Sometimes it fails when you try to remove Sophos Endpoint Protection, for some weird reason tamper protection getø’s messed up, and keep telling you that the entered code is invalid or maybe you lost it, due to cancellation of the Sophos Central Account, this can help you get things going again: Overview This article describes how to recover a tamper protected system if the tamper protection password is lost and the client cannot receive a… Sophos Endpoint Defense: How to recover a tamper protected system
When you lost access to root or any other account on a Debian based system, use this simple steps to gain access: At the boot window, where it counts down, quickly press “e” where you stand. Scroll down to the kernel line you will boot from, it starts with “linux /boot/vmlinuz-…….“ Scroll to the end of that line and press space key once and type init=/bin/bash Press Ctrl X to boot
# Remount / as Read/Write
# Change the root account password with
# Change any other account password with
# type new password, confirm and hit enter and then reboot by reset or preferred method,
Sophos has released 9.509-3 today, this is a 1,2MB small fix, that addresses the following issues: Up2Date Information News Maintenance Release Remarks System will be rebooted Bugfixes NUTM-9619 [Email] CVE-2018-6789: buffer overflow in base64d function in SMTP listener NUTM-9698 [Network] After upgrade to 9.508 in VPC IPsec BGP status shows “state error” NUTM-9713 [Network] BGP not advertising network to all neighbors It will be rolled out in phases, phase 1 is to download from the FTP… Sophos UTM: Up2date 9.509-3 released
When moving FSMO roles the old fashioned way, you use MMC and move the roles each individually, it takes a little time, but it’s somewhat troublesome. BUT, this can be achieved much quicker with Powershell 🙂 Here is how to transfer all 5 FSMO roles: Move-ADDirectoryServerOperationMasterRole -Identity DC01 –OperationMasterRole PDCEmulator,RIDMaster,InfrastructureMaster,SchemaMaster,DomainNamingMaster Where “DC01” above is the TARGET DC. Check with netdom command afterwards: Done!
With PCI compliance scans, one are often told to move TLS version to 1.2, but many clients cannot connect through a proxy to ex. Exchange. Let’s say Windows 7 with Outlook 2010. What you get when you enforce TLS 1.2, is that Outlook can no longer connect (Outlook Anywhere), it because the OS does not support higher that TLS 1.0 by default. One of the errors could be: You can fix this, by installing KB3140245… Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows
Sophos has just released the long awaited MR6, for SFOS v17, I have installed it, and it looks like the VPN dropouts, finally stopped 🙂 Release notes: Note: On v16 to v17 update, SFOS does not set SHA2 truncation on custom IPSec policy. Please see https://community.sophos.com/kb/127867 for details. Issues Resolved NC-26520 [Base System] Logviewer exceeds allotted diskspace NC-26601 [Base System] validatePort didn’t validate all used ports correctly NC-25574 [IPsec] Upgrade to v17 failed when a policy with name… Sophos XG: SFOS 17.0.6 MR6 Released
Sophos has released two updates today (only ftp atm. not staged rool out), for the UTM software, here are the release notes: 9.507: Up2Date 9.507001 package description: Remark: System will be rebooted News: Maintenance Release Bugfixes: Fix [NUTM-6920]: [Basesystem] Support for new SG1xx(w) models Fix [NUTM-9174]: [WAF] Certificate dropdown is visible for virtual webserver using HTTP RPM packages contained: pciutils-ids-2015.10.07-3.1.1884.g871a7b6.rb9.noarch.rpm perf-tools-3.12.74-0.275164236.gb090b6e.rb6.i686.rpm tools-9.50-24.gdbef91b.rb4.i686.rpm ep-init-9.50-36.g12cf826.rb4.noarch.rpm ep-mdw-9.50-974.gb5c323c.rb7.i686.rpm ep-tools-9.50-29.g73dfad1.rb4.i686.rpm ep-webadmin-9.50-1322.g64a4b92.rb8.i686.rpm kernel-smp-3.12.74-0.275164236.gb090b6e.rb6.i686.rpm kernel-smp64-3.12.74-0.275164236.gb090b6e.rb5.x86_64.rpm ep-release-9.507-1.noarch.rpm 9.508 Up2Date 9.508010 package description:… Sophos UTM: Up2date 9.507 and 9.508 released
Many mobile devices, have problems with Exchange Autodiscover, if the following is true: You have a webserver on the root domain (many companies usually do!) The root webserver respons on HTTPS, but with wrong certificate and also have no Autodiscover setting. This is due to the way autodiscover works (In steps): Connect to: https://contoso.com/AutoDiscover/AutoDiscover.xml Connect to: https://autodiscover.contoso.com/AutoDiscover/AutoDiscover.xml Autodiscover redirect URL for redirection: http://autodiscover.contoso.com/autodiscover/autodiscover.xml Search for DNS SRV record When you have many domains on an… Microsoft Exchange: Autodiscover problems on mobile devices
Azure have many DC’s located around the world, sometimes it’s easier to see it on a map, than reading it on text 🙂 Try this: https://www.google.com/maps/d/viewer?hl=en_US&mid=1DxuVZpESlJMVJM5PoqeEmQvrUQ4&ll=11.134319190496623%2C-125.63034149999993&z=2
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.