Martin Bengtsson’s Post

Everyone installs an ad blocker on their personal device(s). So why do I rarely see orgs installing an adblocker through Intune? Martin Bengtsson has a (very easy to follow!) guide :) And yes, uBlock -gt smartscreen/defender

Windows 11 Build 26220.7344: Navigating the Security Landscape of Native AI and Platform Unification Microsoft's recent release of Windows 11 Insider Preview Build 26220.7344 (KB5070316) for the Dev and Beta Channels, on December 5, 2025, marks a pivotal moment for the operating system's architecture and, consequently, its security posture. This update introduces significant new features, most notably native support for the Model Context Protocol (MCP), the Unified Update Orchestration Platform (UUOP), and Windows MIDI Services....

𝗟𝗶𝗻𝘂𝘅 𝗠𝗮𝘀𝘁𝗲𝗿𝘆 𝗨𝗽𝗱𝗮𝘁𝗲 - 𝗟𝗶𝗻𝘂𝘅 𝘀𝘁𝗼𝗿𝗮𝗴𝗲 𝗮𝗻𝗱 𝗱𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁  This session focused on building a solid mental model around: • Disks vs partitions vs filesystems • How mount points work and why Linux doesn’t use drive letters • The role of the EFI System Partition (/𝗯𝗼𝗼𝘁/𝗲𝗳𝗶) in UEFI-based systems • Why tools like 𝗹𝘀𝗯𝗹𝗸, 𝗱𝗳 -𝗵, and 𝗱𝘂 -𝘀𝗵 exist — and when to use each one Hands-on analysis included: • Mapping physical NVMe disks to partitions and mount points • Differentiating between what exists (𝗹𝘀𝗯𝗹𝗸) and what is usable (𝗱𝗳 -𝗵) • Tracing real disk usage at the directory level using 𝗱𝘂  • Identifying common growth areas such as /𝗵𝗼𝗺𝗲, /𝘃𝗮𝗿, /𝘀𝗻𝗮𝗽, and 𝘀𝘄𝗮𝗽 • Understanding why unmounted partitions (e.g., Windows volumes - I dual boot into Linux and windows) are detected but inaccessible This session reinforced an important systems principle: 𝙔𝙤𝙪 𝙘𝙖𝙣’𝙩 𝙩𝙧𝙤𝙪𝙗𝙡𝙚𝙨𝙝𝙤𝙤𝙩 𝙨𝙩𝙤𝙧𝙖𝙜𝙚 𝙞𝙨𝙨𝙪𝙚𝙨 𝙚𝙛𝙛𝙚𝙘𝙩𝙞𝙫𝙚𝙡𝙮 𝙪𝙣𝙡𝙚𝙨𝙨 𝙮𝙤𝙪 𝙪𝙣𝙙𝙚𝙧𝙨𝙩𝙖𝙣𝙙 𝙝𝙤𝙬 𝙇𝙞𝙣𝙪𝙭 𝙡𝙖𝙮𝙚𝙧𝙨 𝙙𝙞𝙨𝙠𝙨, 𝙛𝙞𝙡𝙚𝙨𝙮𝙨𝙩𝙚𝙢𝙨, 𝙖𝙣𝙙 𝙢𝙤𝙪𝙣𝙩𝙨 𝙩𝙤𝙜𝙚𝙩𝙝𝙚𝙧. These fundamentals directly translate to: • Systems administration • Cloud VM management (EC2, block storage) • Incident response and disk-related outages • Security investigations involving filesystems #Linux #SystemsAdministration #CloudComputing #Cybersecurity #ITInfrastructure #LearningInPublic #DevOps #LinuxAdmin

🧠 12 Basic Networking Commands Every Linux User Should Know Whether you're a sysadmin, DevOps engineer, or just diving into Linux, mastering these commands is non-negotiable. They’re your first line of defense when diagnosing connectivity issues, monitoring traffic, or configuring networks. Here’s a quick rundown: 1. ping – Check connectivity to a host. 2. ifconfig / ip – View and configure network interfaces. 3. netstat – Display network connections and routing tables. 4. ss – Modern replacement for netstat, faster and more detailed. 5. traceroute – Track the path packets take to a destination. 6. nslookup / dig – DNS lookup tools. 7. hostname – Show or set the system’s hostname. 8. curl / wget – Fetch data from URLs, test endpoints. 9. nmap – Powerful network scanner for security and diagnostics. 10. tcpdump – Capture and analyze network packets. 11. iptables – Configure firewall rules. 12. whois – Get domain registration info. 🛠 These commands are baked into most Linux distros and can save hours of troubleshooting. #LinuxTips #NetworkingBasics #SysAdminLife #DevOpsTools #OpenSource #LinuxCommands #TechEducation #FOSS #TerminalSkills #CyberSecurity #LinuxNetworking #CommandLineMastery.

