how2itsec

▼

Splunk SearchHead Cluster Artifact Proxying - Splunk internally sharing cached search results

›
When the same search is run twice in a splunk cluster, is it using a cache for the results or searching the data a second time? A splunk se...

Splunk UseCase for attacks against FortiGate Firewall management interfaces

›
If you are using Splunk as your SIEM you can try to detect attacks against your FortiGate firewalls by using the following SPL query: index...

Splunk alert for buckets which are not correctly replicated

›
The following shows a splunk savedsearch/alert which searches for Splunk buckets which are not correctly replicated to all indexers.  Exampl...

How to bring relatives & friends to use a password manager

›
After about two years of effort, here's my personal experience report on "How do I get my relatives/friends to use a password manag...

Windows Persistence Map v0.1

›
Mitres Att&ck framework writes about persistence TA0003 : " The adversary is trying to maintain their foothold. "  There are m...

Edge browser internal debug tools - example network traffic

›
 Microsoft Edge browser has some internal tools:  edge://edge-urls/ Example usage net-export - debugging network traffic edge://net-export/ ...

Update Nextron Aurora lite EDR Agent

›
To manually update Nextrons Aurora Lite EDR agent, follow the steps: https://aurora-agent-manual.nextron-systems.com/en/latest/usage/upgrade...

Nextron Aurora EDR agent shows \Pr Error

›
Problem During start of Nextrons Aurora EDR lite agent the programm shows the following error message: PS C:\Program Files\Aurora-Agent...

Azure Managed Identities (technical service accounts)

›
Explaination Azure Managed Identities = technical service accounts Password is automatically managed, as it was the case in managed service ...

Cribl - Change values to lowerCase

›
Some logs (e.g. Microsoft Azure) sometimes are not fully normalized to all lowercase characters. You can use Cribl to adjust those values by...

Filter logs in Splunk - example filtering monitor probe checks

›
When running Splunk you want to filter logs, for example to get rid of the many health check probe querys from your monitoring system. Examp...

Nextcloud shows error "Data directory and your files are probably accessible from the Internet"

›
Starting Nextcloud v29 the error "Data directory and your files are probably accessible from the Internet".   Cause root@prdanc20...

Fix Nextcloud missing database indexes

›
  Nextcloud adminsitration page shows the following waring: The database is missing some indexes. Due to the fact that adding indexes on bi...

Nextcloud behind nginx reverse proxy error on iPhone and iPad

›
When publishing a nextcloud website using a nginx reverse proxy, you might get an error shown on Apple iOS iPhone and iPadOS iPads on all br...

Certbot Cloudflare DNS Challenge error --dns-cloudflare-credentials

›
When certbot is showing you the error " certbot: error: unrecognized arguments: --dns-cloudflare-credentials" you might find the ...

Color highlight & timestamp your bash cli prompt

›
 To color highlight your bash cli simply edit /etc/bash.bashrc and add the following lines: force_color_prompt=yes     if [ "$LOGNAME...

New proxmox VM does not boot

›
When adding a new VM (in this example the nextcloud appliance VM from https://www.hanssonit.se/nextcloud-vm/ ) to an old version of proxmox ...

Update proxmox 6.4.x to 7.x

›
Updating a proxmox system from version 6.4.x to 7.x using https://pve.proxmox.com/wiki/Upgrade_from_6.x_to_7.0 Proxmox VE 6.x is based on De...

Hackers dont care about your...

›
 In 2009 there was "New Zealands Hacker con" in Wellington, which had this awesome picture: Source:  https://kiwicon.org/site_medi...

apt get update fails after VM snapshot reset

›
After you reset your VM to a snapshot including RAM you might have to time from the VM snapshot still active. So your apt get using https mi...

Microsoft Office access does not work to WebDav shares

›
Since Microsoft released a patch for Windows in Q4-2023, access to WebDav shares which use basic authentication is blocked: Example Example ...
3 comments:

Almost perfect protection for websites and other services - Mutual TLS

›
Its hard to secure your IT services and applications. The list of possible attacks is long, as shown in the Mitre Att&ck framework , the...

Proxmox update error "Sub-process /usr/share/proxmox-ve/pve-apt-hook returned an error code (1)"

›
Problem During a proxmox update (e.g. from proxmox version 6 to 7) you receive the following error: [...] 100% [608 zstd 34.1 kB/630 kB 5...

Update Proxmox 6.x to latest 6.4

›
Update a Proxmox 6.x system to latest 6.4 using the guide https://pve.proxmox.com/wiki/Downloads#Update_a_running_Proxmox_Virtual_Environmen...
›
Home
View web version
how2itsec
Zur Kontaktaufnahme bitte das "Contact" Formular verwenden: https://how2itsec.blogspot.com/
View my complete profile

Impressum

how2itsec
Zur Kontaktaufnahme bitte das "Contact" Formular verwenden: https://how2itsec.blogspot.com/
View my complete profile
Powered by Blogger.