This post describes how to configure LogRhythm Agnet to collect the Symantec SEPM logs through MS SQL DB. Method 1 – Syslog Forwarding 1 This is traditional way to forward logs from SEPM to Syslog servers, such as ArcSight, Splunk, Qradar, LogRhythm, etc. Note: SEPM does not support multiple syslog servers. Only one host can be configured and supported. Procedure Log in to your Symantec Endpoint Protection Manager system. In the left pane, click the Admin icon.…
This post is to summarize a way how to configure a remote connection manager tool to integrate with CyberArk PSM. In this way, you can directly RDP into target server through PSM, without logging into PVWA to do connect.
Microsoft Remote Desktop Connection Manager
Microsoft has retired MRDCM software and following link is not having download anymore. There is some serious vulnerabilities found in this software, although it is still very popular Remote Desktop Connection Manager tool.
xRDP protocol is a bit slow to connect based on my previous testing. This time, I am trying to use VNC protocol to do connection, which has been proven much faster than xRDP.
My previous post "Connect to GNOME desktop environment via xRDP on CentOS 7 & Ubuntu 18" shows how to use RDP client connecting to linux but connection speed is too slow for regular operation. Compared both, VNC solution is much better for daily operation remote control experience when using it on Linux server.
Pre-requirements
Most Cloud Providers do not allow you to log in directly using Password. It will ask you to use public/private key to log in. This post is using AWS EC2 instance as an example to enable password authentication for your SSH session. This is not recommended and only for your testing purpose. It dramatically lows down your security configuration.
Ngx_lua_waf is a web application firewall based on lua-nginx-module.
- Prevent SQL injection, local inclusion, partial overflow, fuzzing, xss, SSRF and other web attacks
- Prevent file leaks, such as svn / backup
- Prevent attacks from stress testing tools such as ApacheBench
- Block common scanning hacking tools, scanners
- Block unusual network requests
- Block image attachment class directory php execute permission
- Prevent webshell uploads
MailEnable is the software I installed on my lab environment DC server, which has been used to testing other system's email function. It is free, integrated well with AD, Web Login/Web Admin supported, smtp/pop supported. No complaints to this software for its functionality.
Here I posts some configuration tips my own notes. In case I forgot some settings during re-installation.
This post is to present the installation steps for PSMP.
Pre-requisites
1 Minimum installation CentOS7
2 SSHD Service installed
