NickTheGreek

η λειτουργικότητα του Μητρώου έχει αποκατασταθεί

κατι τρέχει με το Μητρώο Ονοματοδοσίας Ονομάτων χώρου .GR από το http:///www.gr ου ανακατευθύνει στο: https://grweb.ics.forth.gr/public/Whois?lang=el αν κάνει κάποιος WHOIS check: δεν παίρνει απάντηση παρά μονο: HTTP Status 500 - java.lang.NullPointerException type Exception report message java.lang.NullPointerException description The server encountered an internal error that prevented it from fulfilling this request. exception org.apache.jasper.JasperException: java.lang.NullPointerException org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:561) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) javax.servlet.http.HttpServlet.service(HttpServlet.java:731) gr.forth.ics.cctld.gr.web.HttpHeadersFilter.doFilter(HttpHeadersFilter.java:85) gr.ics.forth.www.Whois.doPost(Whois.java:339) javax.servlet.http.HttpServlet.service(HttpServlet.java:650) javax.servlet.http.HttpServlet.service(HttpServlet.java:731) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) gr.forth.ics.cctld.gr.web.HttpHeadersFilter.doFilter(HttpHeadersFilter.java:85) root cause java.lang.NullPointerException note The full stack trace of the root cause is available in the logs.

You might not be aware of a porn site titled teen[sexual orientation][bodypart].com. You most certainly don’t want to discover that site when you type in your company’s URL and get redirected to teen[sexual orientation][bodypart].com… all thanks to refusing to pay a $10,000 ransom to an IT admin contractor from Hell. The IT admin is Tavis Tso, a 40-year-old Arizona man who’s confessed to lying to a client company in Phoenix, telling them he didn’t have the login information for their account with the registrar GoDaddy (likely for domain name or hosting). Tso had renewed the company’s GoDaddy account in 2011. In May 2015, the company wanted to update its contact details with the domain registrar. Can’t help, Tso said; I don’t have the login anymore. Fibber. He did have the login. He just didn’t want to give it to them, instead changing the contact information in the GoDaddy account so he could defraud the company, Tso said in a plea deal. Then, he went ahead and set up his own account with Microsoft to take over the company’s domain. This all went down between May and June 2015. By tweaking the account, Tso made it so the company’s employees couldn’t use their email accounts. At first, he redirected the company’s homepage to a blank page. Then, he offered to make it all better… in exchange for a cool $10,000 for returning everything to normal. No dice, the company said. After the company refused to pay the ransom, Tso redirected the company’s homepage to the porn site. Visitors to the company’s website were redirected for several days, during which they found themselves looking at teen something-something, before the company’s homepage was returned to normal. According to a release from the Arizona US Attorney’s Office, Tso was sentenced on Monday to four years of probation and an order to pay $9,145 in restitution after having pleaded guilty to one count of wire fraud. And just how did this young extortionist IT admin from Hell escape jail time? According to the sentencing memorandum, posted courtesy of Ars Technica, assistant US Attorney Matthew Binford said that the crime, committed by Tso when he was 39, was apparently out of character: a “one-time lapse.” How to keep your domain from redirecting to What the (*&^?! As we’ve advised in the past, a sound course of action in dealing with security breaches, be they from malicious insiders, insiders who make mistakes or contractors, is to have an incident-handling plan in place before a breach takes place, rather than after. For example, a good incident-handling plan includes things such as the distribution of call cards, which could help in the event that normal communications are held hostage by a malicious insider who disrupts access to the LAN so that nobody can find anyone else’s phone number and email. Knowing how to report crimes and engage law enforcement can also be important. https://nakedsecurity.sophos.com/2017/09/21/admin-from-hell-holds-company-to-ransom-with-porn-makeover/

απαραίτητη σημείωση για όποιον μου πει: τι περιμένεις από μια δωρεάν υπηρεσία

μόνο τα σημερινά σχόλια δείχνουν αναρίθμητα https://downtoday.co.uk/outlook-problems/

