Make sure the Netscaler has a correct SNIP IP Address that can ping the DNS server , pinging from the Netscaler IP wont work 

• No Comments

Recently a wordpress site crashed after with the error : 

[pid 31317] PHP Fatal error: Uncaught Error: Cannot call constructor in /wp-content/plugins/woocommerce-services/classes/wc-api-dev/class-wc-rest-dev-data-continents-controller.php:47\nStack trace:\n#0 wp-content/plugins/woocommerce-services/woocommerce-services.php(922): WC_REST_Dev_Data_Continents_Controller->__construct()\n#1 wp-includes/class-wp-hook.php(287): WC_Connect_Loader->wc_api_dev_init(Object(WP_REST_Server))\n#2 
wp-includes/class-wp-hook.php(311): WP_Hook->apply_filters(NULL, Array)\n#3 
wp-includes/plugin.php(478): WP_Hook->do_action(Array)\n#4 wp-includes/rest-api.php(506): do_action('rest_api_init', Object(WP_REST_Server))\n#5

/wp-content/plugins/disable-json-api/classes/helpers.php(10): rest_get_server()\n#6 wp-content/plugins/disable-json-api/classes/helpers.php(36): DRA_Helpers::get_all_rest_routes()\n#7  in wp-content/plugins/woocommerce-services/classes/wc-api-dev/class-wc-rest-dev-data-continents-controller.php on line 47, referer: wp-cron.php?doing_wp_cron

Disabling the woocommerce-services Plugin stopped the error showing

Upgrading Woo-Commerce to version 5.0.0 then re-enabling woocommerce-services Plugin fixed the issue

• No Comments

Create vlan "ISOLATED"
configure vlan ISOLATED description "ISOLATED"
Configure vlan ISOLATED tag 200
conf vlan ISOLATED add port 2:14 tagged

Remove

"configure vlan <vlan name> delete ports <port_list>".

• No Comments

when enabling DDOS, UTM or traffic over VPN. I believe this applies to other video solutions like zoom.

Workarounds below:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD50610

For any voice-type traffic you should not use UTM at all.

You can use Internet Service as destination to capture the traffic to teams/zoom etc

• No Comments

use the ‘log off when inactive timer’ 

Computer configuration > Policies > Administrative template > Windows component > Remote Desktop services > remote desktop session host > session time limits > Set to 8 hours from 1day

Application Configuration

Select user mode policies> edit Unfiltered policy in citrix Policies>

>Disconnected Session Timer enabled

>Disconnected Session Timer interval 300mins

• No Comments

Webroot has received reports of symptoms similar to those that you have reported. As a temporary measure there are two options for alleviating this issue.

First:

If you are utilizing the Task Scheduler for the backups to be performed (This can be seen in the system-Scheduled_Tasks.csv or Task Scheduler in Windows).

Example : C:\Windows\system32\vssadmin.exe Create Shadow /AutoRetry=15 /For=\\?\Volume{f3eeccd1-6c54-43d9-b19e-6695945f7934}

This command can be replaced with the following instead : wmic shadowcopy call create Volume=c:\

(Volume letter depends on the corresponding volume id they are attempting to copy)

Second:

If Task Scheduler is not being employed, we would like you to disable some settings within your Webroot policy which has been successful in alleviating the issue.

1. Log into your Webroot console.

2. Click on the Policies tab then the policy we will be modifying

3. Under Policy Section select Local Heuristics

a. Set Enable Infrared to “Off”

b. Click the Save button

4. Under Policy Section select Network Heuristics

a. Set Advanced Heuristics to “Disabled”

b. Click the Save button

* All endpoints assigned to this policy will update within 24hrs depending on the configured poll interval.

• No Comments

I did some patching of BootHole over the weekend, and found that the Microsoft article describing the patch installation not only contained errors but also outlined no way of checking patch install success.

1. Check the system to see if the vulnerable certificate exists, if True then proceed to check for updated certs. From an administrative powershell session:

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Microsoft Corporation UEFI CA 2011’

2. Check to see if updated certs are installed. If False, proceed to patch:

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI dbx).bytes) -match ‘Canonical Ltd. Master Certificate Authority’

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI dbx).bytes) -match ‘Debian Secure Boot CA’

3. Get the patch to install:

Download the appropriate UEFI Revocation List File (Dbxupdate.bin) for your platform from https://uefi.org/revocationlistfile.

4. Enable TLS1.2 for this session, to ensure script downloads successfully (optional, come back to this if install-packageprovider fails). This TLS setting is session only, and will revert at session close.:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

5. Install NUGET:

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force

6. Install DBX file splitting SCRIPT:

Install-Script -Name SplitDbxContent

7. CD to the directory where the revocation list file is located, and run the script to split into BIN and P7 files:

SplitDbxContent.ps1 .\dbxupdate.bin

8. Install the new certs:

Set-SecureBootUefi -Name dbx -ContentFilePath .\content.bin -SignedFilePath .\signature.p7 -Time 2010-03-06T19:17:21Z -AppendWrite

9. Reboot and check for updated certs, should return True for both.

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI dbx).bytes) -match ‘Canonical Ltd. Master Certificate Authority’

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI dbx).bytes) -match ‘Debian Secure Boot CA’

• No Comments

Recently brought a worksite\iManage infrastructure environment up without the internet and the Edit Button wasn’t working

• No Comments

Add the SQL Agent account the folloing role in MSDB

Also make sure the SQL Agent account has access to the database to run the query

\

• No Comments

Rebooting the PC resolves this

• No Comments