Soluții

PowerShell script to retrieve security-related events

PowerShell script to retrieve security-related events from the Windows Event Log, specifically from the Security log.

# Define the log name and security-related event IDs (adjust as needed)
$logName = “Security”
$securityEventIDs = @(4624, 4625, 4672, 4688, 4634, 4648, 4768, 4776) # Common security event IDs

# Get security events from the Windows Event Log
$securityEvents = Get-WinEvent -LogName $logName -MaxEvents 50 | Where-Object { $_.Id -in $securityEventIDs }

# Display the results
if ($securityEvents) {
foreach ($event in $securityEvents) {
Write-Output “———————————-”
Write-Output “Time: $($event.TimeCreated)”
Write-Output “Event ID: $($event.Id)”
Write-Output “Message: $($event.Message)”
}
} else {
Write-Output “No security events found.”
}

Event ID Description
4624 Successful login
4625 Failed login
4672 Special privileges assigned (admin logins)
4688 A new process was created
4634 Logoff event
4648 Explicit credential logon (RunAs)
4768 Kerberos authentication (TGT request)
4776 NTLM authentication attempt
[mai mult...]

PowerShell script to retrieve VPN events

PowerShell script to retrieve VPN events from the Windows Event Log. It focuses on events related to VPN connections (RAS and IKEv2).

# Define the log name and event IDs for VPN connections
$logName = “Application”
$vpnEventIDs = @(20225, 20226, 20227, 20255) # Example VPN event IDs

# Retrieve VPN connection events from the Event Log
$vpnEvents = Get-WinEvent -LogName $logName | Where-Object { $_.Id -in $vpnEventIDs }

# Display the results
if ($vpnEvents) {
foreach ($event in $vpnEvents) {
Write-Output “———————————-”
Write-Output “Time: $($event.TimeCreated)”
Write-Output “ID: $($event.Id)”
Write-Output “Message: $($event.Message)”
}
} else {
Write-Output “No VPN events found.”
}

  • Queries the Windows Event Log for VPN-related events
  • Filters based on event IDs typically associated with VPN connections
  • Displays relevant event details.
[mai mult...]

Configurate Bypass Rspamd step by step

Bypassing Rspamd for specific emails, domains, or users requires configuring whitelisting rules and scoring adjustments in Rspamd’s configuration files. Here’s a step-by-step guide to configuring a bypass in Rspamd:

Step 1: Access the Rspamd Configuration Directory

  1. Connect to your server via SSH:

sh

CopyEdit

ssh user@yourserver

2. Navigate to the Rspamd configuration directory:

sh

CopyEdit

cd /etc/rspamd/

Step 2: Whitelist an Email or Domain

To bypass Rspamd filtering for specific senders or domains:

  1. Open the whitelist configuration file (create if it doesn’t exist):

sh

CopyEdit

sudo nano /etc/rspamd/local.d/whitelist_sender.map

2. Add the emails or domains you want to bypass (one per line):

pgsql

CopyEdit

user@example.com

@trusted-domain.com

3. Save and exit (CTRL + X, then Y, then Enter).

4. Now, link this whitelist to Rspamd filtering:

sh

CopyEdit

sudo nano /etc/rspamd/local.d/settings.conf

5. Add the following configuration:

yaml

CopyEdit

whitelist {

priority = “high”;

from = “/etc/rspamd/local.d/whitelist_sender.map”;

apply {

symbols_disabled = [“ALL”];

groups_disabled = [“antivirus”, “antiphishing”, “antispam”];

}

}

 6. Save and exit.

Step 3: Disable Scoring for Whitelisted Senders

If you want to ensure that whitelisted senders have zero spam score:

  1. Edit the scores configuration file:

sh

CopyEdit

sudo nano /etc/rspamd/local.d/metrics.conf

 2. Add:

yaml

CopyEdit

whitelist {

id = “whitelist”;

score = -100;

description = “Whitelisted sender, bypass Rspamd checks”;

}

3. Save and exit.

Step 4: Restart Rspamd

After making changes, restart Rspamd to apply them:

sh

CopyEdit

sudo systemctl restart rspamd

Step 5: Verify the Configuration

To check if the bypass is working:

sh

CopyEdit

rspamc symbols test-email@example.com

  • If the whitelisted sender is working, the spam score should be low or zero.
[mai mult...]

Cum creați fișiere cu date în terminalul Linux

De cele mai multe ori, creăm fișiere pentru a stoca text, cod sau date chiar de la început. Puteți efectua toate acestea cu comenzi precum cat, echo și printf. Aceste comenzi oferă o modalitate rapidă de a adăuga text fără a părăsi terminalul. Vă recomand să utilizați aceste comenzi atunci când nu aveți nevoie de opțiuni avansate de editare și trebuie doar să salvați una sau mai multe rânduri în fișierele de configurare nou create.

[mai mult...]

Microsoft calendar configuration step by step

Microsoft Calendar (Outlook Calendar) in different scenarios:

1. Accessing Microsoft Calendar (Outlook Calendar)

For Web Users (Outlook.com)

  1. Go to Outlook.com
  2. Sign in with your Microsoft account
  3. Click on the Calendar icon on the left panel.

For Windows Outlook (Desktop App)

  1. Open Microsoft Outlook
  2. Click on File > Account Settings > Account Settings
  3. Under the Email tab, ensure your email account is set up
  4. Click on Calendar in the navigation bar.

For Microsoft Teams

  1. Open Microsoft Teams
  2. Click on Calendar in the left menu
  3. Ensure it syncs with your Outlook Calendar.

2. Adding and Syncing Calendars

Adding a New Calendar

  1. Open Outlook Calendar
  2. Click on Add Calendar > Create New Calendar
  3. Name the calendar and select a color
  4. Click Save.

Syncing with Google Calendar

  1. Open Outlook Web
  2. Click Add Calendar > Add Personal Calendars
  3. Select Google and sign in to your Google account
  4. Allow access and sync.

3. Sharing your Calendar

  1. Open Outlook Calendar
  2. Click Share (top-right corner)
  3. Enter the email of the person to share with
  4. Select permissions (View, Edit, etc.)
  5. Click Send.

4. Configuring Notifications & Reminders

  1. Open Settings in Outlook.
  2. Go to Calendar Settings.
  3. Enable Email or Pop-up notifications for events.

5. Connecting Microsoft Calendar to Mobile Devices

On Android

  1. Install the Outlook app from the Play Store
  2. Sign in with your Microsoft account
  3. Go to Settings > Accounts > Sync Calendar.

On iPhone

  1. Open Settings > Calendar > Accounts
  2. Tap Add Account > Outlook
  3. Sign in and enable Calendar Sync.
[mai mult...]