http://www.express.co.uk/life-style/science-technology/855572/Outlook-DOWN-not-working-e-mails-not-sending-login-issues Outlook DOWN - Outlook not working for hundreds as e-mails not sending and login issues OUTLOOK is down with the service not working for hundreds of users who reported e-mails not sending and login issues today. By Dion Dassanayake PUBLISHED: 12:10, Mon, Sep 18, 2017 | UPDATED: 17:52, Mon, Sep 18, 2017 UPDATE SIX: Microsoft have updated their Service Health website to say that Outlook is down. The update said that users may not be able to send e-mail, may be unable to access their Outlook.com accounts and that sent e-mails may remain in the drafts folder. Describing the current status of Outlook, Microsoft added: “We've identified that a subset of infrastructure was unable to process requests as expected, which caused general service availability to drop unexpectedly. “We've redirected requests to alternate infrastructure to restore service, and we're monitoring the environment while connectivity recovers. “Additionally, we're investigating an issue in which users are unable to send email messages.” The Outlook Twitter account has also been telling users that a fix is currently being worked on. UPDATE FIVE: Microsoft have spoken out about the outage affecting Outlook users today. Outlook has been down and not working for hundreds of users today, with the issue first beginning around 9am BST. Microsoft have told Express.co.uk that they are investigating the issue and working to fix it as soon as possible. A Microsoft spokesperson said: “Intermittent connectivity is affecting customers in some European countries, which we are working to resolve as soon as possible.”

Title: Can't connect to Outlook.com User Impact: Users located in Europe may be unable to send or receive email messages. More info: Additionally, users may be unable to access their outlook.com email accounts. Users may also observe that sent emails remain in the Drafts folder. Current status: We're continuing to investigate network routes between subcomponents of the outlook.com service to determine the source of the issue and to identify our next troubleshooting steps. Start time: Monday, September 18, 2017, at 7:20 AM UTC Next update by: Monday, September 18, 2017, at 6:30 PM UTC Title: Can't connect to Outlook.com User Impact: Users may be unable to send email messages. More info: Previously, users may have been unable to access their outlook.com email accounts. Users may observe that sent emails remain in the Drafts folder. Current status: We've identified that a subset of infrastructure was unable to process requests as expected, which caused general service availability to drop unexpectedly. We've redirected requests to alternate infrastructure to restore service, and we're monitoring the environment while connectivity recovers. Additionally, we're investigating an issue in which users are unable to send email messages. Start time: Monday, September 18, 2017, at 7:20 AM UTC Next update by: Monday, September 18, 2017, at 4:30 PM UTC Title: Can't send or receive emails User Impact: Users may be unable to send or receive emails Current status: We're analyzing diagnostics to understand the root cause and establish a fix. Start time: Monday, September 18, 2017, at 7:20 AM UTC https://portal.office.com/servicestatus

εδω και μερικες ωρες ενα Hotmail account που εχω καπου 20 χρονια δειχνει σαν να σταματησε, ουτε λαμβάνω ούτε μπορω να στειλω. Αρχικα για 1-2 ώρες απλα υπεθεσα πως δεν υπαρχει κάτι εισερχόμενο αλλα λόγω παλαιότητας και χρήσης από ένα σημείο και μετα αυτό φάνταζε αδύνατο ( συγκεκριμενα newsletters και log files έρχονται και εκεί σε κάποιο χρονικό σημείο της ημέρας ) τελικά δοκίμασα να στείλω καποια δοκιμή, τίποτα. τα email απλά κάθονται στα Draft και εκεί είπα να το ψάξω για να ανακαλύψω πως υπάρχει γενικότερο πρόβλημα στην Ευρώπη !

Are you a Linux system administrator and want to monitor interactive activity of all system users (Linux commands they executes) in real-time. In this brief Linux system security guide, we will explain how to view all Linux shell commands executed by system users in real-time. If your system has bash, the most commonly used shell out there then all commands executed by normal system users will be stored in the .bash_history hidden file which is kept in each user’s home directory. The content of this file can be viewed by users, using the history command. To view a user aaronkilik’s .bash_history file, type: # cat /home/aaronkilik/.bash_history User bash-history file Monitor User Activity in Real-time Using Sysdig in Linux To get a glimpse of what users are doing on the system, you can use the w command as follows. # w Monitor Logged in Users But to have a real-time view of the shell commands being run by another user logged in via a terminal or SSH, you can use the Sysdig tool in Linux. Sydig is an open-source, cross-platform, powerful and flexible system monitoring, analysis and troubleshooting tool for Linux. It can be used for system exploration and debugging. Once you have installed sysdig, use the spy_users chisel to spy on users by running the command below. # sysdig -c spy_users The above command displays every command that users launch interactively as well as every directory users visit. Monitor User Activity in Real-Time https://www.tecmint.com/monitor-linux-commands-executed-by-system-users-in-real-time/

Copy folder structure (sans files) from one location to another cd /path/to/directories && find . -type d -exec mkdir -p -- /path/to/backup/{} \; https://stackoverflow.com/questions/4073969/copy-folder-structure-sans-files-from-one-location-to-another

