Press "Enter" to skip to content

LogRhythm Remote Windows Log Collection Integration with Symantec SEPM MS SQL DB


This post describes how to configure LogRhythm Agnet to collect the Symantec SEPM logs through MS SQL DB. Method 1 – Syslog Forwarding 1  This is traditional way to forward logs from SEPM to Syslog servers, such as ArcSight, Splunk, Qradar, LogRhythm, etc.  Note: SEPM does not support multiple syslog servers. Only one host can be configured and supported. Procedure Log in to your Symantec Endpoint Protection Manager system. In the left pane, click the Admin icon.…

Configure Remote Connection Tools (RDCM, MobaXterm, mRemoteNG) Integrate with PSM


This post is to summarize a way how to configure a remote connection manager tool to integrate with CyberArk PSM. In this way, you can directly RDP into target server through PSM, without logging into PVWA to do connect.

Microsoft Remote Desktop Connection Manager

Microsoft has retired MRDCM software and following link is not having download anymore. There is some serious vulnerabilities found in this software, although it is still very popular Remote Desktop Connection Manager tool.

Install / Configure Xfce and VNC Server on CentOS7


xRDP protocol is a bit slow to connect based on my previous testing. This time, I am trying to use VNC protocol to do connection, which has been proven much faster than xRDP.

My previous post "Connect to GNOME desktop environment via xRDP on CentOS 7 & Ubuntu 18" shows how to use RDP client connecting to linux but connection speed is too slow for regular operation. Compared both, VNC solution is much better for daily operation remote control experience when using it on Linux server.


Install and Configure ngx_lua_waf Based on Nginx+Lua ( OpenResty)


Ngx_lua_waf is a web application firewall based on lua-nginx-module.

  • Prevent SQL injection, local inclusion, partial overflow, fuzzing, xss, SSRF and other web attacks
  • Prevent file leaks, such as svn / backup
  • Prevent attacks from stress testing tools such as ApacheBench
  • Block common scanning hacking tools, scanners
  • Block unusual network requests
  • Block image attachment class directory php execute permission
  • Prevent webshell uploads

Windows Free Email Server -MailEnable Installation and Configuration


MailEnable is the software I installed on my lab environment DC server, which has been used to testing other system's email function. It is free, integrated well with AD, Web Login/Web Admin supported, smtp/pop supported. No complaints to this software for its functionality.

Here I posts some configuration tips my own notes. In case I forgot some settings during re-installation.