To force the kernel to reboot the system we will be making use of the magic SysRq key.
The magic_SysRq_key provides a means to send low level instructions directly to the kernel via the /proc virtual file system.
To enable the use of the magic SysRq option type the following at the command prompt:
echo 1 > /proc/sys/kernel/sysrq
Then to reboot the machine simply enter the following:
echo b > /proc/sysrq-trigger
Voilà! Your system will instantly reboot.
To add a temporary route:
ip route add 172.16.5.0/24 via 10.0.0.101 dev eth0
To make it persist system or network settings restart, create a route-ifname file for an interface through which the subnet is accessed, in this case eth0:
Add the line with the network settings for the other subnet:
172.16.5.0/24 via 10.0.0.101 dev eth0
If your computer is on a network and is not directly connected to the internet, it will be configured with what is called a default gateway, which is usually a router. If the computer cannot find the specific IP address on its local network (aka broadcast domain), as defined by its subnet, it will forward any packets headed to that IP address to the default gateway. The gateway will then attempt to forward packets elsewhere, such as the internet, or another broadcast domain Continue reading “Add a Static Route on CentOS” »
CentOS 7 only allows Fully Qualified Domain Names (FQDN’s). Acceptable values include lower-case letters a to z, numbers 0 to 9, the period, and the hyphen, and between 2 and 63 characters.
At the console, type:
hostnamectl set-hostname my.new-hostname.server
NOTE: Replace my.new-hostname.server with your chosen hostname.
Check the Hostname
Do a quick search under the usual jetty folders:
find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30
If you find files like:
you’re actually hacked.
Unlike the previous “zmcat” and “dblaunchs” that actually exploit the vuln and load some sh*t this looks like a bad childish attack. It seems that they delete some files under jetty dir, don’t know why.
The attack vector is the same, but, there are no strange processes, there is no persistence. Continue reading “SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp” »
My case and solution:
Debian 7.11 wheezy
python-pip NOT installed
#ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/
#chmod +x ./certbot-auto
#certbot-auto renew --no-self-upgrade
it download some files and works fine.
For large mailbox when you have some mailbox having more than 100k mails in inbox, for those account you are getting error “Can’t get message list”. Here I got my fix, however can’t guarantee it works for you as well. My Rainloop version is 1.11.3.
Following settings might help to fix this issue-
In your case:
Turns off deleted message filter:
imap_message_list_hide_deleted_messages = Off
Set the number of messages in the folder that activates additional optimizations (such as disabled threads and message list sort):
imap_message_list_count_limit_trigger = 10000
Show messages over the last 12 months only.
imap_message_list_date_filter = 12
1. Get the bundle from Comodo in crt format, or sometimes like a zip file.
2. Place the bundle on your Zimbra mailbox server. You should receive, or download, the next files:
since comodo is acquired by Sectigo, the updated zip might appear as below: Continue reading “Installing a Comodo SSL on Zimbra using CLI” »
Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.
After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.
Get the Dependencies:
Update your repository indexes and install strongswan:
$ apt update && sudo apt upgrade -y
$ apt install strongswan -y
Set the following kernel parameters:
$ cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
$ sysctl -p /etc/sysctl.conf
Generate Preshared Key:
We will need a preshared key that both servers will use: Continue reading “Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication” »
In the admin interface go to
Global Settings -> General Information -> Default domain and enter the name of your domain.
Users in that domain can now login without the @domain part.
You can make a general IP ban list. You need to go to Port forwarding / Destination NAT
- Create a new rule
- Click on the advanced mode
- Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main – IP:All known.
- Incoming service port, Service: Any, Port: Any.
- In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT
- Access From Section.
- Source Type: Network/IP/Range
- Filter Policy: Drop
- In the Network UP’s box, enter a single IPor IP CIDR. eg 184.108.40.206 or 220.127.116.11/14
- Check the enabled box. In the comment section type Blocked Incoming IP’s
- Make the position first.
It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net