JPEG Autorotate Windows 2000, XP, Vista, 7, 8 Ever had the problem of pictures taken in portrait showing up in landscape in emails, on your blog or on your mobile device? JPEG Autorotate is the solution. It's quick, it's simple, it's free. Photos from most digital cameras already contain the information needed to rotate photos the right way up. This little app uses that information to automatically make sure your photos show up correctly everywhere. No need to do this by hand anymore. Looking for developers! Please note: JPEG Autorotate is no longer being actively maintained by me. The source code is freely available on Git. If you wish to take over the maintenance, I will likely be happy to give over the ownership - it's just easy to understand batch and NSIS installer code. Open source experience can be an useful addition in your CV. Please contact me here if you're interested. Mostly maintenance consists of forwarding bug reports over to jhead since all JPEG Autorotate does is execute something like "jhead.exe -autorot C:\Users\Pictures\*.jpg" anyway. Facebook page of JPEG Autorotate What? Help & compatibility Features Changes License, credits It adds right click menu items to Windows for folders and photo files (.jpg, .jpeg). Then you can effortlessly rotate, with no quality loss: single images, all images in a folder all images in a folder and in all its subfolders according to the EXIF orientation metadata (stored in photos by most digital cameras). More screenshots: Softpedia Photo-Freeware.net Tutorial video: Softoxi.com https://savolai.net/software/JPEG-EXIF_autorotate

Version 4.2.3 of the IPS Community Suite is now available. This includes a security patch and we recommend you upgrade as soon as possible. 4.2.3 is a maintenance release that fixes issues identified in 4.2.2. Please note if you use https in the AdminCP, but not on the front-end, the auto-upgrade process may not work correctly. You should download this update from the client area and upgrade manually. Also included: 4.2.2 4.2.2 is a maintenance release that fixes issues identified in 4.2.1 and: A new extraction process to make auto-upgrades more robust The upgrade system will do a check of all files to ensure they are up to date before proceeding Security Notice This release also contains security enhancements to prevent possible XSS and increase protections on account management functions. It is recommended you upgrade to ensure the security on your Community. Thanks to @newbie LAC and Raja uzair Abdullah for reporting security issues. Version 4.2 is the next large release for Invision Community! We are very excited to introduce all the new features and improvements. Full information on 4.2.0 ... Also included: 4.2.1 Version 4.2 is the next large release for Invision Community! We are very excited to introduce all the new features and improvements. Full information on 4.2.0 ... 4.2.1 is a maintenance release to fix minor issues. Also included: 4.2.0 Version 4.2.0 is the next large release for Invision Community! We are very excited to introduce all the new features and improvements. Full information on 4.2.0 ...

