Monday, December 25, 2023

TencentOS (TLinux) and OpencloudOS


TencentOS Server 镜像版本

目前腾讯云上有3款 TencentOS Server 镜像供用户选择:

镜像版本 说明
TencentOS Server 3.1 与 CentOS 8用户态完全兼容,配套基于社区5.4 LTS 内核深度优化的 tkernel4版本。
TencentOS Server 2.4 与 CentOS 7用户态完全兼容,配套基于社区4.14 LTS 内核深度优化的 tkernel3版本。
TencentOS Server 2.4(TK4) 与 CentOS 7用户态完全兼容,配套基于社区5.4 LTS 内核深度优化的 tkernel3版本。
Reference:

Print Friendly and PDF
Share/Bookmark

国产操作系统 - Antivirus

Antivirus support Kylin 麒麟 OS and Huawei EulerOS (OpenEuler):

  1. TrendMicro OfficeScan
  2. Bitdefender
  3. Kaspersky

Reference:

Print Friendly and PDF
Share/Bookmark

Sunday, December 24, 2023

Tencent Cloud Security Tool - Cloud Security Center (CSC) and Cloud Workload Protection Platform (CWPP)

The CSC and CWPP are good tool to protect cloud workload, provide threat detection, threat blocking, forensics, source tracing, and threat response and handling.


Reference:

Print Friendly and PDF
Share/Bookmark

Cathay Pacific (CX) inflight service

My first flight is A330 which is wifi not available:

My second flight A321 neo have service:

Reference:

Print Friendly and PDF
Share/Bookmark

Lenovo X240 able to install Linux but not Windows

Reason: The secure boot cause this problem
Solution: reset the secure boot settings to default and also clear all configuration.

Print Friendly and PDF
Share/Bookmark

TP-Link Tapo c200 IP Camera need to upgrade firmware and also enable auto update

Upgrade path: 
Version 1.3.5 upgrade to 1.3.9, then 1.3.11



Since TP-Link C200 no need to open firewall port and also setup DDNS or fixed IP, you only need to use the TP-Link mobile app to connect, upgrade firmware is very important to secure your IP camera. 

Print Friendly and PDF
Share/Bookmark

DDNS and OpenVPN setup on Sophos Firewall

Reference doc:




Print Friendly and PDF
Share/Bookmark

Saturday, December 16, 2023

A very good security feature on Fortinet Fortigate you should enable to protect your firewall against vulnerability

Virtual patching on the local-in management interface

Virtual patching is a method of mitigating vulnerability exploits by using the FortiGate's IPS engine to block known vulnerabilities. Virtual patching can be applied to traffic destined to the FortiGate by applying the FMWP (Firmware Virtual Patch) database to the local-in interface using local-in policies. Attacks geared towards GUI and SSH management access, for example, can be mitigated using the FMWP database pushed from FortiGuard, thereby virtually patching these vulnerabilities.


Print Friendly and PDF
Share/Bookmark

Friday, December 15, 2023

Fortinet Fortigate Firewall and H3C Switch OSPF network type

In 6.x OS, Fortigate Firewall OSPF in GUI running on "broadcast" network type. You need to check your H3C OSPF is running which network type.

Network type:
broadcast: Broadcast.
non-broadcast: Non-broadcast.
point-to-point: Point-to-point.
point-to-multipoint: Point-to-multipoint.
point-to-multipoint-non-broadcast: Point-to-multipoint and non-broadcast.

If the network type is mis-match between Fortigate and H3C switches, you will see the neighbour but cannot update route in the routing table.

Print Friendly and PDF
Share/Bookmark

Thursday, December 14, 2023

Tencent Cloud Direct Connect routing constrain

Limitations: 
  1. Cannot accept over 100 route via BGP
  2. Support Statics Route and BGP only

Solution:
Fortinet Fortigate to do OSPF route summarisation and then redistribute to BGP to Tencent cloud

Remark: H3C switch OSPF limitations is cannot summarise route to next hop.

Print Friendly and PDF
Share/Bookmark

Sophos Firewall failed to access web admin console after upgrade from SFOS 19.0.3 MR-3-Build517 to SFOS 19.5.3 MR-3-Build652

After the upgrade, you still able to see the login page:
And also, you able to access Internet via the firewall:

But you failed to login the firewall web console: (Return a blank page)


You able to access firewall via SSH:

Solution:
Use SSH to login, then select "7" , then "R" to reboot the firewall.

