Quick Bytes IT Stuff

Advance Threat Protection aka ATP which is now called Microsoft Defender in office 365, is one of the licenses offered by Microsoft. If there are hundred accounts in O365, tracking which account that doesn't have ATP or Microsoft Defender license is just troublesome. Of course, PowerShell will come into rescue for this kind of issue. One liner code below in PowerShell will check which Office 365 accounts does not have ATP or Microsoft Defender license assigned. Get-MsolUser -All | Where-Object {$_.licenses.AccountSkuId -notcontains 'contoso:ATP_ENTERPRISE'} | Select-Object userprincipalname,licenses | export-csv c:\temp\office_365\no_defender_license.csv Replace contoso with your domain. Or run this command to see which licenses are assigned or available in your tenant. Get-MsolAccountSku | select -ExpandProperty ServiceStatus The PowerShell command checks which accounts does not have ATP assigned; which means that if you have 100 of guests or client user...

Old command to show ports opening in netsh is: netsh firewall show portopening For Windows OSes which uses Advance Firewall the above command may not work anymore. PowerShell of course can get the list of ports used by Windows advance firewall with security. The link below shows on how to use PowerShell to query advance firewall: http://blogs.technet.com/b/jamesone/archive/2009/02/18/how-to-manage-the-windows-firewall-settings-with-powershell.aspx If a program or application utilizes a specific port and is not open or not being set on the firewall then the particular program or application may not be accessible remotely. If command line is preferable, netsh is able to get or list the ports used by the firewall. netsh advfirewall firewall show rule name=all   verbose | findstr "LocalPort:" Sample output for the command above: LocalPort:                  ...

PowerShell code snippet to check or test whether a port is open or closed on the IP Address specified. ==============================   $port_num= "2443" $IP_Add="192.168.2.1" $result = New-Object Net.Sockets.TcpClient $IP_Add, $port_num     if($result.Connected)     {        write-host "Port 443 is open."        $result.close()     } else     {      write-host "Attempt to connect failed, check firewall or other settings."     } ============================== If port 2443 is open in IP Address 192.168.2.1 then PowerShell script will show "Port 443 is open." If port 2443 is close the script will show "Attempt to connect failed, check firewall or other settings." If the port is closed it could be that the firewall is not set to accept incoming connections for the particular por...

How to check Windows firewall advance security current state using command line? Command line below will check whether the firewall state is on or off. To check the firewall state via command line type:        netsh advfirewall monitor show firewall Command above will display the current firewall state. If the state shows “ON” the firewall is working. Sample output: Domain Profile Settings: ---------------------------------------------------------------------- State                                                   ON Firewall Policy                                   BlockInbound,AllowOutbound LocalFirewallRules                            Enable L...

If you ping a remote computer but fails, it could be that the firewall does not allow ICMP protocol. Enabling ICMP or ping requests is quite useful for troubleshooting purposes but it could be also a security issue. To enable ping or ICMP in Windows Firewall with Advance security, can be done via command line or using the graphical interface. Command line is quite useful if the setting has to be done repeatedly or it has to be done on multiple machines. Command line will also be helpful if a setting has to be enabled or disabled at times. Graphical interface is of course the easiest method if it has to be done one time but if the setting has to be done a couple of times then command line or scripting is definitely a good choice unless the person loves to click and click. Enable Ping response using command line: netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow Disable Ping respo...

How to set a static binding in JunOS? How to set a reservation of MAC address in DHCP? How to configure DHCP manual bindings? Different ways of asking on how to do but only one  specific goal, to assign an IP Address to a specific MAC or hardware. In JunOS SRX firewalls type this command: set system services dhcp static-binding 01:02:03:09:0A:0B fixed-address 192.168.1.1 IP Address of 192.168.1.1 will be assigned to a device with this MAC or hardware identifier of 01:02:03:09:0A:0B . See reference below for more details: http://www.juniper.net/documentation/en_US/junos12.1/topics/example/security-device-dhcp-server-configuring.html To do a reservation of MAC Address on Windows see below: Using Windows GUI see this link: https://technet.microsoft.com/en-us/library/dd759190.aspx The GUI instruction may change from version of the operating system but the logic on how to do it stays the same, you need to know the MAC address which will serve as an identifier s...

Show the configuration in Juniper JunOS using CLI terminal. To show the configuration via CLI terminal type:   - Show configuration Literally type "show configuration" output will be the configuration which syntax will be like a java programming. Example: system {     host-name Firewall_srx240;     root-authentication {         encrypted-password "$1$1BX9/GjQ.yN."; ## SECRET-DATA      }     name-server {         4.4.2.2;     } To show the commands used to create the configuration like in ScreenOS, type: show configuration | display set It will show the commands used to create the configuration. Example: set version 12.1X46-D15.3 set system host-name Firewall_srx240 Those are just basic commands but a good start to learn JunOS. Hope it helps..Cheers.. ------------...

Use netsh in Windows 7 to export firewall policy using command line. Open an elevated command prompt and type the netshell command below. netsh advfirewall export d:\myfirewall.txt If everything works fine it will display "Ok." It's exported using a filename with ".txt" extension, but the output is not readable using any text editor. You can save the file to a USB drive as a backup or import the firewall policy to another computer. To import the exported firewall policy use this command: netsh advfirewall import d:\myfirewall.txt Just replace the word export with "import" and specified the path location of the file. A very simple way to export firewall policies. If you want to dig further check out Technet link below: https://technet.microsoft.com/en-us/library/cc770887%28v=ws.10%29.aspx If you don't like doing it using command line, exporting firewall policy can also be done using GUI. Open "Windows Firewall wi...