@EddieJennings said in IBM Datapower on Linux:
I've never dealt with Datapower, but I suspect there's a configuration file related to
datapower-controlthat may need some editing.
So there is a configuration file, but there is no reference at all within the conf file (/var/ibm/datapower/datapower.conf) regarding the LUKS partition.
@CCWTech I wish I had that monitor setup 
As for getting everything to open on a separate monitor and with the content you had open I'm not sure of off hand. I only use two monitors... and all of my content is constantly changing.
@CCWTech said in How to get Chrome to remember which monitors to open on:
I am using Windows 11. This worked fine on Ubuntu but I needed to switch to Windows in order to support other apps.
Maybe I am asking too much but I have 4 screens. I have Chrome open on each screen and about 8 tabs open on each screen.
But, when I reboot, Chrome remembers the tabs I have open, but puts them all on one screen and I have to then re-arrange each time. It's quite a pain, especially with how often Windows makes you reboot.
Is there anything I can do to get Chrome to open as I want it to?
Are your monitors selected as Primary and Secondary, right click on the desktop, Display Settings.
If you want your "right" monitor to be the primary, change it so it is and then move Chrome to that screen. Close it, and reopen to see if the issue is fixed.
Does anyone have any experience with Datapower on Linux?
Simply put, it should be an installation through RPM, which I have all of the RPM. What I'm getting hung up on is the LUKS partitions which are apparently required, but not specified what needs to be done to configure these.
From IBM:
Resource requirements on Linux hosts
To install the DataPower Gateway, the host must meet the following requirements.
To install the RPM packages, the host must be running a supported 64-bit version of Linux.
2 GiB of free storage must be available on /opt.
5 GiB of free storage must be available on /var.
At least two free loop devices are needed, with another loop device when RAID storage is used.
RAID storage, if used, must be configured in the datapower.conf file.
I'm not using raid, here I'm showing the disk layout and the loop devices.
The installation which is a simply yum install xxx.image.x86_64.rpm xxx.common.x86_64.rpm
Which I then should have a stopped "datapower.service", but the service keeps crashing because it's looking for these LUKS partitions.
Nov 07 15:17:52 appconnect.localdomain systemd[1]: datapower.service: Scheduled restart job, restart counter is at 183.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Automatic restarting of the unit datapower.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 07 15:17:52 appconnect.localdomain systemd[1]: Stopped DataPower Service.
-- Subject: Unit datapower.service has finished shutting down
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit datapower.service has finished shutting down.
Nov 07 15:17:52 appconnect.localdomain systemd[1]: Starting DataPower Service...
-- Subject: Unit datapower.service has begun start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit datapower.service has begun starting up.
Nov 07 15:17:53 appconnect.localdomain kernel: loop0: detected capacity change from 0 to 3774873600
Nov 07 15:17:55 appconnect.localdomain bash[105464]: Thu Nov 07 2024 15:17:55 ERR dpControl [pre-start][105464] Cannot unlock LUKS partition 'var_opt_ibm_datapower_datapower_img': Function not implemented (error 38)
Nov 07 15:17:57 appconnect.localdomain systemd[1]: datapower.service: Control process exited, code=exited status=38
Nov 07 15:17:57 appconnect.localdomain datapower-control[105506]: Thu Nov 07 2024 15:17:57 ERR dpControl [post-stop][105506] Cannot open lockfile '/var/opt/ibm/datapower/datapower.img.lck': No such file or directory
Nov 07 15:17:57 appconnect.localdomain datapower-control[105506]: Thu Nov 07 2024 15:17:57 ERR dpControl [post-stop][105506] Cannot close LUKS partition 'var_opt_ibm_datapower_datapower_img': No such device (error 19)
Nov 07 15:17:58 appconnect.localdomain datapower-control[105506]: Thu Nov 07 2024 15:17:58 ERR dpControl [post-stop][105506] No Datapower loop mounts were found. Please reboot the system and verify tha the Datapower service starts up co>
Nov 07 15:17:58 appconnect.localdomain systemd[1]: datapower.service: Control process exited, code=exited status=3
Nov 07 15:17:58 appconnect.localdomain systemd[1]: datapower.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- The unit datapower.service has entered the 'failed' state with result 'exit-code'.
Nov 07 15:17:58 appconnect.localdomain systemd[1]: Failed to start DataPower Service.
-- Subject: Unit datapower.service has failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit datapower.service has failed.
--
-- The result is failed.
Nov 07 15:17:58 appconnect.localdomain systemd[1]: datapower.service: Service RestartSec=100ms expired, scheduling restart.
Nov 07 15:17:58 appconnect.localdomain systemd[1]: datapower.service: Scheduled restart job, restart counter is at 184.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Automatic restarting of the unit datapower.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 07 15:17:58 appconnect.localdomain systemd[1]: Stopped DataPower Service.
