Thursday, 29 December 2016

Install Security Onion 14.04 into VirtualBox

Had some issues getting the guest additions working, but the following fixed it for me.

1. Make sure everything is up to date:

  • sudo apt update
  • sudo apt upgrade
  • sudo apt dist-upgrade
  • sudo apt-get autoremove
  • sudo apt-get autoclean
2. Make sure the correct Xorg is installed:
  • sudo apt install xserver-xorg-core
3. Install the guest utils and DKMS from the repo:
  • sudo apt install virtualbox-guest-utils virtualbox-guest-x11 virtualbox-guest-dkms dkms
4. Reboot and cleanup:
  • sudo reboot
  • sudo apt-get autoremove
  • sudo apt-get autoclean


Tuesday, 27 December 2016

Snort\Barnyard2\Snorby running on x86 Ubuntu 14.04

I followed this basic guide:
http://www.ubuntu-howtodoit.com/?p=138

Step 5.2 I had to adjust the line:
./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu

To the following line as I am running an x86 install on this old server:
:~$ ./configure --with-mysql --with-mysql-libraries=/usr/lib/i386-linux-gnu

Step 7, I pulled the Upstart scripts from the following:
https://s3.amazonaws.com/snort-org-site/production/document_files/files/000/000/090/original/Snort_2.9.8.x_on_Ubuntu_12-14-15.pdf

This was due to Ubuntu 14.04 running Upstart rather than Systemd.

Section 8.12 - As I was running Nginx rather than Apache2, I followed this:
https://www.digitalocean.com/community/tutorials/how-to-deploy-a-rails-app-with-passenger-and-nginx-on-ubuntu-14-04

This page to configure Passenger:
https://www.phusionpassenger.com/library/install/nginx/install/oss/trusty/

The contents of /etc/nginx/passenger.conf that worked for me was:
passenger_root /usr/local/lib/ruby/gems/2.3.0/gems/passenger-5.1.1;
passenger_ruby /usr/local/bin/ruby;

I still have an issue with the web page comlaning that the snorby worker isn't running, yet it is running from an upstart script.

I'll look at that another day!





Sunday, 20 November 2016

Windows Containers on Windows 10 Anniversary Edition

Quickstart guide on how to run Docker and Containers on Windows 10 anniversary edition.

Works nicely with the Windows Server 2016 Container videos from Microsoft Ignite here:
https://www.youtube.com/playlist?list=PL_AEfBHGUiI9SmGakvrqvG-jZnicHKWh0

Couple of corrections I had to make:

1. Replace the Docker download URL with https://master.dockerproject.org/windows/amd64/docker-1.14.0-dev.zip instead of v1.13.

2. The Docker CLI didn't work for me until I restarted PowerShell.

Windows Container on Windows 10:
'via Blog this'

Sunday, 23 October 2016

How to turn off preview globally for Evolution 3.22.1

I finally found a way to do this.

First, I installed dconf-editor:
sudo apt install dconf-editor

I then started this up and navigated to the following place:
/org/gnome/evolution/mail

I then scrolled down to the global-view-setting.

I set the Use default value to OFF, and then set the Custom value to True,

Once I turned off the preview for the Inbox, it was gone for all other message folders too:
View > Preview > Uncheck Show Message preview.

You can also use Ctrl+M to toggle this on and off.

Setting up NHS Mail 2 in Evolution v3.22.1

I've had a number of issues setting up NHS Mail 2 in Evolution and after having installed Ubuntu Gnome 16.10 this weekend I decided I'd have another go.

First of all, I had to add the Evolution EWS service which wasn't installed by default:
sudo apt install evolution-ews

Once that was installed, I was able to go through the account setup:
Edit > Preferences > Mail Accounts > Add

The auto discovery failed, but by manually setting the type to Evolution EWS I was able to get it working.

The magic URL that worked for me was:
https://mail.nhs.net/EWS/Exchange.asmx


Once that was set, I was able to get the OAB URL too by clicking on the Fetch URL button.

The critical step was to set NTLM as the authentication type rather than  Kerberos. The option to discover auth type kept saying that Kerberos was valid, but when I tried it I kept getting an SPEGNO error message saying authentication had failed.

You have to be careful not to store your NHS Mail 2 password in the security otherwise it will eventually lock your account. Still working out how to remove it tf you have done this as I can't find the password in seahorse (Passwords and Keys). If you do accidently store the password in your keyring, you can find and delete it by running seahorse from the terminal or Passwords and Keys from the GUI and search for Evolution Data Source.

