Wednesday 1st, October 2014
Badkey migration to Google Apps10/01/2014 11:43 PM During 16 February 2014 Badkey started Domino 9, now Badkey is running IBM Notes and Domino 9 64 bit.
We have to move to the next stage "Go to Google Apps".
I still have 2 mailboxes that I have to move to Google.
Yep 2 NSF files ,
What migration can I use ? Please e-mail me for a solution at: email@example.com
The Badkey Team
Technorati: Badkey CentOS Domino Domino 9 Google IBM IBM Lotus Notes IBM Notes 9 Information Linux Lotus Notes Traveler Version 9 VMware
Friday 12th, September 2014
Sophos UTM 9.206-35 Up2Date 9.206035 package09/12/2014 10:16 PM
Firmware version: 9.206-35
We just did the upgrade in the OTAP.
UTM Up2Date 9.206 Released. 10-09-2014 / Eric Bégoc
Up2Date 9.206035 package description:
System will be rebooted
Configuration will be upgraded
Connected RED devices will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade
Enhancement: Web filter allows to define exceptions based on User Agent
Enhancement: SMC Wifi synchronisation also syncs PSK
Fix : Exchange 2010 OWA notifications don't work
Fix : improve handling of rpmdb corruptions
Fix : SAVI engine scan failed: Unknown SAVI error [0x80040237]
Fix : WiFi: Sometimes syslogd on AP is not running after AP booted up
Fix : Remote access reporting shows incorrect information about duration of vpn user
Fix : 3G USB modem intermittently not assigned after reboot
Fix : Prevent ulogd coredumps in case of database issues
Fix : Input username is not updated to directory notation in case of custom user name attribute
Fix : Hostnames with utf-8 characters are not shown in PDF executive report
Fix : PIM SM does not work between two networks
Fix : Graphs in Executive Report are only shown if "Daily executive report" option is enabled
Fix : UMTS failover doesn't work after HA takeover
Fix : Make httpproxy more tolerant to invalid Content-Length value from Server
Fix : httpproxy coredumps during shutdown time
Fix : [SR] Saving blacklist/whitelist fails in User Portal
Fix : ulogd coredump caused by an error message from postgreSQL "integer out of range"
Fix : Mails stuck in work queue due to duplicate key value violates unique constraint "primary_m"
Fix : Segmentation fault in serve_local_file from /usr/lib/libglib-2.0.so.0
Fix : changing time steps of individual OTP tokens results in authentication failure
Fix : smtpd is restarting and creates coredumps in 9.201
Fix : dhcpd not started after up2date
Fix : Extended information from web security reporting results table shows nothing
Fix : It's not possible to send automatic backups if INFO-011 is disabled
Fix : smtpd causes high disk I/O after update to 9.2
Fix : mails with attachments are causing scanner timeout or deadlock
Fix : Using lag interfaces in a bridge setup is not reboot save
Fix : Japanese double byte text in "Device Specific Text" of notification mail broken
Fix : Packetfilter rules numbering in webadmin and livelog doesn't match
Fix : IPsec Auto-Packetfilter rules depolyed by SUM (4.2) again and again
Fix : Country blocking exceptions with empty country doesn't work if destination is local to UTM
Fix : The SMC connection test didn't work before applying the configuration
Fix : smtpd dieing without Coredump
Fix : RED: rewrite cert files after cert change
Fix : confd sync daemon runnnig on slave node
Fix : Don't allow usage of disabled interface in user portal
Fix : smtp connection is lost during unnecessary config reload
Fix : RED10: potentially no reboot after firmware update
Fix : System freeze using uplink balancing and IPsec bind to interface
Fix : bounced spx encrypted mail is shown as delivered
Fix : Installer breaks formatting in 70-persistent-net.rules
Fix : Master shows slave device name as "unknown"
Fix : Problems with form reverse authentication in reverseproxy for OWA / ActiveSync
Fix : Reset Adapter and Hardware unit hang after update to v9.204 for intel ethernet controller 82579LM Gigabit Network Connection
Fix : Change snort links to vendor homepage [9.2]
Fix : Denial of service in mod_deflate's request body decompression (CVE-2014-0118)
Fix : dhcp option 43 , scope server is not working on one system
Fix : Sync WiFi preshared keys to SMC
Fix : vpn-reporter.pl segfault in libc-2.11.3.so
Fix : The default "nf_conntrack_max" value is too low for new SG550/SG650 series.
