Go to
cmd – run regedit
In the Registry Editor window, navigate to…
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print
Then right-click in the blank space and choose ‘DWORD (32-bit) Value’ option under the ‘New’ sub-menu.
Rename the DWORD value to ‘RpcAuthnLevelPrivacyEnabled’
restart
Print spooler
Recently I was trying to update/upgrade Ubuntu 21.10 using the apt when I encountered the following error:
E: Could not get lock /var/lib/dpkg/lock – open (11: Resource temporarily unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
A quick resolution that worked for me:
ps aux | grep -i apt
sudo kill -9 17796
ps aux | grep -i apt
rm -rf /var/lib/dpkg/lock-frontend
sudo dpkg –configure -a
It was working fine, and somehow, it just stopped working.
Solution:
Login to the backend of ExpressionEngine
Then go to Add-Ons – Modules –
../admin.php?S=0&D=cp&C=addons_modules
Click on Zoo Visitor
Then Go to installation » click the button at the bottom to Reinstall Everything.
Once the Zoo Visitor is installed, you do not need to change it, the installation makes sure everything is in place to just start. The default Guest member is necessary to accept registrations.
Show network interface configuration:
config system interface
Show all nics:
diagnose hardware deviceinfo nic
Show all info for specific nic:
diagnose hardware deviceinfo nic dmz
Execute ping:
execute ping 8.8.8.8
Ping Options:
execute ping-options view
execute ping-options source 192.168.1.4
Show Session Table:
diagnose sys session list
Traceroute:
execute traceroute 8.8.8.8
Telnet:
execute telnet targethost
Show some statistics:
firewall statistic show
Show session table:
sys session full-stat
Change vdom:
config vdom
edit vdomname
Overall performance:
get system performance status
Top (use Shift+M for memory usage):
get system performance top
Show console log:
execute log filter dump
execute log filter category 0
execute log filter field hostname www.google.ch
execute log display
Show possible diag commands:
diagnose test application ssl 0
SSL Proxy Usage
diagnose test application ssl 4
Show info per connection:
diagnose test application ssl 44
Debug FSSO:
diag debug enable
diag debug authd fsso list
diag debug authd fsso server-status
diag debug authd fsso summary
diag debug authd fsso clear-logons
diag debug authd fsso refresh-logons
diag debug authd fsso refresh-groups
Show routing table:
get router info routing-table all
Neighbor status (neighbours have state up/down):
get router info ospf neighbor all
Delete all OSPF entries:
excecute router clear ospf process
Enable debug output:
diagnose ip router ospf all enable
diagnose ipo router ospf level info
Get Router Status:
get router info ospf status
Sniff for OSPF packets:
diagnose sniffer packet any ‘proto 89’ 4
Debug OSPF:
dignose ip router ospf all enable
diagnose ip router ospf level info
diagnose debug enable
Show ipsec tunnels:
get ipsec tunnel list
Troubleshoot VPN connections:
diag debug application ike -1
diagnose vpn ike log-filter clear
diagnose vpn ike log-filter dst-addr 1.2.3.4
diagnose debug app ike 255
diagnose debug enable
Debug traffic flow through the fortigate:
diagnose debug enable
diagnose debug flow show console enable
diagnose debug flow filter add 10.10.0.1
diagnose debug flow trace start 100
Set certificate for admin interface:
config system global
set admin-server-cert certname
end
#Darktrace in action, does the job well! A great solution to supercharge your Cyber threat Landscape in light of the SolarWinds Orion attack.
Darktrace’s Immune System, applies AI to the cyber defense challenges for the first time, and has proven itself successful in detecting cyber-threats that existing, legacy systems cannot.
However, Darktrace alone is not enough in my opinion, you need to complement it with a good Modern NAC such as #ForeScout CounterACT. These two powerful security solutions cohabit in your environment you get pure good fire.
I know a lot of BIGGER enterprises like the Universities, Banks, Financial Services, Health Care Providers, Government Departments, Telecoms etc might already have Cisco technologies in-place; from the Switches, Wireless Controllers, Access Points and more so they might have Cisco Secure ISE which you could argue that it is a NAC and it does exactly the same, which enables a dynamic and automated approach to policy enforcement that simplifies the delivery of highly secure networks.
Very true, both Cisco ISE and ForecScout NAC possibly serve similar purposes, personally I would always pick ForeScout as my weapon of choice whenever I step into battleground against the cyber kingpins. With ForeScout you gain true visibility of all connected devices on your network within hours of deployment, and policy-based controls are often functional immediately.
NB: What I like most with these two solutions (Darktrace and ForeScout) deployed together under one roof, is that when Darktrace discover an rogue infected device I get notified instantly, and when I investigate the physical location of the misbehaving device down to a port on switch, ForeScout narrows it down for me nicely and clearly. Also keeping in mind that your policy-based controls could be configured such that it isolates or quarantines any rogue devices.