It is no secret that I am a pretty big fan of excellent Linux Software RAID. Creating, assembling and rebuilding small array is fine. But, things started to get nasty when you try to rebuild or re-sync large size array. You may get frustrated when you see it is going to take 22 hours to rebuild the array. You can always increase the speed of Linux Software RAID 0/1/5/6 reconstruction using the following five tips. Recently, I build a small NAS server running Linux for one my client with 5 x 2TB disks in RAID 6 configuration for all in one backup server for Linux, Mac OS X, and Windows XP/Vista/7/10 client computers. Next, I type the command cat /proc/mdstat and it reported that md0 is active and recovery is in progress. The recovery speed was around 4000K/sec and will complete in approximately in 22 hours. I wanted to finish this early. A note about lazy initialization and ext4 file system When creating an ext4 file system, the Linux kernel uses lazy initialization. This feature allows the faster creatation of a file system. A process called “ext4lazyinit” runs in the background to create rest of all inode tables. As a result, your RAID rebuild is going to operate at minimal speed. This only affects if you have just created an ext4 filesystem. There is an option to enable or disable this feature while running mkfs.ext4 command: lazy_itable_init[= <0 to disable, 1 to enable>] – If enabled and the uninit_bg feature is enabled, the inode table will not be fully initialized by mke2fs. This speeds up filesystem initialization noticeably, but it requires the kernel to finish initializing the filesystem in the background when the filesystem is first mounted. If the option value is omitted, it defaults to 1 to enable lazy inode table zeroing. lazy_journal_init[= <0 to disable, 1 to enable>] – If enabled, the journal inode will not be fully zeroed out by mke2fs. This speeds up filesystem initialization noticeably, but carries some small risk if the system crashes before the journal has been overwritten entirely one time. If the option value is omitted, it defaults to 1 to enable lazy journal inode zeroing. Tip #1: /proc/sys/dev/raid/{speed_limit_max,speed_limit_min} kernel variables The /proc/sys/dev/raid/speed_limit_min is config file that reflects the current “goal” rebuild speed for times when non-rebuild activity is current on an array. The speed is in Kibibytes per second (1 kibibyte = 210 bytes = 1024 bytes), and is a per-device rate, not a per-array rate . The default is 1000. The /proc/sys/dev/raid/speed_limit_max is config file that reflects the current “goal” rebuild speed for times when no non-rebuild activity is current on an array. The default is 100,000. To see current limits, enter: # sysctl dev.raid.speed_limit_min # sysctl dev.raid.speed_limit_max Sample outputs: dev.raid.speed_limit_min = 10000 dev.raid.speed_limit_max = 20000 NOTE: The following hacks are used for recovering Linux software raid, and to increase the speed of RAID rebuilds. Options are good for tweaking rebuilt process and may increase overall system load, high cpu and memory usage. To increase speed, enter: echo value > /proc/sys/dev/raid/speed_limit_min OR sysctl -w dev.raid.speed_limit_min=value In this example, set it to 50000 K/Sec, enter: # echo 50000 > /proc/sys/dev/raid/speed_limit_min OR # sysctl -w dev.raid.speed_limit_min=50000 If you want to override the defaults you could add these two lines to /etc/sysctl.conf: #################NOTE ################ ## You are limited by CPU and memory too # ########################################### dev.raid.speed_limit_min = 50000 ## good for 4-5 disks based array ## dev.raid.speed_limit_max = 2000000 ## good for large 6-12 disks based array ### dev.raid.speed_limit_max = 5000000 Tip #2: Set read-ahead option Set readahead (in 512-byte sectors) per raid device. The syntax is: # blockdev --setra 65536 /dev/mdX ## Set read-ahead to 32 MiB ## # blockdev --setra 65536 /dev/md0 # blockdev --setra 65536 /dev/md1 Tip #3: Set stripe-cache_size for RAID5 or RAID 6 This is only available on RAID5 and RAID6 and boost sync performance by 3-6 times. It records the size (in pages per device) of the stripe cache which is used for synchronising all write operations to the array and all read operations if the array is degraded. The default is 256. Valid values are 17 to 32768. Increasing this number can increase performance in some situations, at some cost in system memory. Note, setting this value too high can result in an “out of memory” condition for the system. Use the following formula: memory_consumed = system_page_size * nr_disks * stripe_cache_size To set stripe_cache_size to 16 MiB for /dev/md0, type: # echo 16384 > /sys/block/md0/md/stripe_cache_size To set stripe_cache_size to 32 MiB for /dev/md3, type: # echo 32768 > /sys/block/md3/md/stripe_cache_size Tip #4: Disable NCQ on all disks The following will disable NCQ on /dev/sda,/dev/sdb,..,/dev/sde using bash for loop ## sample for loop ## for i in sd[abcde] do echo 1 > /sys/block/$i/device/queue_depth done Tip #5: Bitmap Option Bitmaps optimize rebuild time after a crash, or after removing and re-adding a device. Turn it on by typing the following command: # mdadm --grow --bitmap=internal /dev/md0 Once array rebuild or fully synced, disable bitmaps: # mdadm --grow --bitmap=none /dev/md0 Results My speed went from 4k to 51k: cat /proc/mdstat Sample outputs: Personalities : [linear] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4] [multipath] md5 : active raid1 sde2[2](S) sdd2[3](S) sdc2[4](S) sdb2[1] sda2[0] 530048 blocks [2/2] [UU] md0 : active raid6 sde3[4] sdd3[3] sdc3[2] sdb3[1] sda3[0] 5855836800 blocks level 6, 64k chunk, algorithm 2 [5/5] [UUUUU] [============>........] resync = 61.7% (1205475036/1951945600) finish=242.9min speed=51204K/sec Monitoring raid rebuilding/recovery process like a pro You cat /proc/mdstat file. This read-only file contains information about the status of currently running array and shows rebuilding speed: # cat /proc/mdstat Alternatively use the watch command to display /proc/mdstat output on screen repeatedly, type: # watch -n1 cat /proc/mdstat Sample outputs: Fig.01: Performance optimization for Linux raid6 for /dev/md2 The following command provide details about /dev/md2 raid arrray including status and health report: # mdadm --detail /dev/md2 Sample outputs: Fig.02: Finding out information about md2 raid array Another option is to see what is actually happening by typing the following iostat command to see disk utilization: watch iostat -k 1 2 watch -n1 iostat -k 1 2 Sample outputs: Fig.03: Find out CPU statistics and input/output statistics for devices and partitions References: See man pages – md(4),mdadm(8) /etc/cron.d/mdadm and /usr/share/mdadm/checkarray on Debian/Ubuntu Linux Posted by: Vivek Gite The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+. https://www.cyberciti.biz/tips/linux-raid-increase-resync-rebuild-speed.html

The SNDS program provides data about traffic seen originating from your registered IP, such as mail volume and complaint rates. The data is built from the log files of the inbound mail machines and other servers at Outlook.com and Microsoft and represents factual information about the traffic from your mail servers to Outlook.com users. This is a service that helps legitimate email senders work with their customers and partners to reduce spam originating from their IP. This program allows a sender to monitor the 'health' of their IPs. For more information about this free program refer to https://postmaster.live.com/snds/FAQ.aspx. To register, please go to http://postmaster.msn.com/snds/. (Tip: As part of the enrollment process, you are asked to sign the JMRP program agreement and then send a response to Support indicating that it has been signed. It's not uncommon for that step in the enrollment process to be missed.) NOTE: The SNDS tool and/or enrollment in the JMRP will not allow emails from your mail servers to bypass our filters, these are in place to help legitimate companies deliver their emails to Outlook.com customers.

We believe that your recipients are the best indicator that the email you are sending is wanted. The JMRP program allows you to see which of your emails Outlook.com users have marked as junk or unwanted mail. Reviewing the results in JMRP will provide to the most direct information on what characteristics of your email, customers, and ultimately SmartScreen®, consider to be unwanted. This helpful feedback mechanism allows you to ensure that mails being sent from your IP are not resulting in negative feedback that could impact your sending reputation. Being vigilant about users who mark your e-mail as unwanted or the types of messages that are being marked as unwanted can help you keep mailing lists updated with only interested users and modify future campaigns. In addition, monitoring user complaints can help you identify unintended mail traffic or detect a potentially compromised account sending unwanted mail to your customers. Enroll at https://postmaster.live.com/snds/JMRP.aspx?wa=wsignin1.0.

A circle of dots, but every dot alone is just moving in a straight line.

IPS Community Suite 4.2.3 Released 08/29/2017 This is a security release and we recommend all clients upgrade as soon as possible. Key Changes 4.2.3 is a maintenance release that fixes issues identified in 4.2.2. Please note if you use https in the AdminCP, but not on the front-end, the auto-upgrade process may not work correctly. You should download this update from the client area and upgrade manually. Additional Information This release addresses an XSS vulnerability and we recommend all clients upgrade as soon as possible. We would like to thank @newbie LAC for responsibly disclosing the details of this vulnerability to us.

IPS Community Suite 4.2.2 Released 08/07/2017 Key Changes 4.2.2 is a maintenance release that fixes issues identified in 4.2.1 and: A new extraction process to make auto-upgrades more robust The upgrade system will do a check of all files to ensure they are up to date before proceeding Security Notice This release also contains security enhancements to prevent possible XSS and increase protections on account management functions. It is recommended you upgrade to ensure the security on your Community.

At this moment cPanel does not support ionCube Loader 5 on WHM/cPanel servers, which will cause issues for client running files made with ionCube v9. cPanel currently installs ionCube PHP Loader v4.7.5, when you install PHP using cPanel EasyApache utility. Your standard php -v output on cPanel server might look something like this. root@server [~]# php -v PHP 5.4.45 (cli) (built: Dec 14 2015 17:18:43) Copyright (c) 1997-2014 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies with the ionCube PHP Loader v4.7.5, Copyright (c) 2002-2014, by ionCube Ltd. If you want to install, or upgrade current ionCube PHP Loader on your server to version 5, you can do so manually by downloading the latest version from http://www.ioncube.com/loaders.php, and editing your global or account custom php.ini file. How to install ionCube Loader manually on cPanel or standard Linux servers with no control panel. Download the latest loader to your server from http://www.ioncube.com/loaders.php. If you are running 32 bit server used the following command: wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz If you are running 64 bit server use the following command: wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz Unpack the package: On 32 bit server: tar xvzf ioncube_loaders_lin_x86.tar.gz On 64 bit server: tar xvzf ioncube_loaders_lin_x86-64.tar.gz It will create ioncube folder in the same directory where you downloaded the file. If you need to install ionCube Loader for PHP 5.4 you will use ioncube_loader_lin_5.4* files, and if you need to install it for PHP 5.5 you will use ioncube_loader_lin_5.5* files, and similar for other PHP versions. root@server [~]# ls ioncube ./ ioncube_loader_lin_4.4_ts.so* ioncube_loader_lin_5.3.so* ioncube_loader_lin_5.6_ts.so* ../ ioncube_loader_lin_5.0.so* ioncube_loader_lin_5.3_ts.so* LICENSE.txt ioncube_loader_lin_4.1.so* ioncube_loader_lin_5.0_ts.so* ioncube_loader_lin_5.4.so* loader-wizard.php ioncube_loader_lin_4.2.so* ioncube_loader_lin_5.1.so* ioncube_loader_lin_5.4_ts.so* README.txt ioncube_loader_lin_4.3.so* ioncube_loader_lin_5.1_ts.so* ioncube_loader_lin_5.5.so* USER-GUIDE.md ioncube_loader_lin_4.3_ts.so* ioncube_loader_lin_5.2.so* ioncube_loader_lin_5.5_ts.so* USER-GUIDE.txt ioncube_loader_lin_4.4.so* ioncube_loader_lin_5.2_ts.so* ioncube_loader_lin_5.6.so* root@server [~]# To replace the ionCube Loader for all the users on the server, you can just replace the extension file defined in the global php.ini at /usr/local/lib/php.ini root@server [~]# grep zend_extension /usr/local/lib/php.ini zend_extension="/usr/local/IonCube/ioncube_loader_lin_5.4.so" root@server [~]# You can rename the original file, for restore purposes, if something goes wrong, and place the new version file from ioncube folder that was created with package extraction. mv /usr/local/IonCube/ioncube_loader_lin_5.4_ts.so /usr/local/IonCube/ioncube_loader_lin_5.4_ts.so_cporig mv /usr/local/IonCube/ioncube_loader_lin_5.4.so /usr/local/IonCube/ioncube_loader_lin_5.4.so_cporig cp ioncube/ioncube_loader_lin_5.4.so /usr/local/IonCube/ cp ioncube/ioncube_loader_lin_5.4_ts.so /usr/local/IonCube/ You can confirm the new version of ionCube Loader with php -v, and look for “ionCube PHP Loader” part of the output. root@server [~]# php -v PHP 5.4.45 (cli) (built: Dec 14 2015 17:18:43) Copyright (c) 1997-2014 The PHP Group Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.0.19, Copyright (c) 2002-2015, by ionCube Ltd. root@server [~]# php -v | grep "ionCube PHP Loader" with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) v5.0.19, Copyright (c) 2002-2015, by ionCube Ltd. root@server [~]# Upgrade to ionCube Loader 5 on one cPanel account. If you wanted to change the ion Cube Loader version for only one cPanel account, you can place the ioncube_loader_lin* files for the PHP version used by your client to some custom folder, and define zend_extension values inside a custom php.ini folder on a specific cPanel account. tl;dr ionCube Loader can be installed manually on any Linux server with following steps: Download latest version of ionCube Loaders from http://www.ioncube.com/loaders.php Unpack the downloaded package move the ioncube_loader_lin_* files for your PHP version to your extension folder. Point to the corresponding file in your php.ini file, example zend_extension="/usr/local/IonCube/ioncube_loader_lin_5.4.so" http://srvfail.com/how-to-install-ioncube-loader-5-on-cpanelwhm-server/

There are several ways to efficiently access the files, folders, and programs in Windows operating system. We can create shortcuts, pin programs to the taskbar, Start menu shortcuts etc. but we can’t do it for all programs in many cases. However, the Windows Run Command box is one of the most efficient ways of accessing system programs, folders, and settings. In this article, I am going to share 15 most important Run commands for Windows users. These commands can make it easier to manage a lot of tasks. How to open Windows Run command box? You need to press Win+R (Hold Windows button then Press R) Important Run Commands Every Windows User Should Know 1. %temp% This is the fastest way to clear the temporary files from your computer. It can save a lot of space which was being wasted by temporary files. 2. cmd This command will open the windows DOS command prompt. Windows command prompt is very useful for performing many tasks which are not possible using graphical user interface. 3. MSConfig Windows System Configuration This command will open Windows System Configuration where you can edit different things like the boot options, startup options, services, etc. 4. sysdm.cpl System Properties window This command will open the System Properties window, Where you can change the system protection and performance related many settings 5. Powershell Powershell is very similar the command prompt. Just type this command in the Run dialog box, and you will have your PowerShell opened without administrator privileges. 6. perfmon.msc Windows System Performance monitor This command can be used to monitor the performance of your computer. There are plenty of options for monitoring the system performance 7. regedit Regedit Run command is used to open the Windows Registry. It is a hierarchical database that hosts all the configurations and settings of Windows operating system, it’s users and the installed software. 8. \ (Backslash) This is one of the lesser known Run commands. Just enter the backslash into the Run dialog box and it will open up the C drive. It is one of the quickest ways to access the C drive. 9. . (Dot) This is yet another lesser known Run command. When executed, it opens the current user’s home folder which hosts all the other local folders like the Downloads, Documents, Desktop, Pictures, etc. 10. .. (Double Dots) When you execute these two dots in the Run dialog box, it will open up the Users folder which is located directly on the C drive. Also Read: 10 Most Common Windows 10 Problems and how to fix them 11. Control This command will open the control panel. Control panel is used for managing all the system settings and programs 12. hdwwiz.cpl Windows Device Manager This command is used to open the Device Manager in Windows. You can manage all the device connected internally or externally to your PC. 13. Notepad The quickest way to open notepad in Windows. Just type this command in Run Box and hit enter. 14. osk This command will open On-Screen Keyboard on your display monitor. You can easily touch and type or use your mouse for typing. 15. taskmgr This command will open task manager where you can manage all the processes and programs running on Windows Operating system. https://www.technotification.com/2017/06/important-run-commands-windows.html

Few times have there been technologies so reviled and celebrated at the same time as Adobe Flash. Since its introduction as Macromedia Flash Player in the mid-’90s, the technology has helped shape what the web has become today. At the same time, few internet technologies have united so many wanting to kick it to the curb. In 2020, in collaboration with Apple, Facebook, Google, Microsoft and Mozilla, Adobe will retire the much maligned Flash Player. A large part of the problem, experts say, despite progress in hardening its attack surface, is that it’s not secure enough. Flash continues to be a massive attack target that needs to go, they said. Since 2005, it has amassed 1,033 unique CVE entries, above, more than Microsoft’s Windows XP or Internet Explorer, according to CVEDetails.com. “Given the sheer amount of time I’ve focused on Flash, I might get a little teary eyed when it’s finally gone,” said Jasiel Spelman, a senior vulnerability researcher with Zero Day Initiative. Replacing it will be open standards such as HTML5, WebGL and WebAssembly. “These browser-based alternatives to Flash offer the same capabilities and functionalities. The trend is less helper apps and modern browsers with built-in capabilities that match those plugins of yesteryear,” Spelman said. Gateway to Exploits, Malware For more than a decade, the ubiquitous Flash Player has been a favorite target for attacks that attempted to trick users via a browser pop-up to install and run a bogus Flash Player that actually installed malware. Flash has been also abused by hackers who exploit vulnerabilities in the legitimate Flash Player to run malware. Its appeal has been that a single Flash exploit could target multiple browsers, since most of them were running the program. Adobe Flash Player has offered hackers endless fertile ground for use in exploit kits, phishing schemes, zero-day attacks and backdoor programs, said Steve McGregory, research director at security firm Ixia. Most of those attacks lead to remote code execution because of a litany of vulnerabilities in legacy code leading to buffer overflows, or memory corruption issues. Its trail of carnage has included terabytes of lost intellectual property and industrial secrets, along with stolen passwords and credit card numbers. For those reasons, technology leaders such as Alex Stamos, chief security officer for Facebook, declared in a 2015 tweet that has since been deleted: “It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.” Add to that Steve Jobs’ famous trashing of Flash in a longwinded 2010 manifesto explaining why Apple wouldn’t support it and arguing it should cease to exist. “Adobe Flash has been heavily leveraged in advertising, media and eLearning spaces, but unfortunately Adobe has not kept pace with the necessary security updates in order to outweigh the benefits of using the product,” said Mark Butler, CISO for Qualys. “If Flash wasn’t good enough for Steve Jobs to include in iOS software, it definitely shouldn’t be OK for us to use now. Flash has only increased in vulnerabilities since that time, and its patching cycles have lengthened,” he said. Transition Challenge Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious a local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch. However, despite indicators pointing to a swift death and depreciation of Flash over the next three years, the transition could present challenges for companies. Experts say dependence on Adobe Flash will create legacy issues similar to those of Windows XP. “This is just the first step, once Flash is retired, we will all be facing the reality of older versions of Flash installed and being used without any security update support similar to what we have with Microsoft Windows XP. We all still have more work to do to make the retirement not just effective but safe,” said Christopher Budd, senior threat communications manager, Unit 42, Palo Alto Networks. Percentage of users who have encountered at least one page w/ Flash Player content in a day. Courtesy Chromium.org Three years ago, 80 percent of desktop Chrome users visited a site with Flash each day. Today usage is only 17 percent and continues to decline, according to Chromium, the open-source web browser project founded by Google. Budd said the biggest issue with Flash after 2020 is the risk of security vulnerabilities affecting Flash with no patches available for those issues. Zero Day Initiative’s Spelman says about 75 percent of the enterprise companies he works with are still dependent on Flash in some way. “We tell everyone that currently hosts Flash content that they should heed the guidance from Adobe and look to migrate to supported solutions. However, a number of those organizations have legacy Flash applications that can’t be disabled immediately because of dependency issues,” he said. Enterprises’ Flash Problems Won’t Subside There are no hard numbers on Flash usage inside and outside the enterprise. But, security experts say there are many firms that are using custom-built Flash applications that will be expensive to replace after the 2020 depreciation deadline. “Similar to Windows XP end-of-life, there is going to be a time when there are Flash ‘forever day’ [vulnerabilities] that will be known, but just never patched by Adobe,” Spelman said. Those companies are going to have to redevelop those apps from scratch. “It’s going to take time and convincing them that finding a Flash replacement is a cheaper alternative to a security breach.” For its part, Adobe stated in July it will “continue to support Flash on a number of major OSes and browsers that currently support Flash content through the planned EOL (end of life). This will include issuing regular security patches, maintaining OS and browser compatibility and adding features and capabilities as needed.” In 2015, Adobe began the process when it announced that it had renamed Flash Professional CC to Animate CC and deemed it Adobe’s preferred tool for developing HTML5 content. In the meantime, developer Juha Lindstedt reacted to Adobe’s end of life verdict for Flash and turned to GitHub to petition users there to save Adobe Flash. His goal is to convince Adobe to turnover its Flash code to the open-source community. In his petition, Lindstedt calls Flash “an important piece of internet history and killing Flash means future generations can’t access the past. Games, experiments and websites would be forgotten.” The petition has received mixed reviews within the software development and security communities. While some see Flash as bloated insecure code that needs to go away fast, others see handing it over to the open source community as a way to make it more secure and ensure that any legacy instances of Flash—after it sunsets—can be addressed with an emergency patch. So far Lindstedt’s petition has garnered 6,650 digital signatures. “I think it would be a great idea. Flash is already partially open source,” Spelman said. “From a preservation point of view, I think it would be important to save a snapshot of what the internet looked like when Flash was around.” Adobe declined to comment for this story with the exception of stating it had no intention to make Adobe Flash open source. “I can tell you we don’t have any plans to do that at this time,” according to an Adobe spokesperson.

In enterprise environments, documents and other file types are often located on central file server and users open their documents directly from there. Sometimes, server administrators need to update such files, but can’t because at least one user is using it and locking the file. You could of course just reboot the server and the file would be unlocked, but that might be overkill as you are throwing everybody out. Luckily, there is a tool on the server, that lets you selectively unlock files, here is how to do it: On Windows 2008 R2 Server, click Start and type Share and Storage Management and press Enter In the right pane, click Manage Open Files Click Close Selected Click Yes to confirm Be aware that users of that file might lose data. https://basics.net/2010/04/30/unlocking-shared-files-on-windows-2008-r2-server/

>> The last few days we notice that email reports from cxs if reporting a virus now say: WARNING: Quarantine disabled - Directory [/cxscgi] missing, run cxs --qcreate --quarantine WARNING: Quarantine disabled - Directory [/cxsuser] missing, run cxs --qcreate --quarantine WARNING: Quarantine disabled - Directory [] has incorrect permissions [0644 instead of 0755], run cxs --qcreate --quarantine We have our quarantine directory in /home/quarantine since script install a few years ago and so not sure what's going on here. Also the last line above about permissions is confusing as we have ( per the original instructions) set permissions to 1777 cxs is v4.06 >> Please see the changelog. The quarantine permissions requirements have changed. To fix this you need to rename the old quarantine directory out of the way, for instance to /home/quarantine.old. Then run this command: Code: Select all cxs --qcreate --quarantine /home/quarantine https://forum.configserver.com/viewtopic.php?t=7192

Running a .ps1 PowerShell script will sometimes result in the following message: “<script>.ps1 is not digitally signed. The script will not execute on the system.” The fix is to run Set-ExecutionPolicy and change the Execution Policy setting. Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass This command sets the execution policy to bypass for only the current PowerShell session After the window is closed, the next PowerShell session will open running with the default execution policy. “Bypass” means nothing is blocked and no warnings, prompts, or messages will be displayed. Possible values for the -ExecutionPolicy parameter: — Restricted: The default setting which does not load configuration files or run scripts. — AllSigned: Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer. — RemoteSigned: Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted remote publisher. — Unrestricted: Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs. — Bypass: Nothing is blocked and there are no warnings or prompts. — Undefined: Removes the currently assigned execution policy from the current scope, returning the session to the default. This parameter will not remove an execution policy that is set in a Active Directory Group Policy. See the Microsoft Set-ExecutionPolicy cmdlet details here http://tritoneco.com/2014/02/21/fix-for-powershell-script-not-digitally-signed/

Version Certification 2017 Study Guide Prepare for the cPanel & WHM 2017 Version Certification exam, available only at this year's cPanel Conference in Fort Lauderdale, FL. Register free today by using discount code CERTIFIED. Register for cPanel Conference 2017 http://university.cpanel.net/study.php