• Camera Gear

    I'm going to start posting some of my photography on this site as well, I know I don't post on here very much but this will help add some more content and also break up the IT-related posts. This post is going to serve as a living document of the camera gear I use for Photography/Video work. I recently made a platform change, switching from my trusty Canon 60D which I had for just about 6 years, to a Sony a7ii. Because of this change I don't have quite the same amount of gear I once had, but that will be changing gradually as time goes on (hell, I had…

  • Two-Factor Authentication

    Two-factor Authentication (2FA) or Multi-Factor Authentication is the ability to use at least two forms of authentication for a login. This adds an extra layer of security to your accounts for very little effort applied. This post will cover some of the methods available for client-side 2FA, as well as the pros and cons of each method. Implementing server-side 2FA will come in a later post, and will provide a more in depth look at setting up things like TOTP, SMS, and Email on the server-side. The most common method as a second form of authentication is SMS, where a code is sent to a phone number that was specified…

  • Secure Your Clients by Disabling SSL

    At this point SSLv3 is somewhat old news, but there are still businesses that have SSLv3 (and worse, sometimes SSLv2) accepted on their client machines, this can lead to a multitude of security vulnerabilities that can be easily exploited (i.e. POODLE). The purpose of this post is to show you how to disable the insecure protocols on standalone workstations or via Group Policy if you are on a corporate network with a domain controller.

  • Disabling AutoPlay and Autorun

    In very recent news you have likely heard of someone putting infected USB drives into mailboxes, although this is happening in Australia it is still incredibly relevant no matter where in the world you may be. It is always in good practice to never, and I mean never, plug in a random USB thumb drive you might have found out in the wild. This is one of the tried and true methods that gets malware installed on your computer because of a built-in “feature” of Windows called AutoPlay in addition to AutoRun, and also because most people will think one of two things: Oh, free thumb drive! Oh, someone might have…

  • Force JS Files to Open in Notepad

    This post will cover how to change Folder options via Group Policy to force JavaScript (JS/JSE) files to open in Notepad instead of being executed on the workstation. The reasoning behind this is because JS files can potentially be malicious, and JS files can be executed simply be double-clicking on them. This method will make it so that JS files will never be executed accidentally.

  • Blocking Office 2010 Macros

    One of the most effective ways to protect your company and its computers is to implement the blocking of macros in Microsoft Office documents (this includes: Word, PowerPoint, Excel, Publisher, Outlook, Access, and Visio). Blocking macros is a relatively straight-forward and simple process as it can be done via Group Policy, and that is what I will be covering in this post.

  • Introduction

    First of all, I’d like to welcome you to my blog. Obviously you’ve come here for some reason, that likely being your want or need for facts or opinions on Information Security (InfoSec). Well, you have come to the right place. Now let me provide an introduction: My name is James Montour, I am a Systems Administrator that presently works for a financial institution. I’ve worked as a Systems Administrator officially for just about 2 years now, with miscellaneous IT work done prior. I technically have no formal IT education, with the exception of a Computer Programming certificate I received… Funnily enough, my two degrees are actually both in Video Production.…