Linux   Linux – rsyslog: parsing and splitting message fields



Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):

Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17 
Read more

Linux   Linux – Simple DNS server using DNSmasq



This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.

Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more

F5 BIG-IP icon   F5 BIG-IP – Vulnerability!! CVE-2020-5902 – Remote Code Execution (RCE)



Security Advisory Description

The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. (CVE-2020-5902)

Description

This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commandsRead more

IRONPORT icon   Ironport – Strip DisplayName from From header



Yesterday I came across a request in which for a group of email users, the display name must be removed when sending to recipients outside the organization.

Concretely, those whose email is in format XXXX@domain.com  (where XXXX are digits) must be “anonymized”. For example:

When certain of those users sends an email to an internal recipient, the header from should … Read more

F5 BIG-IP icon   F5 BIG-IP – Dynamic RDP destination for APM



Portal access (APM) allows user access internal resources such as servers and computers via Remote Desktop (RDP). There are 3 options to to configure the destination host when configuring the RDP resource:

  • Hostname
  • IP Address
  • User defined

Problem

Hostname and IP address are a fixed destination. In case you need different destinations based on the logged user, you would … Read more

Icinga icon   Icinga – Notification template with notes support



I have just configured an Icinga2 notification template for hosts and services to replace the ugly and impractical default one.

Features

Not big things but useful in my opinion

Clear and nicely formatted layout

State based colors

State based icons

UTF Icons are included depending on the state of the host or service

Notes support

This notifications scripts can include … Read more

Icinga icon   Icinga – Notes section in markdown language



Not sure since what version this feature is available but I have started to use the notes section of the services i am monitoring in Icinga in markdown syntax.

icingaweb2 package version 2.6 that is compiled for Debian 10 (Buster).

Package: icingaweb2
Version: 2.6.2-3

You may think you do not need it for, but in my humble opinion it is … Read more

Checkpoint   Checkpoint – Policy installation failed. Error code: 0-2000040



This morning i have come across a Checkpoint problem: No way to perform a succesful policy installation in any of the several virtual system gateways I have in my environment.

As you can see the returning error is: Policy installation failed on the gateway. If the problem persists contact Check Point support [Error code: 0-2000040].

Fortunately i found a generic … Read more

Linux   Linux – SQL Server command line to perform queries (mssql-cli)



There are different methods to run queries against an SQL Server from a Linux machine. The one I am using is mssql-cli (https://github.com/dbcli/mssql-cli)

As you can check in the related github website, it has the following features:

  • Auto-completion
  • Syntax highlighting
  • Query history
  • Configuration file support
  • Multi-line queries

Installation

The -Q parameter

It has been packetized for a lot of distributions … Read more

Linux   Linux – Show git branch in bash prompt



If you are a Git user, you can find very useful this custom prompt.

Branch

Shows working branch when it detects the current folder is a git one:

user1@labdebian ~/data $
user1@labdebian ~/data $ cd ../myproject/
user1@labdebian ~/myproject (master) $
user1@labdebian ~/myproject (master) $ git checkout -b branch1
Switched to a new branch 'branch1'
user1@labdebian ~/myproject (branch1) $
user1@labdebian ~/myproject
Read more