A repository of information technology questions and answers

Latest posts

client_loop: send disconnect: Broken pipe

Whilst its an annoyance, this message is harmless. Here we show three examples of how you can overcome this issue.

2 Security tweaks to enhance Webmin

Out of the box webmin works great, with these two tweaks we can enhance the security of this web-based sysadmin tool.

How to reset a lost Webmin password

If you've lost your admin password to access webmin, then use the 'changepass.pl' utility to simply reset your webmin password.

Limiting users who can login via RDP

If you only want some members of the Administrators group to have RDP access, you can adjust this in Local Security Settings

How to enable USB write protection in Windows 10

Introducing an unknown USB device into a network can cause a host of security headaches. Take away the threat in Windows 10 in just a few short steps.

NetBackup Access Control (NBAC) a brief overview

The NetBackup Access Control (NBAC) is the role-based access control that is used for master servers, media servers, and clients.

Troubleshooting NSR tunnel

The NSR tunnel resource enables NetWorker clients and storage nodes to communicate with a NetWorker server over a firewall

How to reset MySQL root password

Have you forgotten MariaDB root password? You don't know how to recover it. Not to worry, use these steps to reset MariaDB root password.

How to reset MariaDB root password

Have you forgotten MariaDB root password? You don't know how to recover it. Not to worry, use these steps to reset MariaDB root password.

Private and public key pairs for SSH

SSH has a key management capacity and related agents.When configured with public key authentication, your key proves your identity to remote SSH hosts

SSH configuration and security best practices

Here is a list of processes and configurations that you can use to tighten and enhance SSH security with regard to remote host access

Turn On/Off Apache Directory Listing

To enable the directory browsing in Apache server, we need to add the directory option in apache configuration file.

Deleting Windows temp files

Any file under the Windows Temp folder is safe to delete. But that isn't the only place that temporary files are stored on Windows computers.

Network ports used by Veritas Storage Foundation

If you have configured a firewall, ensure that the firewall settings allow access to the services and ports used by SF and SF-HA

Giving 'scp' go faster stripes

Transferring files with scp isn't the quickest option, but if it's the only one there's a simple way to make it go a little quicker.

Securing access to a Solaris system

This document details some of the focus areas for security and provides suggestions to make it strong.

sadmind daemon vulnerability

In its default configuration sadmind uses a set of clear text Remote Procedure Calls (RPC) to authenticate between two machines.

Resetting Oracle VM 3.x Agent Password

To facilitate the initial discovery of the Hypervisor part of the setup requires that we set the password for the root user and for the ovs-agent.

Solaris Secure by Default

This project changes the default configuration of the Solaris OS such that ssh is the only network-listening service.

Solaris IP Filtering

IPF provides stateful packet filtering capabilities by IP address, network, port, protocol, network interface and traffic direction.

Solaris Auditing

Solaris auditing helps to detect potential security breaches by revealing suspicious or abnormal patterns of system usage.

Cryptographic Services Management on Solaris

The Solaris Cryptographic Framework provides cryptographic services to users and applications through user-level and kernel-level commands.

Automated Security Enhancement Tool (ASET)

ASET allows you to monitor and restrict access to system files. It can be configured for three security levels: low, medium, and high.

Sun EEPROM Security

On Sun workstations and servers you can interact with the boot EEPROM (NVRAM) at any time by holding down the STOP (L1) key and pressing the "a" key

Sun StorEdge SE99x0 default passwords

This post simple provides a list of the default passwords for the Sun Storage SE 99x0 arrays and Hitatchi Data Systems (HDS) Storage systems.

NIS+ Credential Setup

To gain authorisation to change NIS+ databases you need to create your security credentials for the NIS+ principals

A simple Disk Wipe procedure on Solaris

Overwriting a disk with the format command is usually enough for most purposes, because it greatly reduces the chance that any data can be recovered.

Setting up an SSHD failover daemon in Ubuntu

A simple article on how to create a failover SSH server on a Ubuntu system, allowing you to connect on an alternative port of the original SSHD fails

Configuring OpenSSH on Solaris 8

Solaris 8 doesn't come with the SSH and SFTP like features, to enable these we have to install and configure third party packages

Disable the power/suspend key on Sun keyboard

In this post I show options to disable the power/suspend key and an alternative to reassign the key to perform screenlock instead.

Enforcing password complexity on Solaris

Solaris 10 is the first version of Solaris to provide a complex set of variables for controlling password strength.

How to allow root login on Solaris 11

After your installation of Solaris 11 has completed, you will not be able to login directly to the console as the root user

Solaris UADMIN commands

The uadmin command is tightly coupled to the system administration procedures and is not intended for general use

Using SSH login without password

An article outlining steps needed to be able to use the SSH to access a remote system without supplying a password each time that you connect.

