He/Him. Microsoft MVP and GitKraken Ambassador. š Poshsecurity.com. š³āš Gay. š± Cat owner.
Iām a big fan of Intuneās device compliance policies and Azure Active Directoryās (AAD) conditional access rules. They're one piece of the puzzle in moving to a [Beyond Corp][5] model, that I believe is the future of enterprise networks.
In early January, Ben Claussen reported that there was a date formatting issue in Posh-SYSLOG, I've released Posh-SYSLOG 3.2.1 to address these issues.
When I initially developed Posh-SYSLOG, I didnāt correctly follow RFC 3164. The timestamps sent had a leading zero for dates less than 10, but the RFC states this should be a leading space. I donāt know how much this impacted some users, and apologise for any issues.
Over the Christmas break, I had a few hours to spare and tackled a few issues in some of my PowerShell modules. Iāve released Posh-SYSLOG 3.2 as a resolve of this.
This version removes the need to call Get-NetAdapter that's contained in the NetTCPIP module. The reason why I wanted to remove this dependency is to allow Posh-SYSLOG to run on PowerShell 6 (at least on Windows to start with).
Unless you have been living under a rock or in a case, you have probably heard of the CPU vulnerabilities: Meltdown and Spectre. Thereās been quite a lot of media hype, you could be forgiven thinking that these are world-ending bugs. My opinion, and that of others is that this isnāt something to panic over.
Just a quick note to announce that I've released an update for my Posh-SYSLOG module, version 3.1.1
The module fixes issues with PowerShell 4.0 support as reported by Cristiano Guadagnino and Brian Napolitano. As always, a huge round of thanks goes out to the pair for discovering the issue, pointing me in the right direction to fixing the issue and testing the fixes.
Between personal, community and team projects, I am involved in the maintenance of over 30 PowerShell modules. I have two recommendations to anyone starting with PowerShell, read the community style and formatting guidelines, and most importantly, standardise your work. I have developed a structure for all of my projects over the years, and now that I am performing more mentoring and code reviews I thought I would share some of my tips.
Several days ago, a post titled: Microsoft Resnet - DNS Configuration Web Vulnerabilitygrabbed my interest. It has an innocuous title, and I hadnāt recalled anyone else talking about a Microsoft DNS Vulnerability. The post wasn't that long, the description and the proof-of-concept are only a few paragraphs in length; however what I did discover was an interesting vulnerability, one that, I feel, is going to become more and more prevalent with the use of Platform As A Service (PaaS) technologies like Azure App Services.
