Norbert Klasen

Contact Norbert Klasen

Member since
12/11/2007

About Norbert Klasen

Norbert Klasen works as a Senior Consultant in the Identity and Security practice of NetIQ Professional Services in Germany. His focus is on Identity as well as Security Information & Event Management with Identity Manager and Sentinel.

User Points

0 points earned on legacy (former) Cool Solutions site
665 points earned on this site

Author Archives

Getting the raw data that caused an event in Sentinel is rather cumbersome. The script presented here will automate this process.

Jun 3, 2015
4:34 pm
Reads:
478
Score:
Unrated

CVE-2014-6324 allows remote elevation of privilege in domains running Windows domain controllers. An attacker with the credentials of any domain user can elevate their privileges to that of any other account on the domain (including domain administrator accounts). In part 1 I discussed how to to detect attempts to exploit this vulnerability on domain controllers…

+ read more

Dec 2, 2014
9:39 am
Reads:
1,134
Score:
5

CVE-2014-6324 allows remote elevation of privilege in domains running Windows domain controllers. An attacker with the credentials of any domain user can elevate their privileges to that of any other account on the domain (including domain administrator accounts). After installing the update MS14-068, for Windows 2008R2 and above, the 4769 “Kerberos Service Ticket Operation” event…

+ read more

Nov 21, 2014
12:44 pm
Reads:
1,388
Score:
5

This proof-of-concept Sentinel Collector provides data-capture capabilities for Centrify DirectControl and related products.

May 2, 2014
12:23 pm
Reads:
1,440
Score:
5

This sheet allows use to calculate the values needed to be entered into an input file for the Sentinel mapping service that will map IP networks/zones to a name. With Sentinel 7.1.0.1 the mapping service now natively supports IPv4 ranges. NetIQ does not test or validate any software, code or other materials provided in, on…

+ read more

Dec 21, 2012
4:52 am
Reads:
1,291
Score:
4

Sentinel Taxonomy from http://www.novell.com/developer/plugin-sdk/sentinel_taxonomy.html in an Excel sheet. NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure that you have reasonable and current security, spyware and anti-virus…

+ read more

Oct 4, 2012
1:04 pm
Reads:
1,155
Score:
Unrated

Ever had a hard time to find out whether all the plugins in your Sentinel installation were up-to-date? The this report might help you. It retrieves all the installed plugin versions from your system and compares that to what we have published on http://support.novell.com/products/sentinel/secure/sentinelplugins.html. This page gets its data from several XML files. One for…

+ read more

Oct 2, 2012
8:47 am
Reads:
1,156
Score:
Unrated

This proof-of-concept grade collector pulls events from an Microsoft SQL Server and works with SEP 11 and 12 NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure…

+ read more

Sep 5, 2012
8:40 am
Reads:
1,082
Score:
Unrated

This report provides summary of currently known vulnerabilities on hosts. The summary table shows top 10 hosts by number of vulnerabilities. The detailed report shows details for each host. The details include vulnerability name and severity grouped by IP Address. Changelog 2011.1r2: Updated to use header and footer subreports NetIQ does not test or validate…

+ read more

Aug 21, 2012
3:27 pm
Reads:
1,174
Score:
Unrated

This report shows the details for a specific incident. NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure that you have reasonable and current security, spyware and…

+ read more

Aug 21, 2012
2:52 pm
Reads:
1,129
Score:
Unrated