RPM packages contained:
The Badkey Team
https://www.linkedin.com/in/willemsej Technorati: Astaro Astaro Security Gateway Firewall Information Linux New Release Security Sophos Sophos UTM Up2Date VPN UTM
Wednesday 20th, August 2014
SABnzbd 0.7.1808/20/2014 07:43 PM Upgrade in de OTAP gedaan naar versie 0.7.18
Latest Version: 0.7.18 — Released: 06-JUL-2014
The Badkey Team
Technorati: Badkey Information CESA-2014:0981 Important CentOS 6 kernel Update08/20/2014 07:30 PM
Friday 1st, August 2014
Sophos UTM Up2Date 9.204020 package08/01/2014 04:39 PM
We just did the upgrade. System Version:
Sophos UTM 9.204020
Sophos UTM Home Edition
Free Home Use Firewall is a fully equipped software version of the Sophos UTM firewall, available at no cost for home users – no strings attached.
It features full Network, Web, Mail and Web Application Security with VPN functionality and protects up to 50 IP addresses.
The Sophos UTM Free Home Use firewall contains its own operating system and will overwrite all data on the computer during the installation process.
More @ http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx
ˇ Bugfix Release
ˇ Enhancement: WAF: Allow to configure connection timeout per backend
ˇ Enhancement: WAF: Add "id" field to log lines
ˇ Enhancement: SSL VPN: Log traffic volume on connection close
ˇ System will be rebooted
ˇ Configuration will be upgraded
ˇ Connected Wifi APs will perform firmware upgrade
ˇ Connected RED devices will perform firmware upgrade
22468 HTML5 iptables rule doesn't match for IPSec-routed hosts
24091 RED [RED10, RED50]: prevent RED50 from being deployed as RED10 and vice versa
24679 Rescan for Virus when releasing Quarantine Message
28973 [ALPHA] SPX: Attachment names character encoding error during PDF generation
29252 [BETA] Improve logging of SPX encryption
29446 [BETA] DLP: inconsistent dlp action identifier
30320 WiFi: Client list lacks some data for clients not seen for a long time
30640 Messages with reason "sender_blacklist" cannot be written to quarantine
31131 UTM525r5 declared as software after copper module replacement [9.2]
31174 Google Play store downloads should bypass the download patience page
31357 [SR] IPS Rule Age not available for Subnodes
31518 [9.2] Regression from V8: Recipient Verification against AD not working with LDAP-SSL
31536 If a Endpoint client with WebControl is behind a UTM it doesnt belong to or is no UTM managed Endpoint at all surfing gets slow
31560 NTP for offline provisioned REDs
31568 Winbind failed to accept socket - Too many open files [9.2]
31578 Avira Scanner can not scan pop3 mail, Error index out of bound [9.2]
31599 coredump of vpn-reporter due to not parsing the username correctly
31608 Websec reporting didn't work correctly after update to v9.201
31671 changing time steps of individual OTP tokens results in authentication failure
31691 Support IP address for SMC-Server
31696 Kernel panic after adding new Access Point
31750 Upload of exe files via waf results in segmentation fault of reverseproxy
31785 netselector does not write server sorted correctly
31792 selfmon too agressive about ctasd_inbound_mem_usage counter and ctasd_inbound_mem_usage counter
31837 kernel NULL pointer deref at nf_nat_setup_info+0x299/0x61f [nf_nat]
31878 Default exception for chrome updater/installer [9.2]
31889 Reduce exceptions for Firefox Update [9.2]
32010 Packetfilter rules are not visible in webadmin when IE is used and version 9.202 is installed
32067 Workaround for software updates/ downloads via download manager
The Badkey Team
Technorati: Astaro Astaro Security Gateway Firewall Information Linux New Release Security Sophos Sophos UTM Up2Date VPN UTM
Thursday 29th, May 2014
FRITZ!OS: New Firmware 6.0505/29/2014 09:24 PM
Download FRITZ!OS 6.04 at:
Technorati: Information Security VPN XS4all FRITZ!OS
|A new FRITZ!OS 06.05 is available for your FRITZ!Box Fon WLAN 7360.|
You are currently using FRITZ!OS version 06.04.
