About me

Assisting companies with broad security analysis, securing and hardening their servers and networks, setting up complete SIEM environments. I set up controls and analyze business processes.

The buzz words: Siem consultant, Certified Information Security Manager (CISM), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Control (CRISC), primarily focused on Micro Focus ArcSight, with deep knowledge of Linux systems (Red Hat / RHEL). ArcSight trainer for Advanced Analyst, Advanced Admin and Logger courses. Trained in LogRhythm, Palo Alto, Splunk and VMware.

I use this web site as a blog for things I find that may help other people.

Newest posts

• Add new dmraid to debian11
  Note to self:
• Nextcloud / php / apache no error for Internal Server Error
  I got this: If you want to know more, enable log_errors
• Proxmox LXC container disk shrink
  Like this (LVM based)
• Friendly (ionice/nice) rsync on remote server
  Add –rsync-path=”ionice -c 3 nice rsync” to your rsync command (on sending side)
• LVM commands not found
  Getting this? Means you might have used su. Just do su – or do a…
• T-Mobile Thuis werkende SMTP 2023 (Fix Relay access denied)
  Ik kreeg de melding: Postfix moet net ff anders worden ingesteld. Dit werkt voor mij:…
• Upgrade to debian11 from 10
  Then update, apt full-upgrade reboot
• Simple SSH backup of routeros / mikrotik
  Prerequisites: Howto: 1. Create ssh keys (without passphrase) on the linux host: ssh-keygen 2. Copy…
• Proxmox VLANs ‘on a stick’
  Example:
• T-Mobile thuis (NL) Routeros/Mikrotik-configuratie (met VLANs)
  Ik wilde: TODO: In voorbeeld hieronder is 1.2.3.4 het externe IP
• Mikrotik routeros various findings
  Meaning of service tag Setting use-service-tag=no sets the vlan ethertype to the .q standard of…
• jq unix timestamp to datetime
• Bash script template
  More info and source: https://sharats.me/posts/shell-script-best-practices/
• Hash file in windows
  cmd: certutil -hashfile z:\desktop\lsr.exe SHA512 or powershell: Get-FileHash -Path z:\desktop\lsr.exe -Algorithm SHA512
• Fix: acosh defined in both go and assembly
  You probably upgraded go. You need to remove /usr/local/go . Then reinstall go
• Indent HTML using tidy
  for my own reference:
• Github what repos have you contributed to (graphql)
  https://docs.github.com/en/graphql/overview/explorer { viewer { repositoriesContributedTo(first: 100, contributionTypes: [COMMIT, ISSUE, PULL_REQUEST, REPOSITORY]) { totalCount nodes {…
• Debian VM as GW routing through VPN (tun) with nftables
  My LAN interfaces are ens3/ens8/ens9. VPN tunnel set up using openvpn, gets dev tun0. NFTables…
• Guacamole broken (Creation of WebSocket tunnel to guacd failed)
  Today my guacamole broke. Fixed by putting in guacd settings in the connection settings in…
• mount LVM2_member
  vgscan vgchange -ay srv25centos mount /dev/mapper/srv25centos-root /mnt/srv25
• List all ansible facts (facter puppet)
  ansible srv46.karloluiten.nl -m ansible.builtin.setup
• RPM only list/query package names
  rpm -qa –qf “%{NAME}\n”
• Mount raw ovirt / kvm disk
  losetup -f -P root.img osetup -l mount -o ro /dev/loop* /mnt/
• Linux remove last newline from file
  perl -pi -e ‘chomp if eof’ macaroon newline remove
• nc in powershell (test remote open port/tcp)
• Simple wireshark filter host+port
  ip.src == 10.1.72.1 and tcp.port == 12228
• Excel return text right of last occurrence of string
  =TRIM(RIGHT(SUBSTITUTE(A1;” “;REPT(” “;LEN(A1)));LEN(A1)))
• Update RHEL/CentOS from local repo (iso/cd)
• Pihole CORS problems
  Fix: edit /var/www/html/admin/scripts/pi-hole/php/auth.php add your host names to AUTHORIZED_HOSTNAMES array
• Move cygwin to different disk, including services
  Stop all services, log out other users, in process explorer, add command line column, stop…