Should you need further engagement or require a POV (proof of value)/POC (proof of concept) team to rollout these technologies in your environment, kindly feel free to DM me.
#Fortinet FortiGate (100E) is the best firewall. The most valuable feature is the bundled subscription, which is IPS, antivirus and web filtering. It is easy to use and performs very well. This perimeter solution has powerful security features, and it’s a good product that integrates actionable threat intelligence and very well with a wide range of SIEMs.
NB: In my experience it is undeniable that technological solutions regardless of the vendor is as good as the skills and competence of the team that fully managed them.
Should you ever need a highly skilled (hands) team to handle all things Technology for your environment, kindly feel free to DM me.
When you try to publish new content, you encounter error message similar to this. The outcome can be not only frustrating but can also prevent you from doing other work.
I encountered this error message:
Publishing failed. You are probably offline.
The workaround that can help you resolve this issue if you encounter it:
You may wish to install the Classic Editor plugin as a temporary workaround.
When you try to restart the nginx service, you encounter error message similar to this. The outcome can be not only frustrating but can also prevent you from doing other work.
I encountered this error message:
sibgen@en-pta-web-109:~# service nginx start
Job for nginx.service failed because the control process exited with error code.
See “systemctl status nginx.service” and “journalctl -xe” for details.
sibgen@en-pta-web-109:~# service nginx status
● nginx.service – A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2021-01-05 16:52:36 UTC; 2min 11s ago
Docs: man:nginx(8)
Jan 05 16:52:34 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Jan 05 16:52:34 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jan 05 16:52:35 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Jan 05 16:52:35 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jan 05 16:52:35 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Jan 05 16:52:35 en-pta-web-109 nginx[467554]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jan 05 16:52:36 en-pta-web-109 nginx[467554]: nginx: [emerg] still could not bind()
Jan 05 16:52:36 en-pta-web-109 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Jan 05 16:52:36 en-pta-web-109 systemd[1]: nginx.service: Failed with result ‘exit-code’.
Jan 05 16:52:36 en-pta-web-109 systemd[1]: Failed to start A high performance web server and a reverse proxy server.
sibgen@en-pta-web-109:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
The workaround that can help you resolve this issue if you encounter it:
sibgen@en-pta-web-109:~# sudo fuser -k 80/tcp
80/tcp: 467460 467461
sibgen@en-pta-web-109:~# sudo fuser -k 443/tcp
sibgen@en-pta-web-109:~# sudo service nginx restart
sibgen@en-pta-web-109:~# service nginx status
● nginx.service – A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-01-05 16:58:06 UTC; 11s ago
Docs: man:nginx(8)
Process: 474663 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 474664 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 474665 (nginx)
Tasks: 2 (limit: 1132)
Memory: 9.7M
CGroup: /system.slice/nginx.service
├─474665 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─474666 nginx: worker process
Jan 05 16:58:06 en-pta-web-109 systemd[1]: Starting A high performance web server and a reverse proxy server…
Jan 05 16:58:06 en-pta-web-109 systemd[1]: Started A high performance web server and a reverse proxy server.
If this solution worked for you, then we’ll love your support. You can reach out and request Server installation service from us.
Deploy your next app in seconds. Get $100 in cloud credits from @DigitalOcean using my link: https://m.do.co/t/2d36b262058d
Need help getting started on DO? Feel free to contact me for your Virtual Server Setup:
Happy Coding, Team Mwired
While reconfiguring a Cisco switch 3750G WS-C3750G-24TS-S1U with version 12.0(5.3). When attempting to run “crypto key genearte rsa“, it was failing with below error:
MW-CORE-SW01#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MW-CORE-SW01(config)#hostname MWired
MW-CORE-SW01(config)#ip domain-name magwinya.co.za
MW-CORE-SW01(config)#crypto key generate rsa
% Invalid input detected at ‘^’ marker.
Workaround Solution:
In order to run “crypto key generate rsa”, you need an IOS image that contains “k9” in the name.
In our case we had to upgrade IOS boot image to:
c3750-advipservicesk9-mz.122-46.SE.bin
Follow this upgrade guide: Click HERE
Once upgrade is completed, all was in order.
MW-CORE-SW01(config)#crypto key generate rsa
The name for the keys will be: MW-CORE-SW01.magwinya.co.za
Choose the size of the key modulus in the range of 360 to 4096 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
All the best!
We by far have the best in class Cisco® Design and Architecture. We take pride in our configs, which works perfect and I can tell you right now; right here; that we lock down your network right to the T. We don’t play games in this space.