VPC flow is a AWS feature that allows you to capture the inbound and outbound traffics of all network interfaces in your VPC. To get the information, you have to go to the Cloudwatch to read the raw logs line by line which is not really efficient. If you happen to use Sumologic, you can … Continue reading Send VPC flow logs to Sumologic
Category: Security
SSSD can not find some users in AD
We use SSSD to integrate RHEL7 into our Active Directory infrastructure for authentication. All users in the sys admins group can login with their AD credentials except one. It took me a few weeks to troubleshoot. On hand, I checked the sssd log and I can see the Linux server can find the user in … Continue reading SSSD can not find some users in AD
Incomplete certificate chain
There are 3 methods to test the incomplete certificate chain: 1) https://www.ssllabs.com/ssltest/analyze.html?d=example.com The error is: Chain issues Incomplete 2) curl -v -o /dev/null https://example.com The error is: * NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER) * Peer's Certificate issuer is not recognized. 3) openssl s_client -showcerts -verify 10 -connect example.com:443 The error is: Verify return code: 21 (unable … Continue reading Incomplete certificate chain
Hidden Master DNS
Simply speaking 'Hidden Master DNS' is done by removing the SOA DNS server from the NS records. The common practise is that the company controls their own DNS master or SOA, and uses ISP or other vendors' DNS as secondary or slave. The benifit is to hide the master DNS from public, as generally speaking … Continue reading Hidden Master DNS
WinSCP or Putty authenticates against Microsoft ISA/ TMG
Many companies use Microsoft ISA/ TMG as their enterprise proxy solution. This may work for most cases. But in some scenarios, it does not work well. For example, use WinSCP or Putty behind the proxy AND the proxy requires authentication. ISA/ TMG is mircrosoft technology, it uses NTLM based authentication which is not supported by … Continue reading WinSCP or Putty authenticates against Microsoft ISA/ TMG
Jackie Chen's IT Workshop 