I'm not entirely sure that NTLM on EWS is a good authentication method to use with NHS Mail 2 so I will be following this up with Accenture when I'm back at work - Not sure what kind of reception I will get to that though.

Anyone have any thoughts of the merits of NTLM vs Kerberos authentication in an Internet facing application such as EWS?

Sunday, 9 October 2016

Screen tearing with Intel HD 5500 on HP ZBook 15 G2 and Ubuntu 16.10 Beta 2

I've been suffering some screen tearing with the discrete Intel HD5500 on my HP ZBook 15 G2 laptop and Ubuntu 16.10 Beta 2.

Found various posts stating to create the file /usr/share/X11/xorg.conf.d/20-intel.conf containing the following information:

Section "Device"
Identifier  "Intel Graphics"
Driver      "Intel"
Option      "TearFree"    "true"
EndSection

Note: When I created this files with tabs, it hung the X startup so probably best not to include any extra spaces or tab characters.

This video now plays fine. :)

Thanks to this post and this post.

I've now looked at this again in Ubuntu 17.04 beta 2, and added the following two lines to sort out issues with the Chrome address bar flickering:

Option "AccelMethod" "sna"
Option "DRI" "3"

I did not have to change any switches used to startup Chrome 57.

This thread helped a lot.

Wednesday, 5 October 2016

Opt-In to Microsoft Update (Windows)

Opt-In to Microsoft Update (Windows): "
Set ServiceManager = CreateObject("Microsoft.Update.ServiceManager")
ServiceManager.ClientApplicationID = "My App"

'add the Microsoft Update Service, GUID
Set NewUpdateService = ServiceManager.AddService2("7971f918-a847-4430-9279-4a52d1efe18d",7,"")"



'via Blog this'

Sunday, 28 August 2016

Crappy Netflix Playback? Here’s How to Test Your Streaming Speed | WIRED

Google Chrome will play NetFlix on Linux but Chromium will not.

Linux is therefore limited to 720 and not 1080 as it doesn't run crappy IE or Edge.



Crappy Netflix Playback? Here’s How to Test Your Streaming Speed | WIRED:



'via Blog this'

Screen tearing problem on Cub Linux

I've been testing Cub Linux RC1 (based upon Ubuntu 14.04) and had some problems with video playback. After some research I found that editing ~/.config/compton.conf and changing the following lines removed the issue:

Replace backend = "xrender"; with backend = "glx";

Replace vsync = "none"; with vsync = "opengl";

Note: This works fine on the Integrated Intel HD5500 graphics but still produces tearing if I switch to the Radeon Discrete graphics. Not sure if I can find a setting that works with both... Thoughts?

How to force Linux appliaction to run using discrete graphics card

On a laptop with integrated (Intel HD5500) and discrete (AMD Radeon R7 M265) the applications startup using the integrated graphics by default. setting the variable DRI_PRIME=1 causes the applications to use the discrete graphics instead.

e.g.

"glmark2" runs on the integrated graphics vs "DRI_PRIME=1 glmark2" runs on the discrete graphics.
"chromium-browser" runs on the integrated graphics vs "DRI_PRIME=1 chromium-browser" runs on the discrete graphics.

You can also force the use of radeon graphics by the use of a grub flag.

ati - Very Low Temperature Reading for graphics driver using lm-sensors - Ask Ubuntu:



'via Blog this'

How to force Linux appliaction to run using discrete graphics card

On a laptop with integrated (Intel HD5500) and discrete (AMD Radeon R7 M265) the applications startup using the integrated graphics by default. setting the variable DRI_PRIME=1 causes the applications to use the discrete graphics instead.

e.g.

"glmark2" runs on the integrated graphics vs "DRI_PRIME=1 glmark2" runs on the discrete graphics.
"chromium-browser" runs on the integrated graphics vs "DRI_PRIME=1 chromium-browser" runs on the discrete graphics.

You can also force the use of radeon graphics by the use of a grub flag.

ati - Very Low Temperature Reading for graphics driver using lm-sensors - Ask Ubuntu:



'via Blog this'

How to force Linux appliaction to run using discrete graphics card

On a laptop with integrated (Intel HD5500) and discrete (AMD Radeon R7 M265) the applications startup using the integrated graphics by default. setting the variable DRI_PRIME=1 causes the applications to use the discrete graphics instead.

e.g.

