New Graylog content pack for Palo Alto Networks Firewalls released: Marketplace Github
Category Archives: Computers
Graylog – Active Directory Auditing Content Pack Released
New Graylog content pack for Active Directory Auditing released: Marketplace Github
Graylog – Windows DNS Content Pack Released
New Graylog content pack for Windows DNS logs released: Marketplace Github
vCenter 5.5 Web Client in Linux w/ Firefox & Flash 11.5 (Pipelight)
Short story..
Adobe ended flash support for Linux @ 11.2 and the recent vCenter 5.5 Web Client requires version 11.5 minimum… As of recent the only solution was to just use Chrome which for me was sad as I’m primarily a Firefox user. While looking for a silverlight plugin for Firefox I came across Pipelight, which just happens to have a flash plugin as well.
After enabling the flash plugin I fired up the vCenter Web Client and sure enough there it was. Still testing out how stable it is but if you do decide to try it I recommend installing the vCenter Firefox plugin both natively and in the wine instance.
Centralized WAP Management Without A Controller (telnet)
Say for example, the past several years you’ve been gradually deploying WAPs throughout your network infrastructure to the point of now warranting the use of a wireless controller to reduce management overhead. You never expected your wireless infrastructure to have grown so large, thus many of the WAPs currently deployed do not support a wireless controller and you’re now considering replacement of your entire wireless infrastructure.
Unfortunately, the cost associated with updating or replacing an entire wireless infrastructure or even the costs of a controller alone often outweigh the management overhead reduction causing the project to be put on hold or rejected.
The use of a wireless controller typically requires that you’ve had some type of WAP standardization protocol in effect so that the WAPs you’ve been deploying are through the same vendor and the same model or family. Even then, it’s usually only those identified as “enterprise grade” that include support for a controller often leaving IT professionals out of luck.
Linux SSH + PAM + LDAP + SSSD+ 2008 R2 AD Deployment
As an update to my previous post “Linux SSH + PAM + LDAP + 2003 R2 AD Deployment“, SSSD is now part of the base RHEL6 repository (soon CentOS6 as well) which makes it much faster and easier to implement LDAP/AD authentication. In regards to configuring Active Directory, not too much has changed since my previous post so you’ll need to hit up the previous guide for a complete guide. So lets get to it..
mstsc In Linux!
Simple shell script to help me with my habit of always trying to use mstsc to launch remote desktop connections even on my Linux workstation.. You can add other misc rdesktop flags as you feel necessary. Put it in /usr/bin etc
#!/bin/bash # Usage: mstsc /v:host (or mstsc host) iuser="username" ihost=$1 ohost=${ihost/\/v:/} rdesktop -g 1280x1024 -u $iuser -z $ohost > /dev/null 2>&1 & |
Uninstalling Websense Desktop Client
We’ve been using Websense as our content filtering solution for about a year now, primarily utilizing the Remote Desktop Client in conjunction with the Remote Filtering service to handle our remote users and offices. While Websense is probably the most featured packed content filtering solution, it comes at a cost due to a per user licensing model and heavy hardware requirements.
Barracuda recently entered the content filtering market with their appliance, and after a 30-day demo of their 610 model we decided it was the way to go. While it lacks some of the features of Websense, it will free up 2 servers and $8,000/yr in software renewals which is well worth the initial appliance cost.
The primary downside to the Barracuda was the lack of a Remote Filtering agent, which means our remote users and offices will have to proxy through our central office. With our new 50mb Opteman on the way, and utilizing Frontmotion Firefox ADM to force proxy settings, this won’t be a problem.
However..
Attempting to remove the Websense Desktop Client turned out to be more of a hassle then expected. When attempting to use the same .msi for the uninstall as used for the initial install, I would get “This action is only valid for products that are installed” as seen here:
After ensuring the .msi I was using was identical to what was used for the installation, I reinstalled the WDC then proceeded to remove it immediately which worked without issue. With a little GPO help, I was able to push this out to all workstations:
@echo off REM WDC_Uninstall.bat REM Copyright (c) 2009 Jared Orzechowski <jaredo at ameritech dot net> if exist "C:\Program Files\Websense\WDC" GOTO :Uninstall GOTO :End :Uninstall echo Removing Remote Client Filter net use Y: \\domain.com\DFS\Client_installs\CPMClient /Y start /wait msiexec /i Y:\CPMClient.msi REINSTALL=ALL REINSTALLMODE=veums PASSPHRASE=somepass REBOOT=NO /qn "C:\Program Files\Websense\WDC\wdc.exe" -ds somepass sc stop WebsenseDesktopClient start /wait msiexec /x{14D74337-01C2-4F8F-B44B-67FC613E5B1F} /qn /norestart net use Y: /DELETE /Y rmdir /S /Q "C:\Program Files\Websense\WDC" GOTO :End :End echo Operation Complete.. |
Cleaner Fonts In Wine
This should work on most newer versions of wine, just run regedit (registry editor) and add/modify the following.
[HKEY_CURRENT_USER\Control Panel\Desktop] |
“FontSmoothing”=”2” “FontSmoothingType”=dword:00000002 “FontSmoothingGamma”=dword:00000578 “FontSmoothingOrientation”=dword:00000001
Linux Update Password Script
In my last post I showed a good example for using expect in a script. Here is another good example I use for updating local user passwords across a group of servers without using ssh keys. This assumes the user you are resetting can ssh to the host and the old password is the same on all hosts.