powershell drink the kool aid n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
PowerShell: Drink the Kool-Aid ! PowerPoint Presentation
Download Presentation
PowerShell: Drink the Kool-Aid !

Loading in 2 Seconds...

play fullscreen
1 / 21

PowerShell: Drink the Kool-Aid ! - PowerPoint PPT Presentation


  • 119 Views
  • Uploaded on

PowerShell: Drink the Kool-Aid !. Who we are…. HardBit Team. Wayne Pruitt The Lead Geek of the Hardbit Solutions team MCAD, MCSD, MCDBA, C|EH, E|CSA, C|HFI, and E|CIH.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'PowerShell: Drink the Kool-Aid !' - helena


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
powershell drink the kool aid
PowerShell:

Drink the Kool-Aid!

hardbit team
HardBit Team

Wayne Pruitt

The Lead Geek of the Hardbit Solutions team

MCAD, MCSD, MCDBA, C|EH, E|CSA, C|HFI, and E|CIH.

Over the past 12 years he has held many jobs supporting a variety of roles within the Federal Government ranks; ranging from system administrator, security administrator, developer and several IT manager roles.

Zack Wojton

CTO of the Hardbit Solutions team

Bachelors of Science in Information Technology (BSIT), MCSA, ICND, G2700, C|EH, E|CSA, and C|HFI certifications

A night owl, that believes in life-long learning. Has over a decade of IT security under his belt, held more IT related jobs than they have certifications for, and believes security is where it all comes together.

what this presentation is not
What this presentation is “NOT”

Not intended to make you a programmer

Not a deep-dive

Will Not make you an expert

We are not affiliated with any sweet rich vendors

what is powershell
What is PowerShell?
  • Command-Line Shell
  • Built on .NET framework CLR
  • cmdlets? We don’t need no stinking cmdlets!
  • New tools for managing / configuring Windows
  • Some *nix folks even use it!
why should you care
Why should you care?
  • PowerShell is native
  • PowerShell can save you time
  • PowerShell can save you $
  • PowerShell can be used for remote administration
  • Totally help you do sweet stuff
  • PowerShell rocks
powershell head first
PowerShell: Head First
  • Where to begin
  • No book necessary (though there are some sweet ones)
    • Get-Help
    • Get-Help About_*
    • Get-Command
    • Get-Member
    • Get-PSDrive
powershell basic syntax
PowerShell Basic Syntax
  • Get-service
  • Get-service | where-object –FilterScript { $_.status –eq ‘Running’ }
  • {} used to add script
  • $_ = single row of data (exp: one line of get-process)
  • . = says work with one column (access particular method or data)
powershell example
PowerShell Example
  • Get-Process | sort-object –property VM –descending | select-object –first 10 | get-member
  • Get-Process | sort-object –property VM –descending | select-object –first 10 –property company, Name, ID , Path
  • *output is truncated, ‘enters: Out-Gridview’
cool cool cool trick
Cool coolcool trick!
  • Get-process | measure-object

–property pm –sum –average –min -max

powershell one liners
PowerShell One Liners
  • Get-WMIObject -list
  • Gwmi–class win32_logicaldisk
  • Get-wmiobject win32_BIOS –computer PCName | select serialnumber
  • Get-wmiobject win32_operatingsystem –computer PCName | select ServicepackMajorVersion.buildnumber
powershell script execution
PowerShell Script Execution
  • Cannot run scripts by default
  • Set-executionpolicyremotesigned
    • Allows all local script to run without digital signature
    • *HKLM setting!*
    • Can be overridden by GPO
powershell for admins putting it all together
Powershell for Admins:Putting it all together
  • System Inventory
  • System Management
  • Account Management
  • Log Review
powershell for ir
Powershellfor IR
  • Processes
  • Promiscuous Mode
  • Restore Points
  • File Info
  • User History
powershell for compliance
Powershellfor Compliance
  • What server-roles are installed?
  • Is the computer joined to a domain?
  • Are security updates installed on a regular basis?
  • How many users are in the "administrator" group?
slide17
PCAT

Sneak Preview!

resources
Resources
  • HardbitSolutions.com
  • Newsgroup: Microsoft.Public.Windows.PowerShell
  • Team blog:
    • http://blogs.msdn.com/PowerShell/
  • PowerShellCommunity.Org:
    • http://www.PowershellCommunity.Org
  • Channel 9
    • http://channel9.msdn.com/tags/PowerShell
  • Wiki
    • http://channel9.msdn.com/wiki/default.aspx/Channel9.WindowsPowerShellWiki
  • Script Center:
    • http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx
  • CodePlex:
    • http://codeplex.com/Project/ProjectDirectory.aspx?TagName=powershell
  • Many excellent books
    • Manning Press book by PowerShell Dev Lead Bruce Payette: PowerShell in Action
      • http://manning.com/powershell/
    • O’Reilly book by PowerShell Dev Lee Holmes – Windows PowerShell Cookbook
      • http://www.oreilly.com/catalog/9780596528492/index.html