In the office we use a SonicWall to allow remote VPN users to access local resources. For the most part it works great, allowing access to our Outlook / Exchange server, mapped drives and other important network resources.
Recently I upgraded the SonicWall to a new device and recreated the rules from scratch (rather than roll old stuff over) a few days after the upgrade SonicWall users started to experience this odd error message:
ODD OUTLOOK ERROR MESSAGE:
Outlook cannot log on. Verify you are connected to
the network and are using the proper server and mailbox name.
The Mailbox Exchange information server in your profile
is missing required information.
Modify your profile to ensure that you are using the
correct Microsoft Exchange information service.
At first I thought the users profile had just gone corrupt, so I deleted the Outlook profile and just recreated it and all was well in the world. However next time that particular user took their laptop out of the office the message eventually returned. I was able to put two and two together and figured it had to do with something the VPN tunnel on the sonicwall was doing to cause this issue.
Continue reading “Outlook cannot log on. Verify you are connected to the network and are using the proper server and mailbox name”
The latest hacker / email scam has been roaming the internet for a few months now. This one is pretty ingenious because it is more of a social email hack playing on your fears rather than an actual attack on your computer.
How does it play out?
An email arrives from you, yes your own email address. The subject of the email will be related to “Account Issue” , “Security Warning” or some variation. The email will further explain that you were hacked by an International Hacker Group and demand you pay $800 USD in bit coin in 48 hours or they will release video of you in a compromising position while watching porn! The hacker further tries to prove his legitimacy by providing you with your password.
The first time I saw this attack I was taken back for a moment because the password in the email was REAL. It was actually one of my “throwaway” passwords and kind of freaked me out.
Lets break the email down and see exactly what they did
Continue reading “International Hacker Email / Security Warning / Account Issue”
I am one of the few on the planet that still hosts my own servers in house. Sorry, but I don’t really see the benefit of moving everything to the cloud when keeping it in house allows me the control and flexibility I want. I especially like having an Exchange OWA server in house.
With that said, hosting your own systems can be troublesome as well. Maintaining the hardware, infrastructure and security are items that would get farmed out in a cloud environment. This post focuses on the security end, or rather attempting to track hack attempts.
In January, I sent up a trigger to alert me every time a user is locked out. -> Know instantly when a user is locked out <- Its a good read if you’re interested. This trigger reads the event logs, looks for the lockout event and sends the info to me via email. A great help in being proactive with my users. It also alerts me to hack attempts. Too many incorrect login attempts on OWA would trigger a lockout event. During a recent weekend, I was receiving lockout emails every 30 minutes. So who was doing this? What did they want?
How to check Exchange OWA IIS logs
Continue reading “Who’s Hacking My Exchange OWA? Check with Log Parser 2.2”
I have been a big fan of SonicWall products for the last 18 years. Even after being taken over by Dell, I still use Sonicwall in my office and at home. You may say its overkill to have one in my home, but I tend to model my home lab environment to my office environment. I like to think of my home network as a sandbox for testing things in the office.
This year we are making a big push for better security around the office and one topic that came up was the office WiFi. Currently the office Wifi shares the same LAN connection as the rest of the network. Even worse there is only one SSID for both the staff and guests. Even worse than that the SSID password has not been changed for 10+ years!
A project was commissioned to segment the WiFi network from the LAN, however it is important to allow the staff that works in the office access to the LAN via WiFi when needed.
Sonicwall – I have a NSA2600, but any modern NSA device will do. If you’re not sure which Sonicwall to purchase, this is a great starter.
Sonicwall TZ300 Total Secure $679.99 at Amazon
Continue reading “Using your Sonicwall to make a public WiFi network”
As an IT professional for over 20 years I have run into a lot of strange errors in my time. I also have an extensive home “production” lab so I can stay up to date on changes in tech and its fun! Recently I installed Exchange 2016 in a Hyper-V virtual machine. It was a simple migration from 2013. I was in the process of decommissioning an older Hyper-V host. Some of my guest vm’s were migrated while others were built from scratch.
I had completed my migration and Exchange, OWA, & ECP were working just fine. About a month later I tried to access the ECP and was greeted with a 500 Error!
Tracking Down The Error
Continue reading “Exchange 2016 – ECP ERROR 500 – OWA Working Fine!”
Welcome to part two of my post. Previously I spoke about building a security system using a Raspberry Pi Zero and MotioneyeOS. (Read Here) I built and installed the system in February and it was working great. I even caught some Ass-Hat driving over my lawn and trash (Read Here). I ran into one issue with this system. Once Summer was here and the outside temperatures hit 90° (32°c) The processor temperature of the Pi Zero was topping 161° (72°C) and lack of cooling was causing my Pi Zeros to crash
According to the Raspberry Pi foundation the boards are specked to approach 80°C but mine were failing in the mid 70’s. So now to work on a solution.
