Latest posts

Sophos UTM: Up2date 9.504-1 released

Martin 19/10/2017

Sophos has released a minor fix, but an important on today as GA: Release notes:   Up2Date 9.504001 package description: Remarks: System will be rebooted Configuration will be upgraded Connected REDs will perform firmware upgrade News: Security Release Bugfixes: Fix [NUTM-8851]: [Basesystem] System doesn’t boot if Posgtresql database cannot start Fix [NUTM-7240]: [RED] RED 50 loosing ARP entries of internal machines Fix [NUTM-8782]: [RED] RED10, RED15, RED50: Update OpenSSL and TCPdump to most current version… Sophos UTM: Up2date 9.504-1 released

Read More Sophos UTM: Up2date 9.504-1 released

Sophos XG Firewall v17 Release Candidate is out now!

Martin 12/10/2017

Hooray! Finally it’s there, are you ready to onboard? I think they have gone a long way, but it looks promising, even though I am a faithfully UTM user, I just have to admit, that Sophos is not planning to make the UTM live very much longer, 9.6 and 9.7 on the road map, but all the new stuff, including security heartbeat, is only going to be featured in XG. Read more here: XG Firewall… Sophos XG Firewall v17 Release Candidate is out now!

Read More Sophos XG Firewall v17 Release Candidate is out now!

Sophos XG firewall: SFOS v17.0 beta2 released

Martin 10/10/2017

Finally XG 17 is moving towards something useable, beta2 has been released, and you now get a somewhat stable environment now: Read all about it here: https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-feedback/96596/sfos-v17-0-beta2-released UTM config conversion tool, will maybe be available in November 2017, after XG 17 beta is finished.

Read More Sophos XG firewall: SFOS v17.0 beta2 released

Sophos SUM: Update 4.306-3 released

Martin 10/10/2017

Sophos has released a new update GA, which will fix some minor issues with SUM. Release notes:   Up2Date 4.306003 package description: Remark: System will be rebooted News: Maintenance Release Bugfix: Fix [NSU-245]: [accd] SUM is accepting weak ciphers on port 4433 which fails PCI compliance scan RPM packages contained: u2d-tib-9-13659.i686.rpm chroot-bind-9.10.4_P8-0.258574549.g00918f3.rb7.i686.rpm cm-chroot-accd-4.28-177.g66520c5.i686.rpm ep-release-4.306-3.noarch.rpm

Read More Sophos SUM: Update 4.306-3 released

Remote Desktop: How and why you want to sign your RDP file

Martin 05/10/2017

When you have your Remote Desktop farm spinning with connection broker and the right certificates, all should be over with the certificate warnings…..ehh should?? You create a RDP profile for your users, so they have a shortcut on their desktops for the RD farm, but they get this screen: But did i just not install certificates on my connection broker and all my RDS hosts?! YES But when I just open the remote desktop connection… Remote Desktop: How and why you want to sign your RDP file

Read More Remote Desktop: How and why you want to sign your RDP file

PLESK: Enable passive FTP ports

Martin 19/09/2017

When you have first installed Plesk Onyx, and you have forwarded port 20,21 to your Plesk server, you will find that the client is being redirected to passive ports, theese ports needs to be defined in your firewall and also in the Proftpd server inside Plesk. For Plesk: Create a new file “touch /etc/proftpd.d/passive.conf” Edit the file with ex. nano: “nano /etc/proftpd.d/passive.conf” Add the following lines: <Global> PassivePorts 57000 59000 </Global> Then save the file,… PLESK: Enable passive FTP ports

Read More PLESK: Enable passive FTP ports

Sophos UTM 9.503-4 released

Martin 01/09/2017

Due to a little bug with samba and missing libraries, that will get you into problems with AD join, Sophos has released a minor update for that problem in particlular: Up2Date 9.503004 package description: Remark: System will be rebooted News: Hotfix Release Bugfix: Fix [NUTM-8702]: [Web] After 9.503-3 Update: net: error while loading shared libraries RPM packages contained: samba-4.6.5-3.g71f179b.rb1.i686.rpm ep-release-9.503-4.noarch.rpm ftp://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.503003-503004.tgz.gpg

Read More Sophos UTM 9.503-4 released

Sophos UTM: Setting up DKIM for mail security

Martin 01/09/2017

Sophos UTM mail security has many features, it also supports DKIM (DomainKeys Identified Mail), which allows the UTM to cryptographically sign outgoing messages. Unfortunately it’s not “that” easy to set up, like any other UTM feature, but that’s not the UTM’s fault 🙂 I will try to explain how to make things work here: Firstly you have to generate som key pairs, which we need to use to identify your mail, I will be using OpenSSL… Sophos UTM: Setting up DKIM for mail security

Read More Sophos UTM: Setting up DKIM for mail security