NAS Troubleshooting | Root Running Out of Space
Woke up to this in my inbox today.
Connected over Putty and saw this.
Ran the below command to find the culprit. (see URL for more commands)
Cleared out the /var/tmp folder. Problem solved!
Attended Live Demo of AlienVault’s Unified Security Management “USM Anywhere”
The below is a paste from the invite.
“A brute force attack is one of the more common types of attack that malicious actors use to try and gain access to your IT servers, applications and data. In theory, a brute-force attack can be used to attempt to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manner). These attacks are relatively simple for attackers to implement and they can wreak havoc on your organization when successful. However, many IT security teams may not be aware that they are at risk from these attacks, or what to do about them.
Join us for a live demo where we’ll demonstrate how the AlienVault Unified Security Management (USM) approach, delivered as a SaaS solution with our USM Anywhere offering, can help you detect and investigate these types of attacks.
– How attackers can use brute force attacks to gain access to your network
– Steps you can take BEFORE an attack to identify systems or applications that may be at greater risk
– How USM Anywhere can alert you immediately of brute force attacks targeting your cloud, hybrid cloud and on-premises environments
– How to use USM Anywhere to investigate brute force attacks and identify compromised assets
About the Presenter:
Sacha Dawes is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space.”
iMac 2010 Logic Board Replacement (was not booting fully and locking up)
- Replaced an iMac logic board for the parent of someone on the same robotics team as my son.
Never too “high level” for hands on work! This was a fun project.
- Developed a study plan for a colleague that I am mentoring to help him prepare for CompTIA’s Security+ certification exam.
Cisco Meraki MX64 / Webinar / Product Demo / Training
- Attended a Meraki MX (security appliance) webinar today. Really enjoyed it! Looking forward to playing around with this gear very soon.
- Developed a study plan for a colleague that I am mentoring to help her prepare for CompTIA’s Security+ certification exam.
- Attended “Cisco Meraki Webinar: Introduction to Cloud Managed Switching”.
Vulnerability Scanning on Windows 10 Laptop
- Scanned a client’s Windows 10 laptop for vulnerabilities, found 2 missing security updates and resolved manually.
- Attended a 1 hour webinar put on by CompTIA for their new Cybersecurity Analyst certification called CSA+.
- Attended a 1 hour webinar put on by Cisco Meraki to provide an overview of their cloud-managed access point.
Meraki | Product Evaluation for TECOSO
- Confirmed meeting with pre-sales rep to discuss Meraki gear before attending (3) upcoming webinars.
- Looking to evaluate their switch, access point and firewall for deployment at TECOSO in April of 2017.
SolarWinds | Product Evaluation for TECOSO
- Signed up for and downloaded SolarWind’s “Network Analyzer & Bandwidth Monitoring Bundle”
- Signed up for SolarWind’s “PINGDOM – Web Performance Management” utility.
TECOSO Site | Backup and Administration
- Updated WordPress plugins
- Backed up WordPress site and database with Akeeba
TECOSO Site | Two Factor Authentication
- Installed and configured two factor authentication plugin by Duo Security
- Plugin found here –> https://wordpress.org/plugins/duo-wordpress/
- Instructions found here –> https://duo.com/docs/wordpress
- This was very straightforward to get up and running. Took less than 30 minutes!
On-Site Technology Consulting, Training and Evangelizing
- Along with a colleague, coordinated and lead, a training session to educate recruiters on existing/emerging technologies.
- Discussed the importance of the DevOps movement/philosophy.
- Consulted with multiple recruiters on “translating” technology resumes into something comprehensible.
- At the end of the session, allowed for a brief Q & A to address anything that the recruiters wanted to gain knowledge on.
- Installed WordPress plugin to allow for “installer” file types
- Uploaded remote “agent” installers and linked to them
System Administration: VMware Virtual Machine Performance Issues (CPU was spiking above 100 percent)
- Shut down Windows 7 VM
- Moved page file to a separate, physical disk
- Increased memory of VM
- Re-installed VMware Tools
- Using “top” command, verified that CPU usage was back to normal and under 100 percent
Linux Server Maintenance
- Installed latest Linux security/OS patches to main server and rebooted
- Found and killed all active/running VNC processes: 1) ps -ax | grep vnc* 2) kill 3846
- Listed all installed Linux kernel images: dpkg -l linux-image*
- Removed obsolete Linux kernel images: apt-get remove -purge linux-image-x
Technology Consulting | SAN Technologies
- Assisted a colleague who needed help mapping to an iSCSI NAS from a Novell 6.5 server
Cybersecurity | Firmware and Patching
- Updated NAS firmware to latest version
- Updated main wireless access point firmware to latest version
- Restarted NAS device and 2 wireless access points as routine maintenance (mainly firmware upgrades)
- Signed up for a local, VMware User Group
Cybersecurity & IT Support | Configured Remote Desktop to Run on Non-Standard Port
- Edited the registry and changed the RDP-Tcp value to the desired port number
- Configured new port forwarding rule on router
- Restarted Remote Desktop Services on the Windows system to make the changes take effect
- Tested remote connectivity and worked great!
- Created a new virtual machine in VirtualBox
- Mounted VMDK from old VM
- Mapped network drive from within new VM
- Copied data from old VMDK to network attached storage
Cybersecurity | Restored Functionality on Infected Client Laptop
- Client brought in an “infected” laptop with no wired or wireless connectivity
- Verified lack of network functionality with both wired and wireless
- Restored laptop with Microsoft System Restore point, to retain data but restore a functional registry
- Installed AVG Antivirus and scheduled weekly full scans to run on Sundays @ 1 PM
- Scanned and removed threats with various utilities
- Applied all security patches missing and reported by PC Security Audit software
Training and Personal Development: Microsoft Azure
- Started the OPENedX AZURE214x Azure Fundamentals online course.
- In preparation for deploying a remote support and anti-theft solution at Microsoft, using Azure, signed up for the free trial.
Cybersecurity: Vulnerability Scanning with SiteLock
- Removed vulnerabilities found on our site.
Web Site Administration: Backup Site Files/DB and Store Offline
- Using Akeeba Backup for WordPress, backed up site files and database.
Cybersecurity: Implement SSL on TECOSO Site
- Implemented SSL on our site using McAfee Secure.
SSL Implementation for TECOSO Site
Sales, Service and Support: Implement Live Chat
- Implemented live chat support on our site so that TECOSO “agents” can communicate directly with visitors.