| Security – Sudo vulnerability allows privilege scalation |
A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability as soon as possible.
Read more:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
$ sudoedit -s /
sudoedit: /: not a regular file
$ sudo apt update
$ sudo apt install sudo
$ sudoedit -s |
| Security – Error installing Kali: “Installation step failed” |
When I was installing a Kali virtual machine, I came across an error in the “Software selection” step
After confirming the software, the installation shows an “Installation step failed” message.
After browsing through some sites and forums, apparently the problem could be related to not configuring enough space and a suggestion is configuring more than 30-40 GB. But no luck, … Read more
| Windows – Error connecting RDS RemoteApp Terminal services |
“The list of RemoteApp programs cannot be accessed. Verify that the management console is connected to the correct server and that you have Administrator privileges on the server, and then try again.”
Checking winrm everything seems to be correct:
c:\> winmgmt /salvagerepository
WMI repository is consistent
c:\> winmgmt /verifyrepository
WMI repository is consistentBut after resetting the repository, the … Read more
| Exchange – A reboot from a previous installation is pending |
When updating Exchange you probably con come across the following error in the prerequisite analysis:
A reboot from a previous installation is pending
The way to solve it is supposed to be by rebooting the server in order to apply any previously pending installed windows updates or whatever… but it never works, at least for me.
If it is also … Read more
| Linux – rsyslog: parsing and splitting message fields |
Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):
Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17 |
| Linux – Simple DNS server using DNSmasq |
This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.
Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more
| F5 BIG-IP – Vulnerability!! CVE-2020-5902 – Remote Code Execution (RCE) |
The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. (CVE-2020-5902)
This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commands… Read more
| Ironport – Strip DisplayName from From header |
Yesterday I came across a request in which for a group of email users, the display name must be removed when sending to recipients outside the organization.
Concretely, those whose email is in format XXXX@domain.com (where XXXX are digits) must be “anonymized”. For example:
When certain of those users sends an email to an internal recipient, the header from should … Read more
|
| F5 BIG-IP – Dynamic RDP destination for APM |
Portal access (APM) allows user access internal resources such as servers and computers via Remote Desktop (RDP). There are 3 options to to configure the destination host when configuring the RDP resource:
Hostname and IP address are a fixed destination. In case you need different destinations based on the logged user, you would … Read more
| Icinga – Notification template with notes support |
I have just configured an Icinga2 notification template for hosts and services to replace the ugly and impractical default one.
Not big things but useful in my opinion
UTF Icons are included depending on the state of the host or service
This notifications scripts can include … Read more
