%20So.jpg)
It is not a proffesional solutions, but the result is very good if you have a few time or experience.
It's usually a video for someone special, and I have to search through all the photos where they appear, so I've been looking for tools to help me.
DIGIKAM (free use). This program searches for faces and classifies them; then it's very easy to search all the photos of a specific person.
%20So.jpg)
by GoN | Published: Oct 2025 | Last Updated:
Purpose
Warning message before LOGON and information from the latest LOGON to the system
Steps
Apply this GPO to the OU where the PCs are located
* Message before LOGON
Policies->Windows Settings->Security Settings->Local Policies/Security Options->Interactive Logon
Policies->Windows Settings->Security Settings->Local Policies/Security Options-> Administrative templates-> Windows Components/ Options start Windows Sesion
The final GPO
by FF & Gon | Published: Oct 2025 | Last Updated:
Purpose
Make a full Wifi configuration report
Steps
COMMAND: netsh wlan show wlanreport
by GoN | Published: Oct 2025 | Last Updated:
Purpose
Show Wifi's SID:
Command: netsh wlan show profiles
GoN | Published: Oct 2024 | Last Updated: 
Purpose
Compliance with the minimum standards established in the ENS (National Security Scheme) Spain.
Explanation :"Tool for assessing the technical security features defined by Royal Decree 3/2010, updated by Royal Decree 311/2022, which regulates the National Security Framework for e-Government. The compliance analysis is based on the standards provided by the security templates in the specific guides for the 500, 600, and 800 series."
There are Windows and linux versions
Link: https://www.ccn-cert.cni.es/es/soluciones-seguridad/clara?format=html
Steps
by GoN | Published: Oct 2025 | Last Updated:Como instalar un programa remoto en PS.
En este caso vamos a poner un ejemplo de como instalar el cliente de Wazuh en una red de servidores con comandos de PS.
La idea es desde un servidor central (Servidor1) lanzar la instalación del programa en varios servidores remotos.
Solo necesitaremos lanzar el script desde un servidor abriendo una consola de Powershell
Necesitaremos antes algunos preparativos previos:
Preparativo 1: Preparamos el script que se ejecutará en los servidores locales
Preparativo 2: Preparamos el script que se lanzará la instalación a los servidores remotos
Preparativo 3: Prepararemos el listado de host a los que instalaremos el programa.
Paso 1: Ejecutamos el proceso
Preparativo 1: Preparamos el script que se ejecutará en los servidores locales
Se debe copiar en una ruta donde todos los hosts tengan acceso, en este ejemplo la dejaremos en:
\\Domain.local\SYSVOL\Domain.LOCAL\MovApp\SIEM\Wazuh_agent_4.12.ps1
FICHERO: SIEM\Wazuh_agent_4.12.ps1
|
# PowerShell Script
# --- Guard clause: salir si Wazuh
ya está instalado --- $svc = Get-Service -Name
'WazuhSvc' -ErrorAction SilentlyContinue $agentDir =
"${env:ProgramFiles(x86)}\ossec-agent"
if ($svc -or (Test-Path
"$agentDir\client.keys")) { Write-Output "Wazuh Agent ya instalado. Saliendo." exit 0 } # --- fin guard clause ---
# PowerShell Script
# Define el nombre del host $hostname =
[System.Net.Dns]::GetHostName()
# Descarga el instalador del agente Wazuh de la web del
fabricante Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.12.0-1.msi -OutFile $env:tmp\wazuh-agent;
# Instala el agente Wazuh con el nombre del host como el nombre
del agente msiexec.exe /i
$env:tmp\wazuh-agent /q WAZUH_MANAGER='192.168.x.x'
WAZUH_AGENT_GROUP='default' WAZUH_AGENT_NAME=$hostname
#Pausa de 10 segundos antes de iniciar el servicio Start-Sleep -Seconds 10
Write-Host " Inicializamos el servicio1. Puede dar error " NET START WazuhSvc Write-Host " Inicializamos el servicio2 " Start-Sleep -Seconds 10 Start-Service -Name
"WazuhSvc" Set-Service -Name
"WazuhSvc" -StartupType Automatic #Fin de Servicio instalado
#ejecución remota de executable
Start-Sleep -Seconds 5 Write-Host "Intento de conexión con el servidor
Wazuh..."
$exePath = "C:\Program Files
(x86)\ossec-agent\agent-auth.exe"
# Desbloquear el ejecutable si fue descargado Unblock-File -Path $exePath
# Ejecutar el agente con argumentos Start-Process -FilePath $exePath
-ArgumentList "-m 10.115.79.215" -Wait -NoNewWindow
Write-Host "Verifica el servio instalado" $svc = Get-Service -Name
'WazuhSvc' -ErrorAction SilentlyContinue $agentDir =
"${env:ProgramFiles(x86)}\ossec-agent"
if ($svc -or (Test-Path
"$agentDir\client.keys")) { Write-Output
"Verifica Wazuh Agent -> instalado OK. Saliendo." } # --- fin guard clause ---
|
Preparativo 2: Preparamos el script que se lanzará la instalación a los servidores remotos
Este es el único script que ejecutaremos.
