- Create Zone on the WAN interface (E0/1)
- Binding Interface E0/1
- Set the static IP (WAN IP) – You telco assign to you.
- New DHCP Server:
- Select your LAN Interface E0/0
- New SNAT
- New Security Policy
- New routing
Thursday, March 30, 2023
Setup the Hillstone Firewall to connect to Internet
Trellix Endpoint Security Products (McAfee ENS & FireEye HX) Coexist configuration
Configuring Trellix Endpoint Security Products (ENS & HX) to Coexist on Endpoints
Sunday, March 26, 2023
Deepin troubleshooting
If you receive the following error:
- Mount snap "opera" (225) (snap "opera" assumes unsupported features: snapd2.43 (try to update snapd and refresh the core snap))
Solution:
sudo snap install core
If you receive the following error:
cannot install "core", "snapd": cannot install snapd snap on a model without a base snap yet
Solution:
sudo snap install core snapd
When you double click the opera-xxx.deb file to install it. It show the "Dependency on libgcc-s1 is missing..."
Solution:
sudo dpkg -i opera-xxx.deb
Friday, March 24, 2023
默安科技(Moresec) 下一代欺骗防御(deception)解决方案 - 幻阵
From Honeypot (蜜罐) to Deception (欺骗防御), we may consider of deception technology as the next evolutionary step of the honeypot.
https://www.moresec.cn/solution/solution-deception
Thursday, March 23, 2023
Dell EMC Unity: SP may panic after being up for 275 - 300 days "DELL EMC Unity XT 480、680 或 880 SP 在連續運行 275 - 300 天後可能會當機"
Issue:
Unity XT 480, 680 or 880 SP may panic after being up for 275 - 300 days.
Fix:
The fix is available in operating system 5.2.1.0.5.013 (5.2 SP1).
Workaround:
Proactively reboot SP every 8 months to avoid SP panic. Instructions to reboot an SP: Unity: How to Reboot a Storage Processor (User Correctable).
Customer can issue "uptime" connecting to array using SSH by using service account to get SP runtime.
Example below shows uptime is 31 days.
04:30:01 service@xxx spa:~/user# uptime 04:30am up 31 days 3:41, 2 users, load average: 29.21, 29.45, 29.51 Reference:
Dell Unity: SP may panic after being up for 275 - 300 days (Dell Correctable) | Dell 香港
Sunday, March 19, 2023
(Trellix) Fireeye and Qianxin 奇安信 product mapping
(Trellix) FireEye EX――奇安信邮件威胁检测系统
(Trellix) FireEye NX――奇安信天眼威胁监测与分析系统
(Trellix) FireEye HX、EDR――奇安信终端安全管理系统
Monday, March 13, 2023
Veeam Backup & Replication CVE-2023-27532
- This vulnerability affects all Veeam Backup & Replication versions.
- If you use an earlier Veeam Backup & Replication version, please upgrade to a supported version first.
- If you use an all-in-one Veeam appliance with no remote backup infrastructure components, you can alternatively block external connections to port TCP 9401 in the backup server firewall as a temporary remediation until the patch is installed.
- The patch must be installed on the Veeam Backup & Replication server. All new deployments of Veeam Backup & Replication versions 12 and 11a installed using the ISO images dated 20230223 (V12) and 20230227 (V11a) or later are not vulnerable.
Before Patch:
After Patch:
You will see the patch number "P20230227" on the Build number
Reference:
KB4424: CVE-2023-27532 (veeam.com)
Friday, March 10, 2023
Hillstone SG-6000-A1000 upgrade firmware
- Click "System", you will see your existing firmware version.
To download image, login support portal -> tools -> images download.
Moreover, To create Hillstone account, you just need to open below link and kick – login with StoneID, then select register, to create new account.
https://kb.hillstonenet.com/en/
- Download the firmware which is SG6000-A-1-5.5xxxxx
- Click "Upgrade"
- Click "Browse" to select the new firmware
- Make sure you backup your configuration file before you apply the new firmware and also click reboot now to make the new firmware take effect.
After the reboot, you will find the firmware have been updated.
Remark:
If you license expired, you will failed to upgrade your firmware.
Install Hillstone license file need to unzip the tar file
You will receive a .tar file from vendor, if you did not unzip it. You will receive the error like the following:
After unzip it, you will receive those license files:
Some licenses (URL DB, IPS and AntiVirus) need to reboot the firewall before it is effective.
How to reboot Hillstone Firewall on GUI
Go to System > Device Management > Options > System Option, click Reboot.
Reference:
https://kb.hillstonenet.com/en/wp-content/uploads/2015/06/StoneOS_5.5R1_Getting_Started_Guide.pdf
Hillstone SG-6000-A1000
Quick setup for a Hillstone SG-6000-A100 firewall:
- Connect to E0/0
- Config your NIC on your PC to 192.168.1.2/24
- Open browser to enter https://192.168.1.1
- Type the default username (hillstone) and password (hillstone) into the
text boxes respectively. - Click "Login"
Reference:
https://kb.hillstonenet.com/en/wp-content/uploads/2017/11/QuickStart_LMS_EN.pdf
1. Product Documents
User Guide, Cookbook, Hardware Guide, Release notes etc.
Link: https://docs.hillstonenet.com/en/Content/Home.htm
2. Knowledge Base
Register for your partner/guest account before using KB.
Technical resources, service policy, setting guide, troubleshooting, case tool, known issues etc.
Link: https://kb.hillstonenet.com/en/
3. Support Portal
Create new case and manage your own cases
Image download and recommended firmware version
Link: https://support.hillstonenet.com/
To download image, login support portal -> tools -> images download.
Moreover, To create Hillstone account, you just need to open below link and kick – login with StoneID, then select register, to create new account.
https://kb.hillstonenet.com/en/
Subscribe to:
Posts (Atom)