There was an error uploading the file Symantec DLP

If you are getting "There was an error uploading the file" while trying to upgrade your DLP to newer version from Systems-->Overview-->Upgrade menu by using .jar file try the steps below. It's worked for me.

1) Create a folder named enforceupgrade under c:\Vontu\Protect\Updates
2) Extract the jar file by using winrar or winzip into this folder.
3) Run the start_upgrade_wizard.bat
4) Wait approximately 60 seconds for Tomcat to initialize properly
5) Open web browser and go to the URL https://yourenforceipadderss:8300
6) Log in by using administrator credentials and start the upgrade process.
Read more...

Enable Syslogging on Vmware ESX 3.5

To log events from an ESX host to a remote syslog server:

1. Log in to the ESX host as root using an SSH client.
2. Open the /etc/syslog.conf file using a text editor.
3. Add this entry at the end of the file:
   *.* @
   For example:
   *.* @192.168.10.1
   

           to open file "vi  /etc/syslog.conf"
           add line
           press esc
           type :wq and press enter
           type service syslog restart  press enter
Read more...

Enable Syslogging on ESXi 4.x

Connect to your ESXi host by using Vsphere Client.

1) Open Configuration Tab and choose Advanced Settings under the Software part from left.
2)Find syslog from the tree view. Enter your syslog server IP number and port number to the right pane.
3) Connect your ESXi host by using SSH and login as root
4) type "ps | grep syslog"  press enter without quotas. Note the PID number
5) type "kill -HUP PIDNumber"  press enter.
6) Your host will begin to send syslog messages to your syslog server




Read more...

Enable SSH on ESXi 4x

) At the console of the ESXi host, press ALT-F1 to access the console window.
2) Enter unsupported in the console and then press Enter. You will not see the text you type in.
3) If you typed in unsupported correctly, you will see the Tech Support Mode warning and a password prompt. Enter the password for the root login.
4) You should then see the prompt of ~ #. Edit the file inetd.conf (enter the command vi /etc/inetd.conf).
5) Find the lines that begins with #ssh and remove the #. Then save the file. If you're new to using vi, then move the cursor down to #ssh line and then press the Insert key. Move the cursor over one space and then hit backspace to delete the #. Then press ESC and type in :wq to save the file and exit vi. If you make a mistake, you can press the ESC key and then type it :q! to quit vi without saving the file.

Note: there are two lines for SSH with ESXi 4.x now - one for regular IP and the other for IPv6. You should the line appropriate to the protocol you'll use to access your host.


6) Once you've closed the vi editor, you can either restart the host or restart the inetd process. To restart inetd run ps | grep inetd to determine the process ID for the inetd process. The output of the command will be something like 4399 4399 busybox inetd, and the process ID is 4399. Then run kill -HUP (kill -HUP 4399) and you'll then be able to access the host via SSH.
Read more...

SYMANTEC VONTU "TableSpace is almost full"

To enter SQLPlus, open a command prompt on the machine with Oracle installed.

 1. Enter "sqlplus /nolog" followed by enter.
 2. To login, type the command: connect sys/password@protect as sysdba

 [where password is the current protect password to the database]

 3. Check how many LOB0*.DBF files you files you have in the \ORACLE\ORADATA\PROTECT\ directory where '*' denotes the number of that file.

 So you will need to add another file with the name/number incremented by 1 so if you have 3 already you will need to add a the next one called LOB04.DBF like so:

  ALTER TABLESPACE "LOB_TABLESPACE"
  ADD
  DATAFILE 'D:\ORACLE\ORADATA\PROTECT\LOB04.DBF' SIZE 138240K
  REUSE AUTOEXTEND
  ON NEXT 10240K MAXSIZE 32767M;

 You should get a result of "Tablespace altered" if successful.
 Type Exit; to logout.
Read more...

Photo or Image Forensic "type of camera used to take the image"

You can free software named Xnview to view which device was used to take photo, which software(photoshop etc.) or which scanner used to convert it to digital format ?

XnView provides a listing of directories in the left pane, and shows what images are in a particular directory in the upper-right pane.When you select an image, it appears in the lower Preview pane. In addition to this, clicking on the Properties tab will display information on a particular image, including its file format, timestamps, size,compression used, and other attributes. By clicking on the EXIF tab, you can display extra information, which could include the type of camera used to take the image, the exposure, the date the picture was taken, and other facts.
Read more...

Catalyst 3750 Series Switches in the stack do not boot with the new image after a software upgrade.

I faced with this issue after upgrading IOSs on my 3750 series switches stack. Stack consists of 4 catalyst 3750 series. After I have copied anf setting new IOS file as a boot file on has failed to boot and I got "Switch is not usable" error.

My solution.

• I have removed stack cables from the switch that has failed to boot
• I have set the new IOS with boot sytem .... command.
• I ensured that the switch booted up with new IOS
• I have powered off the switch.
• I have connected stack cables and power on the switch.

