0

Server Certificate Signature – Failed in Ncentral / N-Able

Posted by paris on Jun 27, 2017 in Random

Adding an HTTPS monitor for a new SSL site in N-able brought back everything online apart from Server Certificate Signature

The guide N-Able provided didn’t give much info to this alert

The validity of the SSL certificate (indicated as either valid or invalid).

The certificate did come with a Root Authority ticket from GoDaddy gd-g2_iis_intermediates, installing this on the N-Able management server resolved the error

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

 
0

Setting up Guest and Corporate Wifi on DAP-2590

Posted by paris on Jun 23, 2017 in Networking

Prepare the Switch Config

Vlan ID 1 = Guest

Vlan ID 10 = Corporate

Access point ports and controllers should be Untagged with VlanID 1 and Tagged with Vlan 10

Guest Wifi Internet Input should be Untagged with Vlan 1 as well as your Management port you control the switch with

Input of Corporate Network into the switch needs to be Tagged port 10

Access point configuration

  1. Check you are not using an Array of AP’s and if you are you are, log into the Master AP in your array. Any other access point you login to the changes will not save

2) Create a new SSID with password

Enabled VLAN Status

Create VID 1 Default per below and Corp for Vlan ID 

Change the PVID settings to 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , , , ,

 
0

WannaCry

Posted by paris on Jun 21, 2017 in Research

If you have yet to install the Microsoft fix—MS17-010— you should do so immediately. You should also be extremely suspicious of all e-mails you receive, particularly those that ask the recipient to open attached documents or click on Web links.

 

To obtain these patches, simply go to http://www.catalog.update.microsoft.com/Search.aspx and punch in the KB number in the Search bar on the top right hand corner, then choose the update for the relevant architecture.

 

Windows Version

KB Article

XP / 2003 x86

KB4012598

Vista / Server 2008 server all editions

KB4012598

Windows 7 All Editions

KB4012212

Windows Server 2008 R2 (all editions)

KB4012212

Windows 8.1 (all editions)

KB4012213

Server 2012 (all editions)

KB4012214

Server 2012 R2

KB4012213

Server 2016

KB4013429

Windows 10 Version 1507 (RTM pre Anniversary Update)

KB4012606

Windows 10 Version 1511 (November Update)

KB4013198

Windows 10 Version 1607 (Anniversary Update)

KB4013429

 

Protip: To get the Windows 10 version number, simply type run the winver command

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 
0

SPF Record for FirstWave Cloud Email Security

Posted by paris on Jun 21, 2017 in Random

A Domain using Firstwave was getting the below errors in the email headers :

Authentication-Results: spf=permerror (sender IP is x.x.x.x)

Received-SPF: PermError (protection.outlook.com: domain of domain.com used an invalid SPF mechanism)

Firstwave SPF record needs to be the following

“v=spf1 include:spf.firstwave.com.au ~all” for your domain(s).

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags:

 
0

Bios Update Dell Laptop with Less 10% Battery

Posted by paris on Jun 20, 2017 in Random

Some Dell laptops have an issue where they loose the ability to charge laptop batteries. Sometimes this can be fixed with a Bios update , however Dell has security to stop you updating the Laptop with less than 10% battery which will not work due to the issue of charging the battery

To force a BIOS update

  1. download the .exe in Windows
  2. Open command prompt and navigate to the .exe using CD
  3. RUN “biosupdatename.exe /FORCEIT” which will install the bios update without the warning about 10% charge
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , ,

 
0

N-Able Patch Status Migconfigured

Posted by paris on Jun 20, 2017 in Research

 

Clear the following registry keys and restart the Windows Update Service 

  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

  • HKEY_LOCAL_MACHINE\SYSTEM\Internet Communication Management\Internet Communication

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate

  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 
0

Check if http/https webserver is responding bat file script

Posted by paris on Jun 20, 2017 in Code
@if (@CodeSection == @Batch) @then
 
@echo off
setlocal
 
set "servers=dev1 dev2 dev3 test1 test2 test2:8080 prod prod:443"
 
for %%I in (%servers%) do (
    for /f "tokens=1,2 delims=:" %%a in ("%%I") do (
        set "port=%%~b"
        if not defined port set "port=80"
        setlocal enabledelayedexpansion
        cscript /nologo /e:JScript "%~f0" "%%~a" "!port!" && (
            echo %%a port !port!: OK
        ) || (
            echo %%a port !port!: Error
        )
        endlocal
    )
)
 
goto :EOF
 
@end // end batch / begin JScript chimera
 
var server = WSH.Arguments(0),
    port = WSH.Arguments(1),
    protocol = port == 443 ? 'https' : 'http',
    URL = protocol + '://' + server + ':' + port + '/',
    XHR = WSH.CreateObject('Microsoft.XMLHTTP');
 
XHR.open('GET', URL);
XHR.setRequestHeader('User-Agent','XMLHTTP/1.0');
XHR.send('');
while (XHR.readyState != 4) WSH.Sleep(25);
WSH.Quit(XHR.status - 200);

 

Kudos to Rojo for this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , , ,

 
0

Cisco Aironet 1140 Series no SSID Broadcast

Posted by paris on Jun 19, 2017 in Networking

If you’ve never used a Cisco Access point ( Aironet ) by default out of the box or after a factory reset the dot11rad 0 interface will be set to shutdown and will no broadcast any of your SSID’s

Also by default only webpage administration is available, you can enable SSH through the website Administration

Enabled through SSH :  

ap(config)#interf dot11rad 0

ap(config)#no shutdown

Depending if you have 1 or 2 SSID you will need to enable Guest mode or MutliGuest Mode

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , ,

 
0

Error: Encryption mode cipher is not configured Cisco 1140

Posted by paris on Jun 19, 2017 in Networking

When going through the commands to enable WPA on cisco Wireless Account point


ap(config)#interface Dot11Radio0
ap(config-if)# encryption mode ciphers aes-ccm

Then


ap(config-ssid)#authentication open
ap(config-ssid)#authentication key-management wpa version 2

I was shown Error: Encryption mode cipher is not configured.

Turns out this setting needs to be applied to each VLAN presented to the SSID

ap(config)#interface Dot11Radio0

ap(config-if)#encryption vlan 13 mode ciphers aes-ccm tkip

I could then run

ap(config-ssid)#authentication open

ap(config-ssid)#authentication key-management wpa version 2

ap(config-ssid)#guest-mode

ap(config-ssid)#wpa-psk ascii WirelessPassword

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , , , ,

 
0

Citrix NetScaler Average Round Trip Time 4 Seconds

Posted by paris on Jun 18, 2017 in Research

After the restart of a Citrix Netscaler , our SNMP monitoring was coming back with high Second Round Trip times locally for the NetScaller of 1 – 4 Seconds. Logging in and checking the settings looked good.

In the end a reboot fixed this!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Copyright © 2017 Welcome to Pariswells.com All rights reserved. Theme by Laptop Geek. Privacy Policy