Security   Security – List available cipher suite using nmap



If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).

But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more

Checkpoint   Checkpoint – Unexpected high cpu usage and SecureXL



Last monday I realized that the cpu was very high on one of my Checkpoint VSX nodes.
Looking at my Icinga graphs it seemed it started on friday at 3 o’clock:

Running a top directly on the VSX, I delimited the high to one of the virtual systems that runs on that VSX. In this image the fwk2 threads that … Read more

Security   Security – View HTTP headers using tcpdump



If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:

 tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'

For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more

Sysadmin tools   Sysadmin – Best wiki software / documentation tool



Some time ago I was researching to find a good tool to create and manage IT documentation at work. These are the features that were essential for me:

  • Editor Wysiwyg (not directly in markup language)
  • Paste images directly (instead of first uploading it to insert it in the document).
  • Team work: Full role and permission system. In case with LDAP
Read more

Home Server icon   Home Server (7) – Install Linux Debian virtual machine in ESX



In this 7th post of the Home Server series, after having configured a SSD drive, a working ESX environment and the RAID disks, let’s create our first virtual machine based on Debian Linux.

For the goal we want to achieve (hosting a web server, our personal files, personal streaming server, …) we do not even need the graphic … Read more

   Exchange – Update to fix escalation privilege vulnerability



Due to the vulnerability that allows privilege escalation I wrote about in this post, Microsoft has released a cumulative update for all supported versions of Exchange Server (Exchange 2010, 2013, 2016 and 2019).

Read more

EXCHANGE   Exchange – New vulnerability that allows privilege escalation



A new vulnerability that affects Exchange on-premise servers has been discovered recently (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/). By making use of the high privileges Exchange servers have by default, the attacker would be able to escalate from any user with a mailbox to Domain Admin access.

According to Dirk-jan Mollema (see upper link), the vulnerability has been tested against …

  • Exchange 2013
Read more