YubiKey support in OpenSSH for Windows 11 and Windows 10

Since Win32-OpenSSH version 8.9.1.0p1-Beta there is decent support for FIDO/U2F hardware authenticators. This means we can use a YubiKey with Windows 11 and Windows 10, w00h00! In this post, I’ll show you how to install Microsoft OpenSSH client in Windows 11 and Windows 10, and how to configure your YubiKey. If you follow this guide and all goes well, you no longer need additional tools like Git Bash or MremoteNG/MobaXterm.

Read more

Monitor .NET CLR Garbage Collected heap from your web application

In order to let your .NET (web) application run smooth over a longer period of time, it is important to monitor the .NET CLR Garbage Collector (GC) and collection. Here is how you can monitor this in a Zabbix template using Powershell WMI / CIM and Win32_PerfRawData_NETFramework_NETCLRMemory Windows Performance Counters.

Read more

How to install IIS Web Management Service (WMSVC) using PowerShell in Windows Server Core

Here is a short post for you on how to install and enable IIS Web Management Service (WMSVC) in Windows Server Core, using PowerShell. This allows you to remotely manager your IIS webservers. If you want a graphical (or GUI) tool to install in Windows (Server or 11/10), see Install and setup IIS Manager for Remote Administration in Windows Server IIS.

Read more

Adding VirtIO drivers to Windows Recovery Environment (Windows RE)

How to customize your Windows System Restore

If you need to add VirtIO drivers to your Windows Recovery Environment (Windows RE) to recover your Windows virtual machine, here is how. The following steps come in handy if you found out the hard way you don’t see any disks in Windows RE after a hard crash. As have I…

Read more

OpenSSH logo

Retrieve SSH public key from Active Directory for SSH authentication

How to configure SSH public key authentication for Windows Server in Active Directory (AD)?

If you want to be able to log on to your Windows Servers through Win32 OpenSSH, you can make use of SSH public key authentication through a ~/.ssh/authorized_keys file. But if you have tens (hundreds) of servers and/or users, perhaps it’s easier to retrieve SSH public keys from Active Directory (AD). In this article I’ll explain how.

Read more

How to add, list and remove IP addresses in Windows Firewall

Yesterday, I showed you how to block IP addresses in Windows Firewall using PowerShell. This comes in handy when blocking IP addresses that are brute-force attacking your servers. In this short post I’ll show you how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows Defender Firewall with Advanced Security.

Read more

Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell

This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security. For the time being, some manual labor is involved, but it is still manageable. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.

Read more

Windows Defender: Turn off routine remediation

Long story short: During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it. Unfortunately, there is no PowerShell cmdlet to configure this. Here is how to (temporarily) turn off routine remediation.

Read more

Increase WMI memory to support large volume of queries

How to optimize WMI performance and memory usage in Windows Server

Since I started expanding my Zabbix scripts and templates for monitoring Windows Server instances – AD, IIS and SQL Server – I found WMI was failing more and more. WMI stopped working: WmiPrvse.exe would just crash after hitting some memory limit of 512 MB. If you run into the same issue with Windows Management Instrumentation, here is how you can increase WMI Provider Service’s memory quota. Doing so resolved my issues.

Read more

Loading time: 92 queries, 0.339 seconds using 12886808 bytes memory. Peak memory usage: 13300608 bytes.