"glmark2" runs on the integrated graphics vs "DRI_PRIME=1 glmark2" runs on the discrete graphics.
"chromium-browser" runs on the integrated graphics vs "DRI_PRIME=1 chromium-browser" runs on the discrete graphics.

You can also force the use of radeon graphics by the use of a grub flag.

ati - Very Low Temperature Reading for graphics driver using lm-sensors - Ask Ubuntu:



'via Blog this'

Monday, 22 August 2016

How to shrink a dynamically-expanding guest virtualbox image | dantwining.co.uk

How to shrink a dynamically-expanding guest virtualbox image | dantwining.co.uk:



'via Blog this'



This worked for me on Debian Testing which has a habit of increasing in size purely due to the number of updates required.



I first tried compacting the disk without zeroing the space and the disk size went down from 12.485GB to 12.476, a massive 9MB saving. ;)



I then followed the procedure in the post modified slightly for Debian:



  1. Install zerofree using 'sudo apt install zerofree'
  2. Power off the virtual system using 'sudo poweroff'
  3. Boot the system holding left shift
  4. Select advanced options
  5. Select recovery mode using the latest installed kernel
  6. Identify your root filesystem (and any other filesystems you want to compact) using 'mount'; take a note of the filesystem type they are using as well
  7. 'service rsyslog stop'
  8. 'service network-manager stop'
  9. Run the following two commands for all the required filesystems:
    1. 'mount -n -o remount,ro -t ext4 /dev/sda1 /'
    2. 'zerofree -v /dev/sda1'
    3. Replace ext3 with the required filesystem type, / with the required mount point, and /dev/sda1 with the required device
  10. 'poweroff'
  11. Compact the files system using cmd prompt if on Windows:
    1. 'cmd' (run as administrator)
    2. 'C:'
    3. 'cd "\Program Files\Oracle\VirtualBox"'
    4. 'vboxmanage modifyhd "D:\VMs\Debian Testing\Debian Testing.vdi"' (replace the .vdi path with our own disk image)
My Debian testing disk image was then reduced to 7.333GB saving a further 5.143GB or 41% of the total space.

Monday, 4 July 2016

Creating a tiered virtual disk in Windows Server 2016 VM using VirtualBox as hypervisor

I've been playing with Windows Server 2016 as a VM inside VirtualBox, but despite VirtualBox being able to mark virtual disks as an SSD disk, I was unable to create any tiered Storage Spaces inside the guest VM.


The VM disks (hosted as virtual disks on an actual SSD) were marked as SSD correctly:



























Turns out that the SSD disks weren't the problem, it was the HDD which were coming up as UnSpecified:

Get-PhysicalDisk | select FriendlyName, UniqueId, MediaType, Size

FriendlyName  UniqueId                               MediaType           Size
------------  --------                               ---------           ----
VBOX HARDDISK {01c1a62b-e1d6-1910-b251-09f3ae1b2047} UnSpecified 214748364800
VBOX HARDDISK {12fcf70b-b805-183a-f1a8-103d6b91ba70} UnSpecified  34359738368
VBOX HARDDISK {31b25faa-db05-490a-7acd-a8927a2b569f} UnSpecified 214748364800
VBOX HARDDISK {45fc2705-9a13-1afc-a554-0ded23d9e78b} UnSpecified 214748364800
VBOX HARDDISK {50642166-ca99-47ce-2f87-b5b4f2c19254} SSD          21474836480
VBOX HARDDISK {57b897e4-f98a-3330-dbc2-6a5ab6749742} SSD          21474836480
VBOX HARDDISK {769a2aa9-a289-7627-24ef-6b3a2fcff2bb} SSD          21474836480
VBOX HARDDISK {a1a9e55d-68b9-7eb3-11dd-6348bb837642} UnSpecified 214748364800
VBOX HARDDISK {d98baa0d-b0df-74ea-ac87-d107998e79ed} SSD          21474836480


The commands below won't work if the disks are still in the primordial pool, so you need to use either the GUI or PowerShell to create the pool first. Once that is done you can edit change the FriendlyName and the MediaType using Powershell.