-- Subject: Unit datapower.service has finished shutting down
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit datapower.service has finished shutting down.
Nov 07 15:17:58 appconnect.localdomain systemd[1]: Starting DataPower Service...
-- Subject: Unit datapower.service has begun start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit datapower.service has begun starting up.
Nov 07 15:17:59 appconnect.localdomain kernel: loop0: detected capacity change from 0 to 3774873600
Nov 07 15:18:01 appconnect.localdomain bash[105509]: Thu Nov 07 2024 15:18:01 ERR dpControl [pre-start][105509] Cannot unlock LUKS partition 'var_opt_ibm_datapower_datapower_img': Function not implemented (error 38)
Building out a VM for customer support work, nothing special.
@black3dynamite said in Miscellaneous Tech News:
I saw that and just had to laugh, because these people and governments don't understand what encryption means and is meant to do.
@Obsolesce said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
@DustinB3403 said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
@Obsolesce said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
@DustinB3403 said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
want to find a non-kernel based solution and that the EU is at fault.
I still say it could have been avoided if CrowdStrike had tested the change on a single device prior to releasing it publicly. It could have been a simple automated test as part of their release pipeline.
Even a better rollout strategy could have prevented it from going too far.
What's funny is that CS is now saying that they have decided to start testing their releases with the use of "besides showing interest in working with Microsoft to work on the “kernel-level restrictions” development, is also taking a new approach to certify each new sensor release through the “Windows Hardware Quality Labs."
Whats also funny is that if you look at almost any open source software of similar caliber, they do all that stuff in their build and release pipelines or other work flows before public releases.
Exactly!
@Obsolesce said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
@DustinB3403 said in CrowdStrike blames kernel level access on last month Microsoft outage, claims to:
want to find a non-kernel based solution and that the EU is at fault.
I still say it could have been avoided if CrowdStrike had tested the change on a single device prior to releasing it publicly. It could have been a simple automated test as part of their release pipeline.
Even a better rollout strategy could have prevented it from going too far.
What's funny is that CS is now saying that they have decided to start testing their releases with the use of "besides showing interest in working with Microsoft to work on the “kernel-level restrictions” development, is also taking a new approach to certify each new sensor release through the “Windows Hardware Quality Labs."
want to find a non-kernel based solution and that the EU is at fault.
@dbeato Yeah it does it has a webpage that is native to the solution. I don't know that it's optimized for mobile, but I doubt it.
Hey all,
Looking to see if anyone has any recommendations for a hosted solution for Policy Compliance and Reporting.
Currently we use TugBoat Logic, and while it works, its way more focused on being a Vendor Risk management tool and is a wieldy tool that seems to just cover to much.
I'm looking for something that would integrate with AWS/Azure/Google along with a few other vendors to automate the collection of logs.
If you have any recommendations let me know.
@IRJ Yeah I've tried openVAS in the past, it wasn't bad, but it also wasn't great.
I've ended up making some changes to my firewall and using Wazuh to report on my endpoints that are remote to our datacenter.
Which works well enough for our needs
Call with new customer and support engineer who will be doing the work.
Nothing fancy
@gjacobse said in ReadyNAS314: likely failing:
@DustinB3403 said in ReadyNAS314: likely failing:
@gjacobse said in ReadyNAS314: likely failing:
I do have a “backup” but, looks like it’s a month or so old.
This is where you screwed up...
You know what they say about people and glass houses?
Hey I'm sure I'll have my own issue at some point.
lol
@gjacobse said in ReadyNAS314: likely failing:
I do have a “backup” but, looks like it’s a month or so old.
This is where you screwed up...
So I've used qualys when I worked for an MSP and actually liked it, besides of a few things.
Setting up networks sucked
The interface generally was a bit confusing to get used to (infrequent customers)
The reporting was incredibly in-depth, I can't say I ever saw remediated vulns being detected again
We settled on Wazuh for now as it at least covers our needs and lists different vulnerabilities.
@nadnerB said in Vulnerability Assessment and Alerting Solutions:
Have a look at Rapid7 InsightVM
Never heard of it, what makes it good?
Hey All,
I'm looking for a vulnerability assessment and alerting solution that is going to have to be agent based to alert for any OS vulnerabilities for a remote workforce.
Wazuh is the top item that comes to mind, but I'm not a huge fan of its presentation, likely I just need to sort out the views.
Does anyone else have any recommendations?
The target group is endpoint devices (workstations) and datacenter equipment.
TIA
@gjacobse If you open PM, select "Print Servers" > Expand the server > Select "Ports" and then select Export you'll get the port details (ip, WSD etc) into a txt file.