A little known feature of NTFS is something called Alternate Data Streams, or ADS. Originally introduced for compatibility with Apple’s HFS, it allows for storage of metadata for files residing on the filesystem. A simple example is some of the content in the Summary tab when…

I’ve been doing some AWS study over the past week, primarily with a focus on networking and external connectivity. Below are some notes, this is not a how to or a tutorial, but rather architecture fundamentals. Regions and Availability Zones AWS is broken up into several Regions…

Often we need to query a group of computers (using WinRM for example) to obtain some data or run certain commands. This can be tricky as some devices may be offline, so a simple loop usually isn’t enough. Storing the computer list in an array and removing a device once it has…

Some years ago Microsoft announced the Windows Subsystem for Linux (WSL), which gave Windows 10 users the ability to run a Linux distro directly from their Windows install without the need for a VM. I remember being somewhat dismissive and thinking to myself “why would anybody…

When writing modules we need our functions to be in psm1 files instead of the usual PowerShell ps1 files. While the only difference between the two is the extension, it is far more cumbersome to develop directly with the psm1 files as they cannot be directly executed. A simple…

If you’ve every created JSON files with PowerShell you may be familiar with the dreaded error when your JavaScript application attempts to parse the file. Sometimes this is caused by incorrectly formatted JSON, but if you used , this is unlikely to be the case. What I’ve found…

Every so often we’re asked to look into logon events to determine who logged into a device and when, be it a server or a PC. While there are commercial tools which can provide this information, they tend to be out of reach for smaller organisations leaving us with parsing the…

When creating site to site IPsec VPNs we need to configure ACLs that define interesting traffic, that is, an ACL that matches to source and destination networks on each side of the link for which traffic should be encrypted and routed via the VPN. This is part of the Phase…