Read more...

List domain user's folder access permissions

Download to tool from link.  Install it to your computer,

Go to the folder that you install subinacl from command prompt and execute the command.


subinacl /testmode /noverbose /outputlog=c:\permission.TXT /subdirectories=directoriesonly h:\*.* /findsid=domain\username
Read more...

MS SQL Server DB Security Auditing

You can use the command below for ISO 27001 requirements checking.

MS SQL Server Version

SELECT @@version

List of Databases on MS SQL Server

select * from sys.databases

List of All Users on MS SQL Server

SELECT * FROM sysusers where islogin = 1

List of Users that have DBA authorization

sp_helprolemember db_owner

List of Users that have authorization beyond Select command

SELECT a.*, b.* ,*

FROM sys.database_principals a

INNER JOIN sys.database_permissions b ON b.grantee_principal_id = a.principal_id

WHERE b.permission_name not like '%SELECT%'

 

List of users that their passwords are empty

 

select name

from sys.sql_logins

where pwdcompare('', password_hash) = 1

 

 

Check if password and expiration policy is applying to users

 

select name ,is_expiration_checked,is_policy_checked ,*

from sys.sql_logins where is_expiration_checked = 0 or is_policy_checked= 0

 

List of SYNONYMs

 

If you create public synonyms all users can read tables, so synonyms usement is not suitable for data secuirity.

 

select * from sysobjects where xtype = 'SN'

 

 

 

 

 

Read more...

Enable SSH and disable Telnet on Cisco Catalyst series switches

Enable SSH and disable Telnet on Cisco Catalyst series switches


Conf t
aaa new model
username cisco password yourpassword
ip domain name yourdomain.com
crypto key generate rsa
(you can choose size of key modules from 360 to 2048)
end
line vty 0 4
transport input ssh
end

to prevent telnet access to switch


access-list 110 permit tcp any host 192.6.1.7(your switch ip)  eq 22
access-list 110 deny tcp any host 192.6.1.7
access-list 110 permit tcp any any
interface range  gigabitethernet1/0/1-24
ip access-group 110 in
end
copy run start




Read more...

Cisco Catalyst 3750 IOS Upgrade

Cisco Catalyst 3750 IOS Upgrade Steps (by using TFTP)

1. Download suitable ios image file from CISCO web site.(do not forget to Check the DRAM and flash memory requirements)
2. Copy releated file to flash memory by using copy tftp:filename flash:  command

Example

copy tftp:c3750-ipbasek9-mz.122-55.SE6.bin flash

3) if you havent got enough free space in flash memory you should delete the old boot file by using;

delete /f /r flash:filename command before copying new one.

Example

delete /f /r flash:c3750-ipbase-mz.122-50.SE5.bin

4) Verify the MD5 checksum of a file by using verify /md5 flash:filename command

Example

verifiy /md5 flash: c3750-ipbasek9-mz.122-55.SE6.bin

5) set the new file as boot file;

conf t
boot system switch all flash:c3750-ipbasek9-mz.122-55.SE6.bin
write memory
reload







Read more...

Error reading flash (is a directory)

This error means that the file you want to copy from flash to tftp is under a directory.

Follow the steps below

• execute sh flash command

CiscoSw#sh flash
Directory of flash:/c3750-ipbase-mz.122-50.SE5/
    5  drwx        4608   Mar 1 1993 03:09:56 +03:00  html
  424  -rwx     9574343   Mar 1 1993 03:13:20 +03:00  c3750-ipbase-mz.122-50.SE5
  425  -rwx         643   Mar 1 1993 03:13:20 +03:00  info
15998976 bytes total (3625472 bytes free)

• execute command cd flash:c3750-ipbase.mz.122-50
• execute dir

CiscoSw#dir
Directory of flash:/c3750-ipbase-mz.122-50.SE5/
    5  drwx        4608   Mar 1 1993 03:09:56 +03:00  html
  424  -rwx     9574343   Mar 1 1993 03:13:20 +03:00  c3750-ipbase-mz.122-50.SE5.bin
  425  -rwx         643   Mar 1 1993 03:13:20 +03:00  info

• then you can copy ios file to tftp by usinf copy flash tftp command as stated below;

CiscoSw#copy flash:c3750-ipbase-mz.122-50.SE5.bin tftp:
Address or name of remote host []? 192.6.1.57
Destination filename [c3750-ipbase-mz.122-50.SE5.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
9574343 bytes copied in 36.054 secs (265556 bytes/sec)

Read more...

Creating Cisco command aliases

You can use command aliases as a shortcut in Cisco Network Devices.

Example

alias exec save copy run start
alias configuration save copy run start
alias interface save copy run start
alias line save copy run start

After executing command above. You can use save command instead of copy run start command on exec, configuration, interface and line levels.
Read more...