Mailgateway

Going to look into some email security products, mainly aimed at enteprises. Gateway implementation is main focus. This is in progress and just a list of products atm.

  • https://www.mailscanner.info
    • https://www.baruwa.com/ (Baruwa is a web-based GUI that provides complete installation and configuration of MailScanner.)
    • https://www.mailborder.com/ (Mailborder is a web-based GUI that provides complete installation and configuration of MailScanner)
    • http://mailwatch.org/ (A web based front-end to MailScanner
  • http://www.scrolloutf1.com/
  • https://www.hmailserver.com/
  • http://www.radical-spam.org/
  • http://spamassassin.apache.org/
  • https://sourceforge.net/p/assp/wiki/Main_Page/
  • https://openas.org/
  • http://www.xeams.com/
  • http://www.titanhq.com/
  • https://www.roaringpenguin.com/products/canit-pro
  • http://www.mailcleaner.org/ (really old?)
  • https://nocroom.com/datacenter/spamfirewall/
  • http://www.pyzor.org/
  • https://www.proxmox.com/en/downloads
  • https://www.proxmox.com/
  • https://halon.io/
  • https://www.sophos.com/en-us/products/secure-email-gateway/tech-specs.aspx

Checkpoint DP-1006 (DDoS protector) and livestreaming

During livestreaming with wirecast with RTMP protocol we got some issues with drops and disconnects/reconnects. In the log for wirecast we saw some messages at random times. The log is found in the appdata catalog for the user running wirecast (in our case C:\Users\{username}\AppData\Roaming\Wirecast}. The messages found when the session was disconnected:
Feb 12 22:51:54 A: Start OK: sample=4, channels=2, type=2
Feb 12 22:54:12 N: onStatus: code="NetConnection.Connect.Closed" type="status" desc="" details=""
Feb 12 22:54:12 A: Network connection severed: -1301

Right after those messages the connection was reestablished. Was experiencing some choppy video aswell.

Tried making a whitelist in the DP-1006 like this:
In the submenu DDoS->Whitelist
Filled in SrcNetwork=ip of the wirecast client, DstNetwork=ip of the RTMP server, Protocol=TCP

Did a test streaming after this and after 30 minutes+ there was no more drops.

Guess this did the trick..

Network tools

https://nav.uninett.no/

http://www.perfsonar.net/about/what-is-perfsonar/

Installation

http://www.observium.org/docs/screenshots/

http://www.packetfence.org/about/overview.html

http://www.networkworld.com/article/2825879/network-management/7-free-open-source-network-monitoring-tools.html

http://sourceforge.net/projects/netdisco/

Create Your Own Network Assessment Appliance

http://www.opennms.org/wiki/Download

Windows KMS

Check information registered in dns: nslookup –type=srv _vlmcs._tcp.subdom.domain.rootdom

Move Installer folder from systemdrive to save space (SSD)

Windows use space on systemdrive for almost never used installation files. You can easily move those from your expensive SSD to a cheaper datadisk:

Run cmd as Administrator, and use the following commands:
mkdir D:\Junctions\C\Windows\
move C:\Windows\Installer D:\Junctions\C\Windows\
mklink /J C:\Windows\Installer D:\windows\installer

You can also free up space by:

  • Disabling hibernation, the hiberfil.sys.
  • Deleting C:\Windows\MEMORY.DMP file
  • Deleting Java Cache (Java controlpanel, General, Settings, Delete files)
  • Upgrade Machine Code fails due to ongoing DMP

    Upgrade Machine Code Wizard fails with the following message: “The system cannot be upgraded at this time because a Directed Maintenance Procedure is in progress.”

    No “Directed Maintenance Procedure” is going on…

    Ok, try login to service console for all the controllers in the cluster (two in case of v3700/v7000) and restart the web server.

    You find the service console IP under settings, network, Service IP Addresses. Choose Node canister and click on nic 1.

    Service console is acceccible at https://{service console ip}/service

    Click “Restart Service” in the menu and choose Web Server (Tomcat). Push the Restart button.

    Network tests with powershell

    Since vista the telnet client isn’t installed by default, wich makes sence since nobody uses it. Oh, wait, some use it for network testing. Instead of installing the telnetclient for doing network tests you might use powershell instead:
    Test-NetConnection host.domain.com -port 80

    Offline disks/missing disks after vmware upgrade hardware (Windows 2008R2 Enterprise Edition)

    VMWare describes this problem here:
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1013109

    To prevent this from happening set the SAN policy before the virtual hardware upgrade:
    DISKPART
    SAN POLICY=OnlineAll

    Set it back afterwards if unsure…
    DISKPART
    SAN POLICY=OfflineShared

    More info here:
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/c14bdde3-6359-463d-9932-5fe7ec72505e/how-to-change-default-san-disk-status-from-offline-to-online?forum=winserverfiles

    Find switchport for device on your network (cisco)

    If you have a cisco network and not using software tools who logs status for your switchports you can still find where your device is connected without physically going to the location checking patching.

    You will need a source and a destination mac address.

    • Source mac address
      • The source mac address isn’t that important, just do a sh mac address table vlan 5. Find a random mac address on the same vlan as the device you are looking for.
    • Destination mac address
      • I usually find this by checking the dhcp server or asking the user for the information. It might be printed on a label on the device or if it’s a windows computer you find it with ipconfig /all under Physical Address.

    When you got source and destination mac address you can run the command: traceroute mac {source mac} {destination mac}. The output will tell you something about where both source and destination mac is connected and the path between them. Example:

    Traceroute mac aaaa.bbbb.cccc dddd.eeee.ffff
    Source aaaa.bbbb.cccc found on switch10
    1 switch10 (172.32.0.10) : Fa0/40 => Gi0/1
    2 switch13 (172.32.0.13) : Gi0/2 => Gi0/1
    3 switch19 (172.32.0.19) : Gi0/2 => Gi0/1
    4 switch31 (172.32.0.31) : Gi0/2 => Fa0/38
    Destination dddd.eeee.ffff found on switch31
    Layer 2 trace completed

    If you need more details, you can add detail after the command.

    TSM cheatsheet

    Clean up volumes, moving data first

    1. Set volume readonly: upd vol /tsmdata/stg1/filepool/01301.dsm acc=reado
    2. Move data from the volume: move data /tsmdata/stg1/filepool/01301.dsm w=y
    3. Delete the volume: del vol /tsmdata/stg1/filepool/01301.dsm
    4. Delete the volume from the underlying file system (linux example here): rm -f /tsmdata/stg1/filepool/01301.dsm

    All this could be scripted if multiple volumes should be cleaned up to free space on underlying file system.

    Backup database

    ba db t=f dev={deviceclass} (example: file_dbb)