A Site of Information and Ideas
Getting loads of schannel errors in my log server every day, I decided to hunt them down.
Turns out that under Internet Options a GPO was misconfigured to allow sslv3 traffic.
Disabling this SSLv3 as shown below with a GPO or individually solves this log entry spam.
edit the proxy.conf – vi /etc/httpd/conf.modules.d/00-proxy.conf
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
~
Edit your sites’ .conf file – vi /etc/httpd/sites-enabled/service.domainname.com.conf
VirtualHost *:443
ServerName service.domainname.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/yourcert.crt
SSLCertificateKeyFile /etc/pki/tls/private/yourprivatekey_privatekey.key
SSLCertificateChainFile /etc/pki/tls/certs/bundle.crt
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /(.*) "ws://backendserverIP:portnumber/$1" [P,L]
ProxyPreserveHost On
ProxyPass / http://backendserverIP:portnumber/
ProxyPassReverse / http://backendserverIP:portnumber/
ErrorLog /var/log/httpd/service.domainname.com/error.log
CustomLog /var/log/httpd/service.domainname.com/access.log combinedVirtualHost
Restart HTTPD and test out your new site!
Well I got into some interesting spaces when I found this site :
https://securityheaders.com
and https://hstspreload.org
In order to get an A+ rating for my blog, I went through all the suggested routines and while I won’t detail them, below is what I have landed on for what works on my WordPress site.
Inject this into your .htaccess file on your Apache webserver
Header set Content-Security-Policy “upgrade-insecure-requests”
Header set Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”
Header set X-Xss-Protection “1; mode=block”
Header set Referrer-Policy “strict-origin”
Header set Permissions-Policy “geolocation=self”
Header set Access-Control-Allow-Origin “https://*yoursite.com*”
Header set Cross-Origin-Embedder-Policy “unsafe-none”
Header set Cross-Origin-Opener-Policy “unsafe-none”
Header set Cross-Origin-Resource-Policy “same-site”
I can’t tell you guys how important it is to be vigilant over the next few months, you will be distracted with holiday events and other social engagements.
If not already, you will be bombarded with scam phone calls and emails. Please! DO. NOT. RESPOND. to those emails and phone calls. Mark them as SPAM and/or phishing and delete them.
The most recent examples relating to phone calls are for people looking to get your social security number, Medicaid, and credit card information. It will be a foreign sounding individual with a “normal” sounding name, like “Robin” or “John” – Hang up on that person immediately!
The most recent examples relating to scam emails is someone “responding” to an email and BCC’ing you with a “what’s this” or “what is this” and below will be an invoice looking for payment. Mark as SPAM and DELETE THIS EMAIL!!!
There will be variations of this theme, but it is all the same, they want your money and your personal information so that they can trick other individuals to give them their money!
IF you use a password manager like LastPass, I strongly urge you to change all your passwords and keep them in either a different password manager or in a notebook in a safe place in your home.
Hacking is serious business, with serious consequences for those not careful to avoid from being hacked.
It is up to everyone here to keep your organization safe.
In the below PDF, is an end to end documentation of how I setup a workflow through Visual Studio, RedGate, Bitbucket, into a Jenkins build with deployment to Octopus.
I do hope this helps anyone who may be stuck like I was during this process.
Buy the following:
Nooelec Dual-Band NESDR Nano 3 Premium ADS-B (978MHz UAT & 1090MHz 1090ES) Bundle for Stratux™, Avare, Foreflight, FlightAware & Other Applications. Includes 2 SDRs, 4 Antennas, 5 Adapters.
Nooelec Omnidirectional 7dBi ADS-B Antenna – 23″ Outdoor Fiberglass Antenna w/Female N-Connector, 10m RG58 Cable Extension w/SMA Connector & Mounting Hardware. Weatherproof. 1090MHz Center Frequency
https://www.amazon.com/gp/product/B076GWF6FF
https://www.amazon.com/gp/product/B08NRQF9TK
Once you have all the parts together, head over to FlightAware’s page for a download of the image, or you can hand load it, which is what I did. since the Pi I used also hosts this website.
Hand Load:
https://flightaware.com/adsb/piaware/install
Image Download:
Greetings 2021! I’m in the middle of a software deployment right now. Hoping adoption goes well and that everyone enjoys using the application.
Some basic tool I learned a moment ago: Use the app_offline.htm file in your ASP.net 2.0 (minimum) to quickly notify your users that the page – or your app is down for maintenance.
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install snmpd -y
sudo apt-get install snmp -y
sudo nano /etc/snmp/snmpd.conf
To get it running, you will need to modify the sudo nano /etc/snmp/snmpd.conf file:
First, I commented out this line:
#agentAddress udp:127.0.0.1:161
and below the line ‘#agentAddress udp:161,udp6:[::1]:161′ I added:
agentAddress udp:161
then below this line:
rocommunity public localhost
I added:
rocommunity public 190.0.10.0/24
Finally, restart the service:
service snmpd restart
First you’ll need to install xinetd which is a requirement for the Check_MK agent:
apt-get install xinetd
Then, latest Check_MK agent installer from your Check_MK website and install:
cd /tmp/
wget http://%yourcheck_mk_server%/download/check-mk-agent_***.deb
dpkg -i check*
Open your favorite (Putty) ssh application and connect to your ESX host and then run the following commands:
esxcli system snmp set –communities public
esxcli system snmp set –enable true
esxcli network firewall ruleset set –ruleset-id snmp –allowed-all true
esxcli network firewall ruleset set –ruleset-id snmp –enabled true
/etc/init.d/snmpd restart
The –ruleset should be a dash dash not a bar, same with the –allowed and –enabled; I don’t know why WordPress does that.