Reference:

Print Friendly and PDF
Share/Bookmark

Thursday, December 7, 2023

M365 - Exchange - This message could not be sent. You do not have the permission to send the message on behalf of the specified user.

When you using "Send As", you receive the following error message:
This message could not be sent. You do not have the permission to send the message on behalf of the specified user.

Solution:

In Office 365 and go to Exchange Admin Center(EAC) search,  click and edit the shared mailbox. Then go to mailbox delegation, add your account to the Sent As permission list. Then wait a few hours to take effect. Then you will be able to send emails as the shared mailbox. In Outlook 2016 client, click From and choose Other Email Address and type the address of the shared mailbox.

 

Reference:

https://support.microsoft.com/en-us/office/open-and-use-a-shared-mailbox-in-outlook-d94a8e9e-21f1-4240-808b-de9c9c088afd

https://answers.microsoft.com/en-us/outlook_com/forum/all/send-mail-as-a-shared-mailbox/074b9d20-16c9-4431-bb88-6ce81331844f

https://copyprogramming.com/howto/send-as-vs-full-access-shared-mailbox


Print Friendly and PDF
Share/Bookmark

Tuesday, December 5, 2023

Install Windows 11 without internet connection (23H2)

When it request you to connect Internet, use the "Shift + F10" keyboard shortcut. (Some laptop need to press "FIN + Shift +F10")

In command prompt, enter "OOBE\BYPASSNRO"

Then, the setup wizard will re-run and you have an option to select "I don't have internet"


Print Friendly and PDF
Share/Bookmark

Lenovo T14s Gen 4 AMD Type 21f8 wifi driver

Qualcomm Wireless Driver for Windows 11 (Version 21H2 or later) - ThinkPad

Print Friendly and PDF
Share/Bookmark

AVITA - ESSENTIAL NE14A2IEE435 - Windows 11 fine tune

  1. Reinstall the machine to Windows 11 23H2
  2. Run Windows Update to apply latest patches and drivers
  3. Disable shadows, animations, and visual effects
  4. Disable transparency
  5. Change power settings to "High performance"
  6. Disable Game mode


Reference:

Print Friendly and PDF
Share/Bookmark

AVITA - ESSENTIAL 14吋 NE14A2IEE435 手提電腦 - Openbox test

- 14吋防眩螢幕提供舒適視角
- 內置SATA 固態硬碟(SSD)128GB
- Windows 11 家用版 S mode (英語系統)
- 處理器AMD Athlon™ Silver 3050e
- 記憶體4GB DDR4
- 顯示卡AMD Radeon™ Graphics
- 約1.377 kg

Pros: Very cheap (HK$ 998) form mega sale

Cons:
1. Windows 11 is (S mode), you can run applications from Microsoft Store only. Actually, you can switch it back to Windows 11 home edition by login Microsoft Store and select "Switch out of S mode" What is Windows S Mode? - Reviewed (usatoday.com)
2. The CPU and RAM are limited, the overall performance are not good running Windows 11 even under S mode
3. New machine battery is empty need to charge for a while before able to power on
4. Keyboard layout is different e.g. "@" not on number 2 key (It is UK default keyboard layout not US)

100Mbps broadband:



Print Friendly and PDF
Share/Bookmark

FortiToken migration need to be preparation

It requires to transfer the token license to new device via support ticket, and also need to re-activate the token in user side again. Below are the details KB from Fortinet: 

By design, FortiTokens (except the hardware FortiToken-211 and FortiToken-300 series) are always linked to the serial number of the unit on which they are activated. 

The entire process boils down roughly to these steps:  

1) Migrate the licence/token in Fortinet systems (this is done via a support ticket).  
2) Delete the tokens on the old unit.  
3) Migrate any user accounts from the old unit to the new unit as appropriate. 
4) Activate the tokens on the new unit (add the hardware tokens/supply the mobile token licence activation code). 
5) Assign tokens to users again (for mobile tokens, it needs to be activated in the app again).

Print Friendly and PDF
Share/Bookmark

How to reformat a USB thumb drive which is format by Win32 Disk Imager?

User Windows command Diskpart



It will take several hours to finish the format.

Reference:

Print Friendly and PDF
Share/Bookmark

How to install Lubuntu from a USB drive?

To create a bootable USB thumb drive, you will need to use Win 32 Disk imager:


Reference:


Print Friendly and PDF
Share/Bookmark