For information about the new features included in the new FRITZ!OS, go to:
- Security: removes possibility for unauthorized access to FRITZ!Box. Please check for important information here: http://www.avm.de/en/Sicherheit
- added Dialplan for New Zealand
- New with FRITZ!OS 6:
- Wireless LAN Guest Access new as "private hotspot"
- Ready for vectoring
- Parental control with shared budget for multiple devices
- Improved and expanded push services with automatic email notifications
- New MyFRITZ! access to answering machine, Smart Home and FRITZ!NAS for mobile devices
- Smart Home functionality now even more convenient and with more information
- FRITZ!Fon with media player and much more
- Easier VPN setup, optimized for iOS tablets and smartphones
Thursday 22nd, May 2014
IBM Notes and the Heartbleed Bug.05/22/2014
IBM Notes & Domino are
not vulnerable to OpenSSL "Heartbleed" bug (CVE-2014-0160)
The Heartbleed Bug
"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users."
Information is circulating describing a method called "Heartbleed," which exploits a vulnerability caused by a design error in OpenSSL. This technote provides confirmation that IBM Notes and Domino are not susceptible to the Heartbleed attack.
IBM Notes and Domino are not vulnerable to the Heartbleed bug because they do not use OpenSSL as the basis of the SSL stack in the products. Note that this includes both the Domino SSL stack as well as the TLS implementation supported by the IBM HTTP Server in 9.0. Notes Traveler is also not affected.
For more information on the Heartbleed bug, including a Q&A, go to
OpenSSL vulnerabilities do not apply to IHS
A simplified Chinese translation is available
The Badkey Team
http://planetlotus.org/profiles/john-willemse Technorati: Badkey CentOS Domino Domino 9 Firewall Google IBM IBM Lotus Notes IBM Notes 9 Information Linux Lotus Notes Security Social Media
Sunday 20th, April 2014
Update CentOS (Linux) Important SSL Security Vulnerability. Fix OpenSSL version 1.0.1g04/20/2014 11:54 PM
On Monday, April 7th 2014, an OpenSSL vulnerability was disclosed which has been called one of the worst security holes in recent internet history. The bug, called the Heartbleed bug, was introduced in OpenSSL version 1.0.1. It has been in the wild since March of 2012 and is patched with OpenSSL version 1.0.1g released on April 7th 2014. OpenSSL Severe Vulnerability in TLS Heartbeat Extension (CVE-2014-0160)
The bug allows any attacker to read the memory of a vulnerable host, which means that any keys that have been used on a host with a vulnerable version of OpenSSL should be considered compromised. Distributions have been updating their packages and pushing out updates, but users need to pull down the most recent packages and revoke any previous keys based on insecure versions. Important: openssl security update. RHSA-2014:0376-1
An encryption flaw called the Heartbleed bug is already being called one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years.
Read more on the Social Networks. http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
We'll show you how to update your systems with a secure version of OpenSSL, revoke any insecure SSL certificates, and test whether you are vulnerable or not.
Checking your Version Numbers. You should check your version of OpenSSL after you have updated your system.
While OpenSSL version 1.0.1g is the official fix of this problem, the version that fixes this for different distributions and releases may vary. Some releases and distributions patched their older versions to fix the problem, rather than releasing an entirely new version into an older, stable ecosystem. Because of this reason, it is best to check through your distribution's packaging system, since the openssl version command might not reflect the information we need.
CentOS and Fedora Releases and Fix Versions:
For CentOS and Fedora systems, you can query the version of the OpenSSL package installed on your system by typing:
rpm -q -a | grep "openssl"
You should receive output that looks like this:
For CentOS, here are the releases and the minimum versions of OpenSSL that must be applied to protect future SSL interactions. We will take the architecture off the end in our list:
CentOS 5: Unaffected (Shipped with older version prior to vulnerability)
CentOS 6: openssl-1.0.1e-16.el6.5.7
CESA-2014:0376 Important CentOS 6 openssl Update
CentOS Errata and Security Advisory 2014:0376 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0376.html
openssl x86_64 1.0.1e-16.el6_5.7
kernel-firmware noarch 2.6.32-431.11.2.el6
The Badkey Team
http://planetlotus.org/profiles/john-willemse Technorati: Badkey CentOS Firewall Google Information Linux Security Social Media Heartbleed Security Bug fixes for VMware04/20/2014 12:58 PM 19 April, 2014.
It seems to be patch Saturday as today a whole bunch of updates of products were released. All of these updates relate to the heartbleed security bug fix. There is no point in listing every single product as I assume you all know the VMware download page by now, but I do want to link the most commonly used for your convenience:
Time to update, but before you do… if you are using NFS based storage make sure to read this first before jumping straight to vSphere 5.5 U1a!
The Badkey Team
http://planetlotus.org/profiles/john-willemse Technorati: VMWare