Latest Server related questions

We have configured a GPO to configure our PDC server like is described here (and many other blogs) https://docs.microsoft.com/en-us/archive/blogs/nepapfe/its-simple-time-configuration-in-active-directory

It means that our GPO uses the filter that applies only to main PDC to set NTP settings as primary time source in our AD Domain. Select * from Win32_ComputerSystem where DomainRole = 5

When FSMO roles are ...

I have added github actions to build a docker image for every latest commit and push it to our container registry in azure.

We have created yaml files to deploy the docker image to kubernetes on azure. And deployed flux in to for auto-sync if any changes in the yaml files.

How to set flux to get the latest image from container registry when a new build comes?

Does anyone know if there are any Debian (11 Bullseye) repositories providing the latest and greatest Java builds based on OpenJ9 or did someone perhaps write some scripts for automatically updating it from IBM's website?

AdoptOpenJDK as of Java 17 is dead, it is now rebranded as Adoptium (with a Hotspot-based Java build called Temurin to confuse everyone).

According to their FAQ they

1. will no longer dis ...

I have the following airgap infrastructure:

• Jump host VM with Internet access containing a private registry replicating images as they become available
• Arbitrary number of VM's, one of which is the control plane and has only access to the jump host VM, and the rest contain k8s workers

I am searching for a CD tool which would be able to do the following:

• Reside on the control plain k8s cluster
• Be ...

I recently updated (unfortunately) both VMWare Workstation Pro and TrueNAS. After the update I got onto a problem that when run a VM from a locale computer that its files are located on an SMB share on my TrueNAS (the SMB share is mounted as disk in Windows), probably VMWare changes the permissions of the files (the .vmx file and some more), applying ACL permissions and removing everything else. This ma ...

Let's say I am on client A, wanting to connect to server C via jumphost B. I use ssh with ProxyCommand to establish the connection to C with B as jumphost. Let's also say that I had configured environment variable TMOUT=300 at the jumphost .bash_profile to ensure autologout after 5 minutes of shell inactivity.

If I do shell activities on server C, does it also count as activity in jumphost B? Cou ...

I set up 2 new users with their respective key pairs,.. their public keys ve been established on the remote host. The problem am having is I passsed the ssh keys on the host file as follows

[remotehost:var] ansible_ssh_private_key_file=~/.ssh/user1.private_key ansible_ssh_private_key_file=~/.ssh/user2.private_key

The problem is only one user could establish ansible connection. Even tho both users ca ...

I hope this question fits here, since this forum is indicated on GoogleCloud as a suggested source of information.

I just used all my 300$ in my free trial and, if I see the billing account of the expenses, they sum exactly to that amount.

Nevertheless, the last expense was an online usage of a service, which is paid "per request". It is quite strange that the cost of the last service summed up exac ...

In my server I wanted to redirect all request: come from 81 to 8080 port

Because Jenkins service is not allowed listened at 80 port, I follow Jenkins doc Jenkins - Reverse proxy using firewalld.

But not working, below is my step and some system details:

0. CentOS version = 7.9.2009

[root@xxx ~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)

1. I have enabled the port and added port fo ...

Language: PHP DB: MYSQL Webserver: APACHE2 (= LAMP)

I am assessing different Vulnerability Scanners by running them against Vulnerable Web Applications (XVWA for instance). The Problem is, that after multiple requests made from the scanner, a Request with a specific PHPSESSID does not get any more responses from the webserver. But the Webserver is not down, it is just not responding to the PHPSES ...

I have set up a simple linux mailserver using iredmail. But now I am totally worried that some hackers may find a way to hijack it for sending spam. What are the recommended steps to fortify the mailserver? (I haven't enabled any relaying yet, but I have icinga running on a separate server, and I am planning to use the iredmail server as a relay for icinga. Should I implement authentication?)

I want to use the community.mysql.mysql_user module. It requires PyMySQL or MySQLdb. I installed PyYySQL with pip3 install pymysql on localhost, but an error message about the missing PyMySQL still appeared. I thought perhaps I should install to a system directory with sudo, but the error still appeared.

The following did not help either, after uninstalling with pip3 again:

• sudo apt install --yes pyth ...

I have a zend application running in lenp stack. Nginx 1.18, php 7.4.26,Ubuntu 20.04. For this app I'm using ec-2 AWS and a database in RDS.

So, the problem is.

I have some big queries who as passed in URL, like https://example.com/basico/gestao-produtos/listagem/filtro-filtro-produto/cerv/filtro-produtos-ativo/S/filtro-filtro-barra_meses/S/filtro-avancado/SIM/filtro-filtro-id_lojas/1-2-3-4-5-6-7- ...

I have a rather large Mercurial web server (ie. running under hgweb.wsgi) that's outgrown the distribution it was built-on... which basically means that I've already started doing upgrades of Python, Apache, OpenSSL, mod-wsgi, and Mercurial (among other things), rather than being more-responsible and upgrading the underlying O/S (don't hate on me).

The question here, is... what is the best way to determ ...

In order to practice my Linux hardening skills, I am trying to launch a web server following certain security principles. My main goal would be to run the server using a dedicated user with very limited privileges. I thought this might be a good use case for creating a server user with the /usr/sbin/nologin shell.

But how would I then be supposed to launch the server? When trying to launch a simple c ...

I have OpenVPN server running on an Ubuntu machine hosted on AWS that routes to our internal network also hosted on AWS. I have no problem with TunnelBlink, but for OpenVPN on Windows, fail to fetch any resource.

I checked the DNS, no problems there. nslookup no problem.

When I try to do a traceroute, both start first hop from server gateway and timeout from there.

I have check the server logs and both ...