Tutorial Geek wishes you a Merry Christmas!

I want to wish everyone a Merry Christmas! I love this time of year and hope that everyone is finding joy and happiness!On my personal blog, I just wrote about the true meaning of Christmas from a different perspective (in China). You can read it here if you would li...

Read More

One liners for retrieving Windows TCP/IP and IP Address information

One liners for retrieving Windows IP Address information from Powershell v3.0:gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input}}gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input}} | fl *gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input | Select -ea 0 IP,DHCP,DNS,WINS}}gwmi -class Win32_NetworkAdapter |  % {If ($_.NetEnabled) {$input | Select Caption, Name, Speed, TimeOflastReset,Net*}}gwmi -class Win32_NetworkAdapterConfiguration...

Read More

One of the many reasons I love Google

This is a picture of my bathroom here in China. Nothing special really (other than the fact that I moved into a really nasty apartment with a nasty bathroom). Nothing special I thought.This is why Google is so cool.I recently upgraded Picasa to the newest version. I decided to go through and use Picasa to organize some of my contacts with faces. It was when I was doing this that Picasa brought up this photo for me to tag. My initial response was...

Read More

FileVersionInfo Part II

# Powershell v3.0 code# Recurses current directory to gather file version information of a boolean property# Returns number of Debug,Patched,PreRelease,Private,Special builds# Creates csv of those properties in current directory# Takes up to three arguments:# [mandatory]$filename (e.g. *.dll),$exportflag (e.g. "0" to output csv;default is off), $filetime (default is now)function Global:Get-fileinfo {[CmdletBinding()] Param( [Parameter(ValueFromPipeline=$true)] [object]$filename, [bool]$exportflag=1, $filetime=[DateTime]::Now.ToFileTime()...

Read More

FileVersionInfo Part I

Retrieving FileVersionInfo in Powershell involves calling [System.Diagnostics.FileVersionInfo]::GetVersionInfo(). "ls ' or 'Get-childitem' has a scriptproperty named "VersionInfo" that can be used for this:PS C:\ps1> $a=ls -recurse | % {$_.VersionInfo}TypeName   : System.IO.FileInfoName       : VersionInfoMemberType : ScriptPropertyDefinition : System.Object VersionInfo {get=[System.Diagnostics.FileVersionInfo]::GetVersionInfo($this.FullName);} System.Diagnostics.FileVersionInfo contains five boolean properties...

Read More

Mandiant Webinar Wednesday; Help Us Break a Record!

I'm back for the last Mandiant Webinar of the year, titled State of the Hack: It's The End of The Year As We Know It - 2011. And you know what? We feel fine! That's right, join Kris Harms and me Wednesday at 2 pm eastern as we discuss our reactions to noteworthy security stories from 2011. Register now and help Kris and me beat the attendee count from last month's record-setting Webinar. If you have questions about and during the Webinar, you...

Read More

Tripwire Names Bejtlich #1 of "Top 25 Influencers in Security"

I've been listed in other "top whatever" security lists a few times in my career, but appearing in Tripwire's Top 25 Influencers in Security You Should Be Following today is pretty cool! Tripwire is one of those technologies and companies that everyone should know. It's almost like the "Xerox" of security because so many people equate the idea of change monitoring with Tripwire. So, I was happy to see my twitter.com/taosecurity feed and the taosecurity.blogspot.com...

Read More

Become a Hunter

Earlier this year SearchSecurity and TechTarget published a July-August 2011 issue (.pdf) with a focus on targeted threats. Prior to joining Mandiant as CSO I wrote an article for that issue called "Become a Hunter":IT’S NATURAL FOR members of a technology-centric industry to see technology as the solution to security problems. In a field dominated by engineers, one can often perceive engineering methods as the answer to threats that try to steal,...

Read More