Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):
Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17
… Read more
This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.
Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more
Security Advisory Description
The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. (CVE-2020-5902)
This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commands… Read more
Yesterday I came across a request in which for a group of email users, the display name must be removed when sending to recipients outside the organization.
Concretely, those whose email is in format XXXX@domain.com (where XXXX are digits) must be “anonymized”. For example:
When certain of those users sends an email to an internal recipient, the header from should … Read more
Portal access (APM) allows user access internal resources such as servers and computers via Remote Desktop (RDP). There are 3 options to to configure the destination host when configuring the RDP resource:
- IP Address
- User defined
Hostname and IP address are a fixed destination. In case you need different destinations based on the logged user, you would … Read more
I have just configured an Icinga2 notification template for hosts and services to replace the ugly and impractical default one.
Not big things but useful in my opinion
Clear and nicely formatted layout
State based colors
State based icons
UTF Icons are included depending on the state of the host or service
This notifications scripts can include … Read more
Not sure since what version this feature is available but I have started to use the notes section of the services i am monitoring in Icinga in markdown syntax.
icingaweb2 package version 2.6 that is compiled for Debian 10 (Buster).
You may think you do not need it for, but in my humble opinion it is … Read more
This morning i have come across a Checkpoint problem: No way to perform a succesful policy installation in any of the several virtual system gateways I have in my environment.
As you can see the returning error is: Policy installation failed on the gateway. If the problem persists contact Check Point support [Error code: 0-2000040].
Fortunately i found a generic … Read more
There are different methods to run queries against an SQL Server from a Linux machine. The one I am using is mssql-cli (https://github.com/dbcli/mssql-cli)
As you can check in the related github website, it has the following features:
- Syntax highlighting
- Query history
- Configuration file support
- Multi-line queries
The -Q parameter
It has been packetized for a lot of distributions … Read more
If you are a Git user, you can find very useful this custom prompt.
Shows working branch when it detects the current folder is a git one:
user1@labdebian ~/data $
user1@labdebian ~/data $ cd ../myproject/
user1@labdebian ~/myproject (master) $
user1@labdebian ~/myproject (master) $ git checkout -b branch1
Switched to a new branch 'branch1'
user1@labdebian ~/myproject (branch1) $
… Read more