New Cert

linux Expert


I will cut right to the chase …
If you get the following pop up on your computer, then its probably too late. I have had 3 seperate client offices affected by this virus. The first time I paid the ransom to decrypt my files. The 2nd and 3rd time I was prepared and had backups running with rsnapshot so I was able to go back several hours to before the infection encrypted my whole server. The user who initially had the infection lost all files on the desktop and my documents since those are not backed up.

Here are some useful links on the subject

Bleeping Computer has a lot of good info: <<<<LINK>>>>

Blocking executables in %AppData% (this is where the virus runs from): <<<<LINK>>>>

I used secpol.msc on a windows XP workstation to determine what needed to be blocked. I then went into the registry and exported the following keys so that I could use a login script to apply the keys to other workstations on the network.

####Reg file contents (import into registry windows XP #####

Windows Registry Editor Version 5.00


“Description”=”dont allow executables from AppData”

“Description”=”dont allow executable from subpath in AppData”

# Zimbra Backup Script
# Daniel W. Martin, 5 Dec 2008
# Original scripts:
#  http://wiki.zimbra.com/wiki/Open_Source_Edition_Backup_Procedure

touch /opt/backup/backup_$(date +%a).log

# Outputs the time the backup started, for log/tracking purposes

echo “Time backup started = $(date +%a) $(date +%T)” > /opt/backup/backup_$(date +%a).log
before=”$(date +%s)”

# Live sync before stopping Zimbra to minimize sync time with the services down
# Comment out the following line if you want to try single cold-sync only
# amended smc 3-28-13 zimbra 8 pre allocates 85GB to ldap dbase excluding folder from now on

rsync -avHK –exclude “/opt/zimbra/data/ldap” –delete /opt/zimbra/ /opt/backup/zimbra

# Including –delete option gets rid of files in the dest folder that don’t exist at the src
# this prevents logfile/extraneous bloat from building up overtime.
# Now we need to shut down Zimbra to rsync any files that were/are locked
# whilst backing up when the server was up and running.

before2=”$(date +%s)”

# Stop Zimbra Services

su – zimbra -c”/opt/zimbra/bin/zmcontrol stop”
sleep 15

# Kill any orphaned Zimbra processes

ORPHANED=`ps -u zimbra -o “pid=”` && kill -9 $ORPHANED

# Only enable the following command if you need all Zimbra user owned
# processes to be killed before syncing
# ps auxww | awk ‘{print $1” “$2}’ | grep zimbra | kill -9 `awk ‘{print $2}’`
# Sync to backup directory
# amended smc 3-28-13 zimbra 8 pre allocates 85GB to ldap dbase excluding folder from now on
# amended smc 3-28-13 using ldap util to backup ldap database correctly

su – zimbra -c “/opt/zimbra/libexec/zmslapcat -c /opt/backup/ldap”
su – zimbra “/opt/zimbra/libexec/zmslapcat -c /opt/backup/ldap”
rsync -avHK –exclude “/opt/zimbra/data/ldap” –delete /opt/zimbra/ /opt/backup/zimbra

# Restart Zimbra Services

su – zimbra -c “/opt/zimbra/bin/zmcontrol start”

# Calculates and outputs amount of time the server was down for

after=”$(date +%s)”
elapsed=”$(expr $after – $before2)”
hours=$(($elapsed / 3600))
elapsed=$(($elapsed – $hours * 3600))
minutes=$(($elapsed / 60))
seconds=$(($elapsed – $minutes * 60))
echo “”Server was down for: “$hours hours $minutes minutes $seconds seconds”” >> /opt/backup/backup_$(date +%a).log

# Create a txt file in the backup directory that’ll contains the current Zimbra
# server version. Handy for knowing what version of Zimbra a backup can be restored to.
# su – zimbra -c “zmcontrol -v > /backup/zimbra/conf/zimbra_version.txt”
# or examine your /opt/zimbra/.install_history
# Display Zimbra services status

echo “Displaying Zimbra services status…” >> /opt/backup/backup_$(date +%a).log
su – zimbra -c “/opt/zimbra/bin/zmcontrol status” >> /opt/backup/backup_$(date +%a).log

# Create archive of backed-up directory for offsite transfer

cd /opt/backup/zimbra
umask 0177
tar -zcvf /opt/backup/mail.backup_$(date +%a).tgz -C /opt/backup/zimbra/ /opt/backup/ldap .

