When checking if a system is secure, you often want to validate if there are no locations that are writeable for standard users (non-admins); for example, on a website, you want to make sure that all application files and directories are read-only (unless you have a specific directory in which you would...

In my last post, I already pointed out 2 security considerations that apply across roles: which combination of server roles is allowed and is a specific role suited (and preferably installed on) a Windows Server CORE ? Besides these 2, there are a number of other things you might want to check if...

I guess most of you will agree that DNS is a critical component in a Windows infrastructure. It's not only the basis for a good working AD, but also the first target for anybody who wants to attack your systems and communication-channels, using Man-in-the-Middle techniques. E.g., suppose an (internal...

This is just a quick intro to a number of short articles that I will post in this blog over the coming months where I will show you some examples on how to check Security Compliance using PowerShell scripts. The main focus will be on the different roles offered by Windows Server 2008 R2 (DNS, DHCP, IIS...