Beep boop
I use Mullvad VPN on a Kali VM and wanted to start taking advantage of their apt repo so my Mullvad client would update when I run OS updates via apt. Using the instructions they provide on their page: https://mullvad.net/en/download/vpn/linux make the following tweak to the second command under the ‘Ubuntu/Debian’ section: If you run … Read more
This requires a fairly specific configuration to occur but I didn’t see this documented anywhere so I figured I’d write about it. If you run your own Enterprise Certificate Authority using the Active Directory Certificate Authority and have used the default ‘Domain Controller’ template you may run into this problem. By default, it does not … Read more
I’ve been running Crowdsec on my OpenSense VM for a while now and today after a OpenSense upgrade that included an update to the crowdsec agent, it randomly decided to block my internal webserver from accessing the internet. No idea why. Turns out Crowdsec has a allow list module you can install that prevents this … Read more
Update 2021-12-18 – This looks like a much more competent script for detecting this vulnerability and there is a python version for Linux: https://github.com/CERTCC/CVE-2021-44228_scanner Updated 2021-12-17 – Script is v1.4 and looks for .war files now too Original post below Inspired by the one-liner here: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b#find-vulnerable-software-windows I wrote a script to expand on the command, … Read more
Update – 2021-12-15 – I can confirm that the December Windows Updates have fixed this issue for us. After installing OS updates on all of our servers in November 2021 we ended up with three servers, all running 2019 Core and all Domain Controllers, where the Windows Defender Advanced Threat Protection Service would not … Read more