I was able to rename and reclassify the HDD's like so:

Set-PhysicalDisk -UniqueId '{01c1a62b-e1d6-1910-b251-09f3ae1b2047}' -NewFriendlyName HDD1 -MediaType HDD
Set-PhysicalDisk -UniqueId '{31b25faa-db05-490a-7acd-a8927a2b569f}' -NewFriendlyName HDD2 -MediaType HDD
Set-PhysicalDisk -UniqueId '{45fc2705-9a13-1afc-a554-0ded23d9e78b}' -NewFriendlyName HDD3 -MediaType HDD
Set-PhysicalDisk -UniqueId '{a1a9e55d-68b9-7eb3-11dd-6348bb837642}' -NewFriendlyName HDD4 -MediaType HDD


I was also able to rename the SSD devices to make them more obvious:

Set-PhysicalDisk -UniqueId '{50642166-ca99-47ce-2f87-b5b4f2c19254}' -NewFriendlyName SDD1
Set-PhysicalDisk -UniqueId '{57b897e4-f98a-3330-dbc2-6a5ab6749742}' -NewFriendlyName SDD2
Set-PhysicalDisk -UniqueId '{769a2aa9-a289-7627-24ef-6b3a2fcff2bb}' -NewFriendlyName SDD3
Set-PhysicalDisk -UniqueId '{d98baa0d-b0df-74ea-ac87-d107998e79ed}' -NewFriendlyName SDD4


The disks were now identified correctly and I could create my tiered virtual disks:

FriendlyName  UniqueId                               MediaType           Size
------------  --------                               ---------           ----
HDD1          {01c1a62b-e1d6-1910-b251-09f3ae1b2047} HDD         214748364800
VBOX HARDDISK {12fcf70b-b805-183a-f1a8-103d6b91ba70} UnSpecified  34359738368
HDD2          {31b25faa-db05-490a-7acd-a8927a2b569f} HDD         214748364800
HDD3          {45fc2705-9a13-1afc-a554-0ded23d9e78b} HDD         214748364800
SDD1          {50642166-ca99-47ce-2f87-b5b4f2c19254} SSD          21474836480
SDD2          {57b897e4-f98a-3330-dbc2-6a5ab6749742} SSD          21474836480
SDD3          {769a2aa9-a289-7627-24ef-6b3a2fcff2bb} SSD          21474836480
HDD4          {a1a9e55d-68b9-7eb3-11dd-6348bb837642} HDD         214748364800
SDD4          {d98baa0d-b0df-74ea-ac87-d107998e79ed} SSD          21474836480


Everything looked good in the GUI too:



Friday, 24 June 2016

Google Chrome on Ubuntu 16.04

On reinstalling this today onto a stock install of Ubuntu 16.04, I had a couple of unmet dependencies. I sorted it out with:
sudo apt install libappindicator1 libindicator7

Wednesday, 8 June 2016

renew Openvas 8 Certificates

This happens on a yearly basis and always left my scratching my head:

openvas-mkcert -q -f 'Refreshes the server certificate for a year
openvas-mkcert-client -n -i 'Refresahes the client certificate for a year
reboot

Wednesday, 1 June 2016

Saturday, 21 May 2016

Booting Tails 2.3 on HP Zbook 15 G2

I've had issues with the last few versions of Tails on my HP ZBook G2 and with the new version 2.3 released in April thought I'd have another look.

There are quite a few workrounds on the Tails page for laptops with dual graphic adaptors, but none of them worked for me.

The ZBook seems to boot in Intel HD graphics and then switch to Radeon graphics on login.

The display is then only active for a few seconds before crashing to the boot text. All you can do then is press the power button to shut down.

Failsafe mode wasn't really acceptable as it seems to be software driven and was very slow, so, after a bit of experimentation I found hitting TAB on the Grub boot screen and appending 'radeon.modeset=0' (without the quotes) allowed Tails to boot into a stable, fast desktop. I know it's only using the Intel graphics now, but I don't think Tails needs the high power Radeon adaptor anyway.

I then tried to find a way to make this permanent.

After more experimentation I found that you could remount the boot media with a read-write flag and then change the appropriate .cfg files with:
  • sudo mount -o remount,rw /lib/live/mount/medium
  • sudo vi /lib/live/mount/medium/syslinux/liveamd64.cfg
  • sudo vi /lib/live/mount/medium/EFI/BOOT/liveamd64.cfg
  • sudo mount -o remount,ro /lib/live/mount/medium
You only need to edit the file in syslinux if you are booting from BIOS mode, or the EFI/BOOT one if you are using UEFI boot mode (though I have not tested UEFI).

