”

KB3157663: Cumulative Update for Windows Server 2016 Technical Preview 5

When you’re installing Windows Server 2016 Technical Preview 5, don’t forget to install KB3157663 before installing any server roles, features, or other products. Installing KB3157663 prior to any other software will fix an error with DISM and Install-WindowsFeature, error code 0x800F081F:

Continue reading “KB3157663: Cumulative Update for Windows Server 2016 Technical Preview 5”

KMS Migration from 2008 R2 to Windows Server 2012 R2 and KMS Activation Known Issues

How to migratie an Windows Server 2008 R2 KMS to Windows Server 2012 R2, for volume activation of Microsoft products? On a new KMS server? You don’t, apparently there is no Windows Server 2008 (R2) KMS to Windows Server 2012 R2 migration. There is no way to automatically transfer your KMS role along with the products its activating to another server. Luckily Charity Shelbourne wrote up a handy how to for this task.

Continue reading “KMS Migration from 2008 R2 to Windows Server 2012 R2 and KMS Activation Known Issues”

How to install IIS URL Rewrite Module on Windows Server 2016 & IIS 10

When you start to play with Windows Server 2016 and IIS 10, you’ll receive an error when you try to install the IIS URL Rewrite Module in IIS. The error occurs because the URL Rewrite Module installer contains an invalid version check for the IIS being used. Here is how to install IIS URL Rewrite Module in IIS 10

Continue reading “How to install IIS URL Rewrite Module on Windows Server 2016 & IIS 10”

PowerShell blacklist check script: find an IP address’ blacklist status & reputation

Here’s a blacklist check script written in PowerShell. You can use this to lookup an IP address in various blacklists (DNSBL, RBL). Such a check is a great indicator for an IP address’ reputation. Basically this PowerShell blacklist checker is a translation of my Bash script to check an IP address blacklist status in Linux.

Continue reading “PowerShell blacklist check script: find an IP address’ blacklist status & reputation”

AppCmd introduction and examples

AppCmd, in combination with WinRM, is the Windows Server IIS systems administrator’s swiss-army knife for his daily routine. This post introduces AppCmd and provides a lot of AppCmd examples. AppCmd.exe is a command-line utility to manage IIS 7+ web servers. It exposes all important IIS server management functionality available through a set of intuitive management objects that can be manipulated through the cmd.exe or PowerShell command-line, or through PowerShell scripts. In this post you’ll find more information about AppCmd usage and examples.

Continue reading “AppCmd introduction and examples”