Using AIDE to ensure Linux server integrity

AIDE provides an additional layer to your server security not by keeping intruders out but by notifying you as the sysadmin of a possible intrusion.

Clearing Password History in Solaris 10

To ensure the security of passwords on Solaris systems, you need to edit the /etc/default/passwd file to enforce password length and complexity.

Troubleshooting NetWorker authorisation errors

This article provides a list of possible causes and resolutions for error messages that are related to NetWorker server authorization issues.

NetWorker 9.0 Avamar integration changes

Beginning with NetWorker version 9.0, support for EMC Avamar integration is deprecated for new clients.

Configure KMS encryption on a UNIX NetBackup server

This article provides the necessary actions needed to install and configure Key Management Service (KMS) encryption on a UNIX NetBackup master server.

Configure KMS encryption on a windows NetBackup server

This article provides the necessary actions needed to install and configure Key Management Service encryption on a windows NetBackup master server.

Disable syslog "remote logging" under Solaris

syslog remote logging under Solaris by default is enabled and will listen on UDP port 514 for syslog messages from remote servers.

Recovering from a lost root password under Linux

This article provides a quick procedure on how to recover a lost root password frm virtually any version of Linux which uses the GRUB boot loader.

Configuring a basic firewall under Ubuntu 14.04

This article provides a quick reference to UFW commands that will create iptables firewall rules are useful in common, everyday scenarios.

NetWorker lockbox password management

NetWorker 7.5 provides a lockbox service that allows NetWorker application modules to securely store and retrieve passwords over the network.

Changing Avamar Passwords

Changing only the passwords for the operating system users does not sufficiently prevent someone from logging in to Avamar server nodes.

Building a Solaris 11 IPS Server

Maintaining a copy of the Solaris distribution is a good way to ensure all your systems have access to updates and software packages.

SSH Cheat Sheet

This post provides me with a reminder of the syntax for the most useful SSH features I use whist auditing systems.

Downloading the CloudBoost encryption keys

Always download your Cloudboost Encryption keys at your earliest possible time as there is no way to retrieve them after a system failure.

Securing SSH on Solaris 10

It is strongly recommended that sites abandon older clear-text login protocols and use SSH to prevent sniffing of sensitive data off the network

Solaris Security Toolkit (JASS)

The Solaris Security Toolkit simplifies and automates the process of securing Solaris OS systems and is based on proven security best practices/

Restricting Access to SSH Connections

A set of direcetives that are under used are the AllowUsers, AllowGroups, DenyUsers and DenyGroups to restrict user and groups remote access with SSH.

How to configure Single-Sign-On using OpenSSH on HP/UX

How to configure SSH to allow access using GSSAPI and achieve single-sign-on using vendor supplied OpenSSH or OpenSSH downloaded from the internet.

Restoring original Solaris file permissions

In the event of drastic file permission or ownership changes, it is possible to restore the original permissions of the file(s)

Changing the Oracle VM Manager User Password

The Oracle VM Manager user lets you log in to the Oracle VM Manager Web UI. This article provides the steps required to change the admin password.

Gaining root access to VBA via ssh

This post provides the steps necessary to log into a VBA through SSH and load the dpnid key to ensure all the commands are run correctly.

CloudBoost Firewall Port requirements

The following table provides a list of firewall port requirements for CloudBoost for NetWorker.

Special file permissons (setuid, setgid and sticky bit)

setuid and setgid are unix access rights flags that allow users to run an executable with permissions of the executables owner and group respectively

Resetting default username and password for NMC

The following procedures given details on resetting the NMC Administrator password to the default value on Solaris, Linux and Windows systems.

Disabling SELinux in Oracle Linux 6

In this post, we walk through steps you can follow to check the status of SELinux and also disable it in OEL 6, if it is enabled.

NetWorker in a Firewalled environment

Default service ports for NetWorker are TCP 7937-9936. hey are randomly chosen by the configured port range by EMC portmapper.

Disabling services in Solaris 10

To disable a service under Solaris 10 we use the svcadm command.

Locking down your Solaris system

With later releases of Solaris, if you want to, you can manually lock down your system using the netstat, svcs and svcadm commands.

Avamar System default passwords

This article provides a list of default passwords for an Avamar grid. If you have not already, consider changing the defaults for security reasons.

Changing the Hostname in Solaris (updated)

The traditional method of changing the hostname of a given solaris system was to use sys-unconfig utility.

Solaris Basic Audit Reporting Tool (BART)

BART is a great little alternative to Tripwire or AIDE. While not so robust or full featured, it does what you need it to do with very little impact.

Making pfexec work like sudo under Solaris

I thought I'd try out the new role based action control (RBAC) on the Solaris systems as an alternative to sudo.

Restricting SFTP users with chrooted access

In a nutshell users will be tied-down to a specific directory which they will not be able to move from, thus prevention from seeing you entire system