Tuesday, July 18, 2017

Checkpoint R80.10 management upgrade

When you decide to upgrade your R77.30 Checkpoint management to R80.10 please keep in mind a number of points ( also reported in sk114739).

The first step of the upgrade process will run the Pre-Upgrade verification tool ( that you could also run by downloading the utilities from CP website).

  • One typical error, if you are not from the US, is to have non-Unicode chars in multiple files. In R80 you had to fix all these issues. Now with R80.10 all you need to do is create a file $FWDIRconf/db_encoding.txt with your encoding ( i.e. WINDOWS-1252) and no error message should appear

If you want to know where non-UNICODE chars are you can run this command

grep --color='auto' -P -n "[\x80-\xFF]" file


  • Next you could have modified files under $FWDIR/lib such as implied_rules.def or crypt.def. These files will be replaced when upgrading.
Thus you need to make a backup of these files and reapply changes after upgrade is completed.

Posted by at No comments:

Tuesday, July 11, 2017

How to install Dropbox on a Linux box - headless

here is a brief description of steps to take to install Dropbox client on a Linux box

I followed this article to come up with the commands.

Download and extract software

  • curl -Lo dropbox-linux-x86_64.tar.gz https://www.dropbox.com/download?plat=lnx.x86_64
    • if 32 bit system
    • curl -Lo dropbox-linux-x86.tar.gz https://www.dropbox.com/download?plat=lnx.x86
  • mkdir -p /opt/dropbox
  • tar xzfv dropbox-linux-x86_64.tar.gz --strip 1 -C /opt/dropbox

Start Dropbox client

With the user under whose home directory you want to store Dropbox data, start the Dropbox daemon
  • sudo su - dropboxuser
  • /opt/dropbox/dropboxd

Now you need to link system to Dropbox


Host ID Link:
This computer isn't linked to any Dropbox account...
Please visit https://www.dropbox.com/cli_link_nonce?nonce=ac8d12e1f59913758348392949c265eb to link this device

Browse to above link and enter credentials for the Dropbox user you want to use


Link success output:
This computer is now linked to Dropbox. Welcome John

Start Dropbox as a service . Download init script

  • cd ~
  • curl -o /etc/init.d/dropbox https://gist.githubusercontent.com/thisismitch/d0133d91452585ae2adc/raw/699e7909bdae922201b8069fde3011bbf2062048/dropbox
  • chmod +x /etc/init.d/dropbox
Select Linux user that will be used to sync Dropbox data

  • vi /etc/defaults/dropbox
DROPBOX_USERS="john"

Start dropbox

  • service dropbox start
  • update-rc.d dropbox defaults


Posted by at No comments:
Labels:

Forescout CounterACT - license clear

here is the list of commands to run to clear license info on CounterACT 7.0


  1. fstool service stop 
  2. fstool clear_license
  3. fstool service start
after this commands it is possible to install license file from scratch
Posted by at No comments:
Labels:

Monday, July 10, 2017

Tenable Nessus backup and restore

If you are using the Tenable Nessus product to run vulnerability assessments, you probably make a lot of tuning and configuring on policies
If you want to make sure that you do not lose all your work you have to backup a number of files.
A while ago I opened a case with Tenable support and was given a procedure to run
Here is what you need to do for backup :


  1. Backup /opt/nessus on existing system
That's easy

Now to restore, you cannot simply restore all files because Nessus will complain about license violation and will get nowhere

So here is what I did:

  1. go to Tenable portal and reset the Activation code
  2. install Nessus software from package
  3. Restore the following files from your backup (copy, do not move)

    in /opt/nessus/var/nessus, restore the following:

    /users folder
    policies.db
    Master.key
    Global.db                   --- could not find it on 6.8.* version
    global.db-wal
    global.db-shm

    in /opt/nessus/etc/nessus restore the following (these may be the only files in this directory):

    nessus-fetch.db
    nessusd.db
    nessusd.conf.imported
    nessusd.rules
  4. Run the following commands:

    # /opt/nessus/sbin/nessuscli fetch --register YOURACTIVATIONCODE
    # /opt/nessus/sbin/nessusd –R
    #service nessusd start
I had to reboot the system after running /opt/nessus/sbin/nessusd –R as it seemed to never end




Posted by at No comments:
Labels:

Issue with ePo database indexes before upgrade to ePO 5.9

When you upgrade ePO server to version 5.9, you may have the following warning:

"ePo database indexes are fragmented. Rebuild the index before upgrading"

To resolve this problem open SQL management studio and run this query on your ePO database to extract all index with a percentage of fragmentation greater than 30% :

SELECT OBJECT_NAME(ind.OBJECT_ID) AS TableName,
ind.name AS IndexName, indexstats.index_type_desc AS IndexType,
indexstats.avg_fragmentation_in_percent
FROM sys.dm_db_index_physical_stats(DB_ID(), NULL, NULL, NULL, NULL) indexstats
INNER JOIN sys.indexes ind
ON ind.object_id = indexstats.object_id
AND ind.index_id = indexstats.index_id
WHERE indexstats.avg_fragmentation_in_percent > 30
ORDER BY indexstats.avg_fragmentation_in_percent DES

In order to reduce fragmentation we will have to rebuild the indexes, so run this query to rebuild index

Declare @TBname nvarchar(255),
        @SQL nvarchar(max)

 select @TBname = min(TABLE_NAME) from INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE='BASE TABLE'

 while @TBname is not null

 BEGIN
    set @SQL='ALTER INDEX ALL ON [' + @TBname + '] REBUILD;'
    --print @SQL
    EXEC SP_EXECUTESQL @SQL
    select @TBname = min(TABLE_NAME) from INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE='BASE TABLE' and TABLE_NAME > @TBname        
END

 Now you can restart the upgrade wizard without index problem.
Posted by at No comments:
Labels: , , ,

Wednesday, July 5, 2017

Useful commands for mysql server

here are some useful commands to manage mysql server I always have to google for.

reset root password

sudo /etc/init.d/mysql stop
/usr/sbin/mysqld --skip-grant-tables --skip-networking &
mysql -u root
   FLUSH PRIVILEGES;
   SET PASSWORD FOR root@'localhost' = PASSWORD('password');
   FLUSH PRIVILEGES;
   exit;

kill %1 (to kill mysql server)

service mysql start

add user and grant full access to selectedDB

CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'complexpassword';
GRANT ALL PRIVILEGES ON selectedDB . * TO 'newuser'@'localhost';

restore data from dump

from mysql client - delete database
drop database selectedDB; 

restore database from command line

mysql -u root -p selectedDB  < dump.sql

delete record from table

mysql> use MYDB;
Database changed

mysql> DELETE FROM tutorial_tbl WHERE tutorial_id=3;
Query OK, 1 row affected (0.23 sec)

mysql>

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)