Bozho's questions -server

Bozho

Asked: 2019-09-04 09:15:23 +0800 CST

Windows Remote Viewing of Event Logs fails with "Access denied"

1

I'm trying to connect to a remote windows server (2019) from a machine in the same domain and view its event logs. However, I'm getting "Access denied" in almost all ways I've triied. Below is a list of relevant details:

Event viewer's "Connect to another machine" works correctly
PowerShell Get-WinEvent fails with Access denied (with proper -Credential passed)
PowerShell Get-WmiObject -Class Win32_NTEventLogFile -ComputerName ... -Credential ... fails with access denied
after using winevt's EvtOpenSession, all subsequent calls fail with Access denied (which is epxected, as the check is lazily performed)

The following configuratons have been done:

the user is a service account and has been added to the following groups: Distributed COM users, Event log readers, Performance Monitor Users, Remote Management users
the firewall inbound rules to allow remote log management have been enabled
in the WMI configuration management, the user has been added to the WMI root with "Remote enable" and all other permissions

So, the question being - what am I missing on order to get winevt EvtOpenSession to work, as well as (optionally) Get-WinEvent and Get-WMIObject

Bozho

Asked: 2016-05-24 12:42:11 +0800 CST

How To Log TLS Mutual Authentication Details?

2

Is there a way to log the low-level details of the TLS mutual authentication flow (most importantly - the challenge that is sent to the client and the signed response).

Solution for any tool is welcome: nginx, Apache (mod_proxy), HAProxy, etc.

Bozho

Asked: 2014-12-13 14:17:51 +0800 CST

Do CDN providers run their own DNS servers?

4

In order to have efficient CDN, it needs to direct requests to the server nearest to the requester.

How do they do that? Do they run their own DNS server that, when asked to resolve an address, it the geo lookup of the requester IP and returns the proper server IP? Does DNS caching affect that (sounds like it shouldn't, and my ISP's cache is going to cache the nearest server and then serve it to me)

Bozho

Asked: 2014-12-13 13:51:02 +0800 CST

Is there a way to programatically update DNS records?

7

Is there a standard way to programatically update DNS records? Services like Route 53 do offer programmatic access, but is that possible in a generic way using some standard protocol? Or it depends on the registrar (e.g. I read that GoDaddy don't allow programmatic access)

Bozho

Asked: 2014-12-13 13:47:25 +0800 CST

What's the maximum number of IPs a DNS A record can have?

37

I have a strange idea - let multiple people/organizations host the same application, and let all their nodes be accessible via a single domain name. That's in order to have, let's say, a really distributed social network, where usability is not sacrificed (i.e. users don't have to remember different provider urls and then when one provider goes down, switch to another one)

To achieve that, I thought a DNS record with multiple IPs can be used.

So, how many IPs can a single DNS A record hold? This answer says it's around 30, but the usecase there is different. For the above scenario I wouldn't care if a given ISP caches only 30, as long as another ISP caches another 30, and so on.

Bozho

Asked: 2010-03-30 11:14:53 +0800 CST

Apache Virtual host not recognized

1

I've been using one server, then I reinstalled everything on another server, and the mod_jk stopped working. Here is the situation:

apache 2.0 sitting "in front"
mod_jk used to connect to the apache to tomcat
tomcat 6.0.26 used to server the actual requests

I followed this tutorial. The result is:

accessing http://mysite.com opens the index.html in /var/www/
accessing http://mysite.com:8080/ works OK
the logs at /var/logs/apache2 show everything is OK:

[Mon Mar 29 22:01:53.310 2010] [28349:3075389184] [info] init_jk::mod_jk.c (2830): mod_jk/1.2.26 initialized

[Mon Mar 29 22:01:53 2010] [warn] No JkShmFile defined in httpd.conf. Using default /var/log/apache2/jk-runtime-status [Mon Mar 29 22:01:53 2010] [notice] Apache/2.2.9 (Debian) mod_jk/1.2.26 configured -- resuming normal operations

I compared the server.xml, jk.conf, sites-enabled/mysite from the new server to those from the old one and they are identical.

The domain name is the same (I updated the DNS record today, and it has refreshed successfully)

So the question is, what can go wrong? Is there another place where problems would be logged, if such occur?

Update What I can be almost certain of is that the virtual host is not recognized. It is always forwarded to the default virtual host. So, how to make sure the virtual host is recognized and working?

Relevant parts of apache2.conf:

# Include generic snippets of statements
Include /etc/apache2/conf.d/

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

Windows Remote Viewing of Event Logs fails with "Access denied"

How To Log TLS Mutual Authentication Details?

Do CDN providers run their own DNS servers?

Is there a way to programatically update DNS records?

What's the maximum number of IPs a DNS A record can have?

Apache Virtual host not recognized

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?