How to cool your outdoor Motioneye camera
My first attempt was an obvious one – Paint the camera white.
The waterproof boxes I was using to house the camera had a clear cover. To reduce the amount of sunlight, I simply painted the box white
Painting the box was helpful and kept the system cooler , but it still wasn’t enough. The next step was to vent the box simply by drilling a few small holes at the bottom. I know this compromises my “waterproof” concept, but I am hedging my bets if any rain water was to enter the box, it would remain at the bottom and not touch the electronics.
Still not good enough! I want to add a fan, but I only want the fan to run when the CPU hits a specific temperature. There is no need to run the fan on cool nights or during the winter. So I decided to use the GPIO pins on the PI Zero to control the fan.
Controlling the cooling fan via GPIO pins
- 5 Volt cooling fan
- 1 NPN Transistor
- 1 1KΩ Resistor (or equivalent)
- Small breadboard
- Soldering iron / solder
How to assemble
Its probably not a good idea to connect a fan directly to one of the GPIO pins, so I used a simple transistor and resistor to help limit the current being drawn via the pin
Continue reading “Cooling your Motioneye Pi Zero Security Camera”
Camera systems are so inexpensive these days that it may make sense to purchase a Zmodo or Arlo system from Amazon and call it a day. What fun would that be? I love making little electronic projects and then improving on them as I go. Rather than install a pre-packaged surveillance system, motioneye here we come.
My system consists of four Raspberry Pi units running MotioneyeOS. Three of the four units are Pi Zeros that are my actual cameras, and the fourth is a Pi 3 that aggregates the feeds to one central monitoring station. The benefit of this is there is only one IP/domain that needs to be accessed in order to monitor all the cameras on my system. Continue reading “Motioneye Raspberry Pi Zero Security System”
I’m a network engineer by trade and like many of us enjoy having an extensive home lab where I can run servers, learn and experiment in my free time. Not only do I find it very satisfying to build a “production” infrastructure at home, but it also helps me with my day-to-day work at my real job. A few years back I started converting my home lab to Hyper-V. I found a visualized environment easier to manage, plus I was able to work on various technologies without running multiple pieces of hardware (think electric bill)
Residential Internet Service = ONE IP ADDRESS
The only issue was talking to all my various projects from outside the network. I have residential internet service and am only allowed ONE IP address. This causes issues running services on separate internal servers on the same port and trying to reach them from the internet.
Continue reading “Easy Nginx Reverse Proxy”
I had a user this week call me complaining that Microsoft Edge would freeze on launch and then crash and close. After investigating her event logs it was determined the faulting module was emodel.dll
Faulting application name: MicrosoftEdge.exe, version: 11.0.16299.371, time stamp: 0x5abdaed4
Faulting module name: EMODEL.dll, version: 11.0.16299.371, time stamp: 0x5abdaf79
Exception code: 0xc0000409
Fault offset: 0x000000000018bcae
Faulting process id: 0x2900
Faulting application start time: 0x01d3e794d12ebc95
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Faulting module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EMODEL.dll
Report Id: 560abf0f-e6c8-4b45-8b96-d448f9aa934d
Faulting package full name: Microsoft.MicrosoftEdge_41.16299.371.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
I have not seen this error before and there were no other users in the environment experiencing this issue. My first troubleshooting step was to see if there were any unique applications that were specific to this user.
This particular user is the CFO of the company and logs into a number of banking websites. To enhance security many banks force customers to download additional software to supplement logins in order to prevent intrusion and hack attempts. This user was using a product from IBM
IBM Trusteer Rapport & Microsoft Edge EMODEL.DLL
Continue reading “Microsoft Edge Crashes On Launch – Faulting Module EMODEL.DLL”
It’s been a while since I have written a blog posting. I guess you can say life sometimes gets in the way and things we enjoy doing get pushed aside. I have a few spare moments today to sit down and write so here goes nothing.
First and foremost Webcommand blog has just turned ONE! I started writing exactly one year ago today. When I built this server I was setting a goal to write 5 blog posts a week about 260 in a year. Well I realized its harder to come up with content then I thought. I also realized it is even harder to monetize the site as well (your donations are welcome) However I did manage to write 100 blog posts in the first year and I deem that a success!
Today on the anniversary of Webcommands birth and 100th post I would like to pay tribute to my favorite blogs and give each of them a brief shout out.
My favorite Blogs
Continue reading “Post # 100 My Favorite Blogs”