Latest posts

Sophos Endpoint Defense: How to recover a tamper protected system

Martin 05/04/2018

Sometimes it fails when you try to remove Sophos Endpoint Protection, for some weird reason tamper protection getø’s messed up, and keep telling you that the entered code is invalid or maybe you lost it, due to cancellation of the Sophos Central Account, this can help you get things going again: Overview This article describes how to recover a tamper protected system if  the tamper protection password is lost and the client cannot receive a… Sophos Endpoint Defense: How to recover a tamper protected system

Read More Sophos Endpoint Defense: How to recover a tamper protected system

Linux: Resetting root password on Debian based distributions

Martin 28/03/2018

When you lost access to root or any other account on a Debian based system, use this simple steps to gain access: At the boot window, where it counts down, quickly press “e” where you stand. Scroll down to the kernel line you will boot from, it starts with “linux /boot/vmlinuz-…….“ Scroll to the end of that line and press space key once and type init=/bin/bash Press Ctrl X to boot

Read More Linux: Resetting root password on Debian based distributions

Sophos UTM: Up2date 9.509-3 released

Martin 26/03/2018

Sophos has released 9.509-3 today, this is a 1,2MB small fix, that addresses the following issues: Up2Date Information News Maintenance Release Remarks System will be rebooted Bugfixes NUTM-9619 [Email] CVE-2018-6789: buffer overflow in base64d function in SMTP listener NUTM-9698 [Network] After upgrade to 9.508 in VPC IPsec BGP status shows “state error” NUTM-9713 [Network] BGP not advertising network to all neighbors It will be rolled out in phases, phase 1 is to download from the FTP… Sophos UTM: Up2date 9.509-3 released

Read More Sophos UTM: Up2date 9.509-3 released

Active Directory: Move FSMO roles with PowerShell

Martin 15/03/2018

When moving FSMO roles the old fashioned way, you use MMC and move the roles each individually, it takes a little time, but it’s somewhat troublesome. BUT, this can be achieved much quicker with Powershell 🙂 Here is how to transfer all 5 FSMO roles: Move-ADDirectoryServerOperationMasterRole -Identity DC01 –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster Where “DC01” above is the TARGET DC. Check with netdom command afterwards: Done!

Read More Active Directory: Move FSMO roles with PowerShell

Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows

Martin 09/03/2018

With PCI compliance scans, one are often told to move TLS version to 1.2, but many clients cannot connect through a proxy to ex. Exchange. Let’s say Windows 7 with Outlook 2010. What you get when you enforce TLS 1.2, is that Outlook can no longer connect (Outlook Anywhere), it because the OS does not support higher that TLS 1.0 by default. One of the errors could be: You can fix this, by installing KB3140245… Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows

Read More Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows

Sophos XG: SFOS 17.0.6 MR6 Released

Martin 07/03/2018

Sophos has just released the long awaited MR6, for SFOS v17, I have installed it, and it looks like the VPN dropouts, finally stopped 🙂 Release notes: Note: On v16 to v17 update, SFOS does not set SHA2 truncation on custom IPSec policy. Please see https://community.sophos.com/kb/127867 for details. Issues Resolved NC-26520 [Base System] Logviewer exceeds allotted diskspace NC-26601 [Base System] validatePort didn’t validate all used ports correctly NC-25574 [IPsec] Upgrade to v17 failed when a policy with name… Sophos XG: SFOS 17.0.6 MR6 Released

Read More Sophos XG: SFOS 17.0.6 MR6 Released

Sophos UTM: Up2date 9.507 and 9.508 released

Martin 01/03/2018

Sophos has released two updates today (only ftp atm. not staged rool out), for the UTM software, here are the release notes: 9.507: Up2Date 9.507001 package description: Remark: System will be rebooted News: Maintenance Release Bugfixes: Fix [NUTM-6920]: [Basesystem] Support for new SG1xx(w) models Fix [NUTM-9174]: [WAF] Certificate dropdown is visible for virtual webserver using HTTP RPM packages contained: pciutils-ids-2015.10.07-3.1.1884.g871a7b6.rb9.noarch.rpm perf-tools-3.12.74-0.275164236.gb090b6e.rb6.i686.rpm tools-9.50-24.gdbef91b.rb4.i686.rpm ep-init-9.50-36.g12cf826.rb4.noarch.rpm ep-mdw-9.50-974.gb5c323c.rb7.i686.rpm ep-tools-9.50-29.g73dfad1.rb4.i686.rpm ep-webadmin-9.50-1322.g64a4b92.rb8.i686.rpm kernel-smp-3.12.74-0.275164236.gb090b6e.rb6.i686.rpm kernel-smp64-3.12.74-0.275164236.gb090b6e.rb5.x86_64.rpm ep-release-9.507-1.noarch.rpm   9.508 Up2Date 9.508010 package description:… Sophos UTM: Up2date 9.507 and 9.508 released

Read More Sophos UTM: Up2date 9.507 and 9.508 released

Microsoft Exchange: Autodiscover problems on mobile devices

Martin 23/02/2018

Many mobile devices, have problems with Exchange Autodiscover, if the following is true: You have a webserver on the root domain (many companies usually do!) The root webserver respons on HTTPS, but with wrong certificate and also have no Autodiscover setting. This is due to the way autodiscover works (In steps): Connect to: https://contoso.com/AutoDiscover/AutoDiscover.xml Connect to: https://autodiscover.contoso.com/AutoDiscover/AutoDiscover.xml Autodiscover redirect URL for redirection: http://autodiscover.contoso.com/autodiscover/autodiscover.xml Search for DNS SRV record When you have many domains on an… Microsoft Exchange: Autodiscover problems on mobile devices

Read More Microsoft Exchange: Autodiscover problems on mobile devices