Norbert Klasen

Contact Norbert Klasen

Member since
12/11/2007

About Norbert Klasen

Norbert Klasen works as a Senior Consultant in the Identity and Security practice of NetIQ Professional Services in Germany. His focus is on Identity as well as Security Information & Event Management with Identity Manager and Sentinel.

User Points

0 points earned on legacy (former) Cool Solutions site
405 points earned on this site

Author Archives

CVE-2014-6324 allows remote elevation of privilege in domains running Windows domain controllers. An attacker with the credentials of any domain user can elevate their privileges to that of any other account on the domain (including domain administrator accounts). In part 1 I discussed how to to detect attempts to exploit this vulnerability on domain controllers…

+ read more

Dec 2, 2014
9:39 am
Reads:
503
Score:
5

CVE-2014-6324 allows remote elevation of privilege in domains running Windows domain controllers. An attacker with the credentials of any domain user can elevate their privileges to that of any other account on the domain (including domain administrator accounts). After installing the update MS14-068, for Windows 2008R2 and above, the 4769 “Kerberos Service Ticket Operation” event…

+ read more

Nov 21, 2014
12:44 pm
Reads:
723
Score:
5

This proof-of-concept Sentinel Collector provides data-capture capabilities for Centrify DirectControl and related products.

May 2, 2014
12:23 pm
Reads:
873
Score:
5

This sheet allows use to calculate the values needed to be entered into an input file for the Sentinel mapping service that will map IP networks/zones to a name. With Sentinel 7.1.0.1 the mapping service now natively supports IPv4 ranges. NetIQ does not test or validate any software, code or other materials provided in, on…

+ read more

Dec 21, 2012
4:52 am
Reads:
818
Score:
4

Sentinel Taxonomy from http://www.novell.com/developer/plugin-sdk/sentinel_taxonomy.html in an Excel sheet. NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure that you have reasonable and current security, spyware and anti-virus…

+ read more

Oct 4, 2012
1:04 pm
Reads:
710
Score:
Unrated

Ever had a hard time to find out whether all the plugins in your Sentinel installation were up-to-date? The this report might help you. It retrieves all the installed plugin versions from your system and compares that to what we have published on http://support.novell.com/products/sentinel/secure/sentinelplugins.html. This page gets its data from several XML files. One for…

+ read more

Oct 2, 2012
8:47 am
Reads:
711
Score:
Unrated

This proof-of-concept grade collector pulls events from an Microsoft SQL Server and works with SEP 11 and 12 NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure…

+ read more

Sep 5, 2012
8:40 am
Reads:
653
Score:
Unrated

This report provides summary of currently known vulnerabilities on hosts. The summary table shows top 10 hosts by number of vulnerabilities. The detailed report shows details for each host. The details include vulnerability name and severity grouped by IP Address. Changelog 2011.1r2: Updated to use header and footer subreports NetIQ does not test or validate…

+ read more

Aug 21, 2012
3:27 pm
Reads:
731
Score:
Unrated

This report shows the details for a specific incident. NetIQ does not test or validate any software, code or other materials provided in, on or through NetIQ Cool Solutions (collectively, “Materials”), so please use caution when downloading or accessing any Materials from Cool Solutions and ensure that you have reasonable and current security, spyware and…

+ read more

Aug 21, 2012
2:52 pm
Reads:
696
Score:
Unrated

[Update March 2014] Syslog support has been included into the released collector. Please see http://support.novell.com/products/sentinel/secure/sentinelplugins.html This is a customized collector for Orcale Database based on the the 2011.r1 collector template and with support for the Sentinel 7 event schema. It was derived from the official 6.1r2 version. It includes the following changes: support for Operating…

+ read more

Aug 21, 2012
10:37 am
Reads:
945
Score:
5