Sysinternals Sysmon become a native part of Windows! Sysmon has been a cornerstone for advanced security monitoring since its inception in 2014, surfacing suspicious operations like process tampering, file shredding, and capturing critical artifacts. Its granular configuration and filtering have empowered security teams to focus on what truly matters without impacting performance. Now, with Sysmon integrated into Windows: ✅ Updates are automatic ✅ Maintenance is simplified ✅ Backed by full Microsoft Support This is a huge win for enterprise security teams managing scale and complexity. And the best part? This is just the beginning. Future enhancements will make Sysmon’s native capabilities even more powerful, driving deeper visibility and resilience across Windows environments. How do you see this impacting your security operations strategy? Will native Sysmon change how you approach endpoint monitoring?

Microsoft’s December Patch Tuesday lands with urgency, delivering fixes for three actively exploited zero-days—including a dangerous flaw that lets attackers hijack Windows devices with alarming ease.

Excited to share my latest project: A complete Active Directory home lab built with VMware Workstation! I set up a Windows Server 2022 Domain Controller with dual NICs, RAS/NAT for internet sharing, DHCP scoping, AD DS promotion, and a PowerShell script to auto-create 1,000+ users. Then joined a Windows 11 client to the domain and logged in with generated accounts—simulating a real corporate network. Full walkthrough + scripts here: https://lnkd.in/g3X-meKi Skills honed: • Active Directory management (AD DS installation, domain promotion, user/OUs/groups, domain joining) • Networking & virtualization (VMware networks, NAT/routing, static IPs, DHCP scopes) • PowerShell automation (bulk user creation and admin tasks) #CyberSecurity #InfoSec #SysAdmin #Homelab #ActiveDirectory #WindowsServer #PowerShell #VMware #Networking #IT

🌐 Network Shield – DoS Alert System Built a lightweight DoS detection & alerting system that monitors real-time traffic and identifies ICMP-flood–based attacks with high accuracy. Tech Stack & Tools Used: Snort IDS • Custom Snort Rules • Nginx Web Server • NTFY Notifications GNS3 Virtual Network • Ubuntu • Bash Scripting Routers • Switches • NAT • Traffic Simulation Focused on: Real-time packet monitoring, anomaly detection, custom rule tuning, and instant alerting through NTFY. A complete end-to-end setup designed inside a virtual network environment replicating real-world traffic flow. ✨ #cybersecurity #networksecurity #DoS #snort #gns3 #linux #projects #techjourney

Windows 11 users are discovering a “free” NVMe speed boost via a registry tweak that enables Microsoft’s newer native NVMe driver (originally for Windows Server 2025). Benchmarks show big wins in *random* workloads (even up to ~85% random write in one test) — aka the stuff that can make systems feel snappier. Before we all go full “+85% dopamine,” a few things to be concerned about: - **It’s a hacked/unsupported path**: great for experimenting, risky for machines you rely on. - **Tooling compatibility**: SSD utilities (Samsung Magician, WD Dashboard, etc.) may misbehave because they aren’t expecting this driver stack. - **Benchmarks ≠ business value**: sequential gains are often modest; real-world impact varies a lot by workload (servers/DB/VMs benefit more than typical desktops). Curious where this goes — especially once vendors and management tools catch up. Security is a streak you can’t afford to break. #Windows11 #NVMe #SSD #Storage #Performance #SysAdmin #ITInfrastructure #WindowsServer #Benchmarking #CyberSecurity #RiskManagement #Tomshardware

My AthenaOS Linux Experience ⚡ AthenaOS is not a casual Linux distro — it’s built for power, operations, and serious tooling. What impressed me most: 🚀 Powerful tools out of the box Security, networking, system analysis, and performance tools — ready from day one. ⚙️ Operation-focused design Ideal for real-world tasks: audits, monitoring, debugging, automation, and long-running workflows. 🧠 Arch-based control Rolling release, AUR access, full flexibility — without unnecessary bloat. ⌨️ Terminal-first workflow Perfect for tmux/screen, Neovim, custom shells, and deep system work. AthenaOS is for users who want full control, speed, and capability — not hand-holding. #AthenaOS #Linux #ArchLinux #PowerUser #DevOps #CyberSecurity #SystemEngineering #OpenSource