iptables INPUT denied from Ossec alerts

I just installed Ossec HIDS in a Ubuntu 18.04 server, and I received a list of Level 2 alerts like the following: Rule: 1002 fired (level 2) -> “Unknown problem somewhere in the system.” Jan 17 17:59:57 fireworks kernel: [ 8014.002457] iptables_INPUT_denied: IN=eth0 OUT= MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=XX.XXX.XX.XXX DST=XXX.XXX.XXX.XX LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=5565 PROTO=TCP SPT=40869 DPT=8129…

permit_mynetworks overrides check_sender_access?

I am configuring a postfix relay hosted on a cloud provider. I would like to allow relay access only to public IPs of my company and to a precise list of senders. So here are my main.cf configurations: mynetworks = 127.0.0.0/8 1.2.3.4/23 4.5.6.7/32 7.8.9.1/24 smtpd_recipient_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/allowed_senders, reject_unauth_destination allowed_senders is like this: [email protected]

What is a recommended way of thransferring am iocage jail from one host to another

Source iocage thick jail running on FreeBSD-12.0p12 Destination FreeBSD-12.1p1 Both hosts are using zfs. What is the recommended method to transfer an existing iocage thick jail from the source to the destination? Is it as simple as: rsync -aqz -e “ssh -o LogLevel=error” /zroot/iocage/jails/testjail \ destination:/zroot/iocage/jails Presuming that iocage is installed on both hosts, that…

How to split dns configuration within 2 servers

I have both aws route53 and a dedicated server dns conf I tried setting NS records – ns111.awsdns-xz.co. – ns112.awsdns-xz.co. – ns113.awsdns-xz.co. Basically what I want to achieve is to have multiple unrelated DNS records on both servers as managed by 2 different persons. NS record domain registrar ns1.xxx.ovh.com dns records dedicatedServer.ovh.com a : site.com…

Remove TerminalServices SSLCertificateSHA1Hash

I would like to remove RDP certificate that I previously set through the command wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash=$CertificateThumbprint Is it safe to direct remove the certificate or exists some command like wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Remove SSLCertificateSHA1Hash that I need to run before delete the certificate?