Security SSL

SSL Server Test

https://www.ssllabs.com/ssltest

Exchange Microsoft Tips & tricks Tutorials Utils

How to prevent internal email spoofing in an Exchange organization

Ensuring email security might be one of the most important and most difficult tasks an administrator must face. Every day, servers process thousands of emails and controlling such a big mail flow is not easy. No wonder hackers focus on this channel when they plan attacks. They use various tricks to make users think that opening a suspicious attachment is a good idea.

One of the tricks they use is email spoofing.

Prevent Internal Spoofing in Exchange organization

What is email spoofing?

Email spoofing is a very popular attack method. The sender modifies message headers so that emails appear as sent from someone else. Hackers use it, for example, to impersonate employees of a company to obtain login credentials, personal data, or other confidential information. Two most common ways to protect your organization from external spoofing attacks are:

  • An SPF record – a list of IP addresses which are authorized to send emails from a domain.
  • DKIM check – an email authentication method. It enables you to sign and verify email messages using public and private keys. The public keys, published in the DNS records are used to verify if the message comes from the original sender. You cannot configure it on the Exchange Server natively – you require a plugin for SMTP gateway.

Both ways give good results when fighting with external spoofing. The problem starts when we come across internal spoofing when one employee tries to impersonate a colleague. It might be a joke, or to achieve some benefits – either way, it can sabotage a company in a number of ways:

  • Cause chaos,
  • Induce material damage,
  • Harm data integrity,
  • Damage the company reputation.

 

 

See Full article in https://www.codetwo.com/admins-blog/how-to-prevent-internal-email-spoofing-in-exchange/

 

Code Snippets IIS

IIS: Redirect to another domain

Redirect from any page of www.mysite1.com to a static root of another site www.mysite2.com

 

<rule name="site2.com" stopProcessing="true">
             <match url=".*" />
             <conditions>
                 <add input="{HTTP_HOST}" pattern="^(.*)?site1.com" />                 
             </conditions>
             <action type="Redirect" url="http://www.site2.com/{R:0}" />
</rule>
Networking Tutorials Utils

Nmap Cheat Sheet

Nmap has a multitude of options and when you first start playing with this excellent tool it can be a bit daunting. In this cheat sheet you will find a series of practical example commands for running Nmap and getting the most of this powerful tool.

Keep in mind that this cheat sheet merely touches the surface of the available options. The Nmap Documentation portal is your reference for digging deeper into the options available.

read more »

Code Snippets ASP.Net IIS

SSL Redirect URL, rewrite rule

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.webServer>
	<rewrite>
		<rules>
			<rule name="Redirect to http" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
				<match url="*" negate="false" />
				<conditions logicalGrouping="MatchAny">
					<add input="{HTTPS}" pattern="off" />
				</conditions>
				<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />
			</rule>
		</rules>
	</rewrite>
  </system.webServer>
</configuration>

read more »

Uncategorized

Mysql InnoDB Backup

The key to safe database management is making regular backups. Depending on your data volume, number of MySQL servers, and database workload, you can use these backup techniques, alone or in combination: hot backup with MySQL Enterprise Backup; cold backup by copying files while the MySQL server is shut down; logical backup with mysqldump for smaller data volumes or to record the structure of schema objects. Hot and cold backups are physical backups that copy actual data files, which can be used directly by the mysqld server for faster restore.

Using MySQL Enterprise Backup is the recommended method for backing up InnoDB data.

Note

InnoDB does not support databases that are restored using third-party backup tools.

Hot Backups

The mysqlbackup command, part of the MySQL Enterprise Backup component, lets you back up a running MySQL instance, including InnoDB tables, with minimal disruption to operations while producing a consistent snapshot of the database. When mysqlbackup is copying InnoDB tables, reads and writes to InnoDB can continue. MySQL Enterprise Backup can also create compressed backup files, and back up subsets of tables and databases. In conjunction with the MySQL binary log, users can perform point-in-time recovery. MySQL Enterprise Backup is part of the MySQL Enterprise subscription. For more details, see MySQL Enterprise Backup Overview.

Cold Backups

If you can shut down the MySQL server, you can make a physical backup that consists of all files used by InnoDB to manage its tables. Use the following procedure:

  1. Perform a slow shutdown of the MySQL server and make sure that it stops without errors.
  2. Copy all InnoDB data files (ibdata files and .ibd files) into a safe place.
  3. Copy all the .frm files for InnoDB tables to a safe place.
  4. Copy all InnoDB log files (ib_logfile files) to a safe place.
  5. Copy your my.cnf configuration file or files to a safe place.

Logical Backups Using mysqldump

In addition to physical backups, it is recommended that you regularly create logical backups by dumping your tables using mysqldump. A binary file might be corrupted without you noticing it. Dumped tables are stored into text files that are human-readable, so spotting table corruption becomes easier. Also, because the format is simpler, the chance for serious data corruption is smaller. mysqldump also has a --single-transaction option for making a consistent snapshot without locking out other clients. See Section 1.3.1, “Establishing a Backup Policy”.

Replication works with InnoDB tables, so you can use MySQL replication capabilities to keep a copy of your database at database sites requiring high availability. See InnoDB and MySQL Replication.

 

https://dev.mysql.com/doc/mysql-backup-excerpt/5.5/en/innodb-backup.html

Code Snippets

Exporting AD user list

> dsquery user -name * -limit 0 >> c:\users.txt

Exchange Office365 Tips & tricks

MRS Proxy Error “The connection to the server could not be completed”

Check MRS endpoint user and password.

read more »

Exchange Microsoft

Exchange 2013 not receiving external emails

Backpressure,  check for free space on the disks.

 

read more »

Notepad++ Utils

Find duplicates and delete all in notepad++

example:epshetsky@test.com,
rek4@test.com,
rajesh1239@test.com,
mohanraj@test.com,
sam@test.com,
nithin@test.com,
midhunvintech@test.com,
karthickgm27@test.com,
rajesh1239@test.com,
mohanraj@test.com,
nithin@test.com,

I need results back like

epshetsky@test.com,
rek4@test.com,
sam@test.com,
nithin@test.com,
midhunvintech@test.com,
karthickgm27@test.com,

 

  1. sort line with Edit -> Line Operations -> Sort Lines Lexicographically ascending
  2. do a Find / Replace:
    • Find What: ^(.*\r?\n)\1+
    • Replace with: (Nothing, leave empty)
    • Check Regular Expression in the lower left
    • Click Replace All

How it works: The sorting puts the duplicates behind each other. The find matches a line ^(.*\r?\n) and captures the line in \1 then it continues and tries to find \1 one or more times (+) behind the first match. Such a block of duplicates (if it exists) is replaced with nothing.

The \r?\n should deal nicely with Windows and Unix lineendings.

 

https://stackoverflow.com/questions/35329122/find-duplicates-and-delete-all-in-notepad