FICHERO: InstallRemoto.ps1
|
# Ruta
al archivo de servidores $servidores
= Get-Content "servidores.txt" # Ruta
del script a copier, en una ruta donde accedan todos los hosts $scriptPath = \\YYYYY.local\SYSVOL\XXXX.LOCAL\MovApp\SIEM\Wazuh_agent_4.12.ps1 foreach ($serverName in $servidores) { Write-Host "
Iniciando despliegue en ${serverName}..." -ForegroundColor Cyan try { # Crear
sesión remota con credenciales actuales $session
= New-PSSession -ComputerName $serverName # Crear carpeta en
remoto Invoke-Command
-Session $session -ScriptBlock { $folder =
"C:\tmp" if (-Not
(Test-Path $folder)) { New-Item -Path
$folder -ItemType Directory } } # Copiar el script al servidor remoto
usando ruta UNC $remoteScriptPath
= "\\${serverName}\C$\tmp\Wazuh_agent_4.12.ps1" Copy-Item -Path
$scriptPath -Destination $remoteScriptPath # Ejecutar el script
en remoto Invoke-Command
-Session $session -ScriptBlock { &
"C:\tmp\Wazuh_agent_4.12.ps1" } Write-Host "
Despliegue completado en ${serverName}" -ForegroundColor Green } catch { Write-Host " Error en el
despliegue en ${serverName}: $_" -ForegroundColor Red } finally { # Cerrar sesión remota if ($session) { Remove-PSSession
$session } } } Write-Host
"Despliegue finalizado en todos los
servidores." -ForegroundColor Yellow |
|
|
Es muy importante que los nombres no
tengan espacios en blanco
%20-%20Word.jpg)
%20-%20Word.jpg)
%20-%20Word.jpg)
by GoN | Published: Sep 2025 | Last Updated:Purpose
P2P Blocking (Peer-to-Peer Blocking): Found in the advanced settings of a WLAN profile. When enabled (e.g., set to Drop), it blocks direct communication between WiFi clients connected to the same access point managed by the same WLC.
AP Isolation (common in consumer-grade or SMB routers): Prevents clients connected to the same access point from seeing or interacting with each other. This is useful in public or shared environments like cafés, hotels, or conferences, where you want to prevent attacks like ARP spoofing or traffic sniffing.
While there isn’t a literal command called ISOLATION, the effect is achieved through configurations such as:
P2P Blocking Action in the WLAN settings → can be set to Drop or Forward.
On switches, a similar effect is achieved using switchport protected, but in WiFi it’s handled at the SSID and controller level.
In public or shared networks where clients shouldn’t interact.
In enterprise environments with strict security policies.
To protect IoT or smart devices that don’t need to communicate with each other.
by GoN | Published: Oct 2025 | Last Updated:Excel Spanish version.
Purpose
Os pongo algunos ejemplo útiles para unificar información siguiendo diferentes criterios.
Para unir los valores de la columna B cuando en la columna A aparece el texto "Submitted Data",:
=UNIRCADENAS(";" ; VERDADERO ; FILTRAR(B1:B100 ; ESNUMERO(HALLAR("Submitted Data" ; A1:A100))))
Para unir los valores de la columna B cuando en la columna A aparece el texto "Submitted Data" y en la columna D aparece "1-ESP",
=UNIRCADENAS(";" ; VERDADERO ; FILTRAR(B1:B100 ;(A1:A100="Submitted Data")*(D1:D100="1-ESP")))
Para unir los valores de la columna B cuando en la columna A NO aparezca el texto "Submitted Data"
=UNIRCADENAS(";" ; VERDADERO ; FILTRAR(B1:B100 ; A1:A100<>"Submitted Data"))
Para unir los valores de la columna B cuando en la columna A NO aparezca el texto "Submitted Data" y en la columna D aparezca "1-ESP"
=UNIRCADENAS(";" ; VERDADERO ; FILTRAR(B2:B1500 ;(A2:A1500<>"Submitted Data")*(D2:D1500="1-ESP")))
by GoN | Published: Oct 2025 | Last Updated:Recommendation for replacing the cell phone of a senior official in the company.
Many of our executives not only manage business issues through their phones, but sometimes also participate in other forums as consultants, managers, politicians, etc.
In these cases, the cell phones they use are not just personal tools, but strategic resources for operational continuity and ensuring functional availability in crisis scenarios.
The mobile devices of senior executives are prime targets for malicious actors. Regularly updating them allows us to eliminate potential malware persistence that goes undetected with conventional antivirus, prevent hardware vulnerabilities (such as compromised chips or outdated firmware) from remaining in use, and ensure that devices are free of physical or logical backdoors that could have been introduced during international travel, Wi-Fi access (especially uncontrolled ones), or in uncontrolled environments. In short, it's about eliminating accumulated attack vectors.
Newer mobile models incorporate more secure processors, with dedicated security enclaves, and better support for encryption, advanced biometrics, and multi-factor authentication. In regulated environments (ISO 27001, ENS, GDPR, etc.), this practice can be considered a proactive measure for protecting personal and corporate data.
The cost of a security incident on an executive mobile phone can be exponentially higher (data breach, blackmail, loss of reputation) than replacing the device.
In some companies, whether to use the latest model or as a precaution, this practice is done sporadically.
by GoN | Published: Oct 2025 | Last Updated: