EriZone – Security Advise

Posted by on May 31, 2017 in EriZone & OTRS | 0 comments

It was detected a vulnerability on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS, Erizone 3.x and EriZone 5.x systems

The severity of this vulnerability has been categorized with “high”.

To guarantee the security of your system, we recommend to disable the Installer.pm module.
Modify the file /opt/erizone/otrs/Kernel/Config.pm and insert following lines:

# Security FIX # WP 31.05.2017
delete $Self->{'Frontend::Module'}->{Installer};

This lines has to be inserted directly after the following code block:

# ----------------------------------------------- #
# fs root directory
# ----------------------------------------------- #

$Self->{Home} = '/opt/otrs';

Further information regarding this topic can be found on http://www.cvedetails.com/cve/CVE-2014-9324/

 


 

Technical details:

  • Date: 2017-05-30
  • Title: Installer Routine Vulnerability
  • Severity: High
  • Product: OTRS 3.2.* EriZone 3.* and EriZone 5.*
  • References: CVE-2017-9324
Read More

IoT: The future, today.

Posted by on May 30, 2017 in NetEye | 0 comments

IoT 2017

The Smith-Family is driving on the highway to arrive to their holiday destination in Italy, as a car in front of them suddenly brakes. A truck accidently has lost demolition debris and thereby almost caused a multiple-vehicle collision. Mrs. Jones is driving the car just behind the truck and as her car brakes, it simultaneously sends a message to the following vehicles. Those activate the brakes too, shift down and forward the message to the cars behind them. In this way, also the following cars can immediately react. An accident has been  successfully avoided and all vehicles can go ahead. Moreover, the truck informs the highway company, who instantly sends the cleaning crew.

At the first moment, this might seem since-fiction, but it isn’t. We call it: IoT (Internet of Things).

Read More

Monitoring Microsoft Exchange Server

Posted by on May 25, 2017 in NetEye | 0 comments

Microsoft Exchange Monitoring

Microsoft Exchange server is one of the most used email server for companies but sometimes it is hard to monitor because usually the monitoring tools only control the availability of the server on the network.

Thanks to the 2013 update, Microsoft offered several URL (Healthcheck URL) to verify the real server availability for clients.

The URL address have the following structure:

https://<External FQDN>/<protocol>/healthcheck.htm

Whereas the <protocol> can be substitute by:

  • OWA Outlook Web App
  • ECP Exchange Control Panel
  • OAB Offline Address Book
  • AutoDiscover Autodiscover process
  • EWS Exchange Web Services (Mailtips, Free/Busy, Lync clients, Outlook for Mac)
  • Microsoft-Server-ActiveSync Exchange ActiveSync
  • RPC Outlook Anywhere
  • MAPI MAPI/HTTPS (da Exchange 2013 SP1)

A recurring control gives the possibility to anyone to monitor the server operations, but it doesn’t help to verify the presence of low performances and adjustments.

For a better control, it is necessary to use an agent set up on the server Exchange that can read periodically the performance data displayed by Exchange (Performance Counters), in order not to overload the server and worsen the service.

NetEye solution

Read More