To use use sudo, you need to set a password on boot with the 'More Options' dialog, and you have to append the 'radeon.modeset=0" manually the first time you boot to be able to do the above.

Tuesday, 17 May 2016

Replacing Self Signed Remote Desktop Services Certificate on Windows - Knowledge eXchange

Replacing Self Signed Remote Desktop Services Certificate on Windows - Knowledge eXchange:



'via Blog this'

Checklist: Create a Load-Balanced RD Session Host Server Farm by Using RD Connection Broker

Checklist: Create a Load-Balanced RD Session Host Server Farm by Using RD Connection Broker:



'via Blog this'

How to Request a Certificate With a Custom SAN

How to Request a Certificate With a Custom SAN:



'via Blog this'

Introducing Web Single Sign-On for RemoteApp and Desktop Connections | Remote Desktop Services Blog

Introducing Web Single Sign-On for RemoteApp and Desktop Connections | Remote Desktop Services Blog:



'via Blog this'

Enable RDC Client Single Sign-On for Remote Desktop Services

Enable RDC Client Single Sign-On for Remote Desktop Services:



'via Blog this'

RDS 2008, Browser Not Supported, IE10, IE11 -

RDS 2008, Browser Not Supported, IE10, IE11 -:



'via Blog this'

Monday, 25 April 2016

Ubuntu 16.04 as Virtualbox Guest on Windows

I've been playing with the many flavours of Ubuntu 16.04 to see which might be suitable for deploying applications over a free to use RDP or X2GO solution. I've tried the following:

  • Ubuntu
  • Kubuntu
  • Xubuntu
  • Lubuntu
  • Ubuntu Gnome
  • Ubuntu Mate
Part of this testing is on Virtualbox as a guest under Windows 10, and I've found the correct selection of extra packages I need to give full display functionality as a guest without errors.
I used the following command:
  • sudo apt install virtualbox-guest-utils virtualbox-guest-dkms dkms linux-headers-generic build-essential
Ubuntu is out as it's display manager doesn't work well with the RDP server, so looks like Lubuntu, Xubuntu, Ubuntu Mate or maybe Ubuntu Gnome fail-back might be usable.

Sunday, 10 April 2016

Remove Signature Dashes from Evolution 3 under Gnome 3

Issuing the following command in Ubuntu 16.04 will stop Evolution adding the double-dash separator between body and signature in emails with signatures:
dconf write /org/gnome/evolution/mail/composer-no-signature-delim true

Thanks to

Remove Signature Dashes from Evolution 3.6 under Gnome 3 - See more at: http://delcoursolutions.tumblr.com/post/36602556359/remove-signature-dashes-from-evolution-36-under#sthash.GdArIQHs.dpuf

Ubuntu 16.04 Bug #1568455 "Incorrect information in /etc/c-icap/c-icap.conf"

After having issues with c-icap not starting after installation into Ubuntu 16.04, I have filed this bug: #1568455.

I was attempting to setup c-icap to handle scanning against clamav for our Dell FS8600 NAS, but there is a problem in /etc/c-icap/c-icap.conf which prevents the c-icap server from starting.


Line 232 of /etc/c-icap/c-icap.conf reads:
ModulesDir ${prefix}/lib/x86_64-linux-gnu/c_icap

It should read:
ModulesDir /usr/lib/x86_64-linux-gnu/c_icap


Line 240 of /etc/c-icap/c-icap.conf reads:
ServicesDir ${prefix}/lib/x86_64-linux-gnu/c_icap

It should read:
ServicesDir /usr/lib/x86_64-linux-gnu/c_icap

Looks like the information in the default conf file isn't being updated correctly about the installation location.

This is affecting both the server and desktop build.

Friday, 25 March 2016

Install Ubuntu 16.04 as guest in VirtualBox

Playing with Ubuntu 16.04 Beta2 in VirtualBox and was having some issues with the guest utils.

Running 'sudo apt-get install virtualbox-guest-utils' worked, but I was getting a kernel driver error message. I'd seen this before and couldn't think how I had fixed it though it did seem to involve permissions.

I found that running 'sudo apt-get install dkms virtualbox-guest-dkms' fixed it though.

Wednesday, 17 February 2016

Removing WPAD from DNS block list

Ran into this again.



Both WPAD and ISATAP are blocked as queries in 2008 DNS to prevent dynamically registered records creating a denial of service or man in the middle attack with DNS. You can change this blocklist by following the info below.



Removing WPAD from DNS block list:



'via Blog this'