# Transfer file to backup server

echo “Trasfer mail.backup_date.tgz to backup server@zimbra_backup.com:/opt/backup” >> /opt/backup/backup_$(date +%a).log
scp /opt/backup/mail.backup_$(date +%a).tgz root@zimbra_backup.com:/opt/backup >> /opt/backup/backup_$(date +%a).log
/bin/rm -rf /opt/backup/mail.backup_$(date +%a).tgz >> /opt/backup/backup_$(date +%a).log

# Outputs the time the backup finished

echo “Time backup finished = $(date +%T)” >> /opt/backup/backup_$(date +%a).log

# Calculates and outputs total time taken

after=”$(date +%s)”
elapsed=”$(expr $after – $before)”
hours=$(($elapsed / 3600))
elapsed=$(($elapsed – $hours * 3600))
minutes=$(($elapsed / 60))
seconds=$(($elapsed – $minutes * 60))
echo “Time taken: “$hours hours $minutes minutes $seconds seconds”” >> /opt/backup/backup_$(date +%a).log
echo “disk information:” >> /opt/backup/backup_$(date +%a).log
df -h >> /opt/backup/backup_$(date +%a).log
(echo “Subject: Backup Log $(date +%a)”;echo;/bin/cat /opt/backup/backup_$(date +%a).log) | /opt/zimbra/postfix/sbin/sendmail -F admin@zimbra.com -t sanga.c@zimbra.com


Alfresco updates

Added Wiki, data lists, calendar, discussions, blog and links to the ITM site. More to come

When setting up fetchmail to poll from servers with SSL security, you may recieve the follwing error flooding your logs

Mar 7 11:55:10 cs fetchmail[id#]: Server certificate verification error: unable to
verify the first certificate

This is caused from the servers cert missing in the local certificate store. below is 1 method for correcting this issue.

1. Install required packages (centos)

yum install openssl openssl-devel openssl-perl

2. Get certificate from mail server

openssl s_client -connect mail.it-mgt.com:995 -showcerts

3. copy everything from “—–BEGIN CERTIFICATE—–” to “—–END CERTIFICATE—–” to a file called mail.it-mgt.com.pem and save it in /usr/loca/etc/fetchmail/certs

4. look for the “issuer=’ line to find where the certificate was issued from. Go to the issuers website and obtain the “Base-64 encoded x.509” cert and save that to a file in the same location with extension .pem

5. run the follwoing command to hash the certs for use.

c_rehash /usr/local/etc/fetchmail/certs

6. In /etc/fetchmailrc At the end of each user line that polls the server whose cert we just added tot he local store add the following:

sslcertck sslcertpath /usr/local/etc/fetchmail/certs

I dont think you need the part about sslcertpath if you put the certs in yout default ssl certificate store.

usb boot disk osx

Making a bootable USB drive from ISO image OS

2010 in review

The stats helper monkeys at WordPress.com mulled over how this blog did in 2010, and here’s a high level summary of its overall blog health:

Healthy blog!

The Blog-Health-o-Meter™ reads This blog is doing awesome!.

Crunchy numbers

Featured image

A Boeing 747-400 passenger jet can hold 416 passengers. This blog was viewed about 5,700 times in 2010. That’s about 14 full 747s.


In 2010, there were 10 new posts, growing the total archive of this blog to 19 posts. There were 12 pictures uploaded, taking up a total of 122kb. That’s about a picture per month.

The busiest day of the year was September 21st with 92 views. The most popular post that day was 2. Creating User Accounts.

Where did they come from?

The top referring sites in 2010 were google.com, chimac.net, google.co.in, google.co.id, and google.com.vn.

Some visitors came searching, mostly for hackintosh you need to restart your computer, you need to restart your computer hackintosh, zimbra, centos zimbra mail, and zimbra centos 5.4.

Attractions in 2010

These are the posts and pages that got the most views in 2010.


2. Creating User Accounts April 2009


Zimbra Setup: CentOS 5.4 April 2010


hackintosh – You need to restart your computer May 2010


Squid Proxy with dansguardian Webfilter August 2010


1. Install CentOS directory server April 2009