Dell Latitude 5591 bizarre ghost behavior (drive shows as 2 TB but it’s only 256 GB)

I need a solution

Hello,

We received a batch of latitude 5591’s and at first I struggled getting one to boot to PXE / TFTP to pull down the ghost image. Had to change to Legacy boot mode in order to do that. Now, when I boot it pulls down the ghost client fine and runs it. I thought I was going to be fine but then I saw this:

notice the source says “Local drive [1], 244198 MB” but the MB remaining says 2093737 (??)

please help

0

Related:

  • No Related Posts

Overview of the Crypto Kit updates in Citrix Workspace 19.04

Applicable Products

Citrix Workspace App 1904 for Windows and later.

Note: Citrix Workspace app 1904 for Windows has not been released publicly. This article serves as early notice to IT administrators so that they can take necessary action in advance. This will enable end users to install/upgrade to Citrix Workspace app 1904 for Windows seamlessly.

Objective

This feature is an important change to the secure communication protocol. Cipher suites with the prefix TLS_RSA_ do not offer forward secrecy and are considered weak. These cipher suites were deprecated in Citrix Receiver version 13.10 with an option for backward compatibility.

In this release, the TLS_RSA_ cipher suites have been removed entirely. Instead, this release supports the advanced TLS_ECDHE_RSA_ cipher suites. If your environment is not configured with the TLS_ECDHE_RSA_ cipher suites, client launches are not supported due to weak ciphers. This release supports 1536-bit RSA keys for client authentication.

This document aims to detail the changes to the cipher suites.

What’s New?

The following advanced cipher suites are supported:

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)

In earlier releases, the GPO configuration that was available under the below Computer Configuration node and which allowed to enable the deprecated cipher suites has been removed now.

Administrative Template > Citrix Component > Citrix Workspace > Network Routing > Deprecated Cipher Suites


The following cipher matrix provides the ciphers supported by the latest SSL SDK:

Expected failure scenarios and edge cases

  • TCP

    • OPEN mode: Session launch is not supported when the client is configured for GOV and the VDA for COM. This happens because a common cipher suite is absent.

    • FIPS/NIST(SP800-52) compliance mode: Session launch is not supported when the VDA is configured for COM the client for COM, GOV, or ANY, or the other way around. This happens because a common cipher suite is absent.
  • DTLS v1.0 supports the following cipher suites:
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  • DTLS v1.2 supports the following cipher suites:
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
    • TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  • Therefore, session launch is not supported from a client configured for GOV to a VDA configured for COM. Also, fallback to TCP is not supported. When you use DTLS v1.0, session launch is not supported for clients configured for GOV because a common cipher suite is absent.

.

The following matrices provide details of internal and external network connections:

  • Matrix for internal network connections (Citrix Gateway scenario)

  • Matrix for external network connections (Citrix Gateway scenario)

Related:

  • No Related Posts

Action Recommended to Secure the Cisco Nexus PowerOn Auto Provisioning Feature

Cisco Nexus devices support an automatic provisioning or zero-touch deployment feature called PowerOn Auto Provisioning (POAP). This feature assists in automating the initial deployment and configuration of Nexus switches. POAP is enabled by default and activates on devices that have no startup configuration or when Perpetual POAP has been configured using the boot poap enable command.

As with other automatic provisioning technologies, such as Cisco Zero-Touch Provisioning or Cisco Smart Install, some basic assumptions are made about the initial deployment environment. First, that administrators know that the feature exists and is enabled by default. Second, that the Layer 2 (L2) network on which a device initially connects is secure.

By design, the POAP feature leverages several unauthenticated protocols to obtain the initial configuration file for a device. When a device with POAP boots and subsequently fails to locate a startup configuration, such as on the first startup after unboxing or after a restoration of factory defaults, the device enters POAP mode. The device will attempt to locate a DHCP server through a connected management interface1. Then the switch will listen for a DHCP response that includes at a minimum the following:

  • An IP address
  • A default gateway
  • Option 66 (TFTP server name) or Option 150 (TFTP server address)
  • Option 67 (boot file name)

If the Nexus device receives multiple DHCP responses that meet these requirements, the first DHCP response received will be accepted, and POAP will move to the next stage of the device configuration. If no DHCP responses that meet these requirements are received prior to the timeout period, the device will exit POAP mode.

If a DHCP response is accepted, the Nexus device will attempt to connect to the provided TFTP server to retrieve the Python or Tool Command Language (Tcl) POAP configuration script specified within the boot file option. The switch will then execute the script to retrieve the specified software and device configuration. The Nexus device software and configuration may be retrieved using Secure Copy Protocol (SCP), FTP, or SFTP. The downloaded Nexus software will be assigned as the active image, with the configuration file scheduled to be applied when the device restarts.

Several steps in the POAP configuration process rely on a secure network segment to obtain critical startup information. While the POAP feature disables itself after a configurationis applied to a device2, it is critical that customers properly secure the networks in which POAP may be utilized. Some customers may want to disable the POAP feature and use other methods to configure a Nexus device out of the box. To this end, Cisco has added multiple new commands to disable POAP that will persist across a reset to factory defaults and the removal of a configuration. For guidelines on securing a POAP environment, as well as information about disabling the feature, see the Details and Recommendations sections.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-info-poap

1On some Nexus chassis-based devices, the DHCP solicitation may also be sent using all front-panel Ethernet interfaces of the installed router processor.

2The POAP feature will not be disabled if Perpetual POAP has been configured using the boot poap enable command and will run on each reload of the device.

Security Impact Rating: Informational

Related:

  • No Related Posts

Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.

The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos

Security Impact Rating: Medium

CVE: CVE-2019-1684

Related:

  • No Related Posts

ProxySG | IP Phone SIP Protocol cannot connect via Proxy

I need a solution

Dear All

  My customer would like to connect ip phone to cloud of ip phone system and it connect to proxy type explicit.

on ip phone can config to use proxy. we tried to test connect to internet but cannot connect.

for VPM policy we create exception for all of this ip phone already.

for check traffic on Proxy we not found active session from ip of ip-phone

and then we tried to check from error session we found error from ip of ip-phone

this detail of error session as below

Client    Server    A    S    FW    I    Duration    Client Bytes    Server Bytes    Savings    C    BC    OC    P    BM    Service Name    Application    Protocol    Detail    Age

10.223.176.32:39043        –    –    –    –    0 sec    1482    0    100%    –    –    OC (D)    P    BM (D)    Explicit HTTP    HTTP    HTTP(error) : “The request HTTP version is invalid”       2 sec

it have error The request HTTP version is invalid

Proxy IP: 10.180.192.100   IP-Phone IP:10.223.176.32

My customer use Proxy SGOS version 6.6.5.9   if would like more information please let me know.

Thank you so much for your help.

Best Regards,

Chakuttha R.

0

1546875335

Related:

  • No Related Posts

How do I have two default gateways one for mgmt and one for interception?

I need a solution

Hi;

I have port 0:0 as the management port with a default gateway associated with the default route domain and I want port 2:0 to have its own default route. Shall I create a new route domain, a new vlan and associate them with interface 2:0, which already has an IP address.

then shall I define a Default gateway for the new route domain?

Would this work?

Kindly

Wasfi

0

1544671730

Related:

  • No Related Posts

Message filtered when sending to messagelabs

I need a solution

Messages sent from our domain which contain our URL, www.lakesidebank.com, are being filtered.  If I turn off the URL in our signature line, the messages go through OK.  This happened about 2 weeks ago as well and I sent an email to investigation@review.symantec.com and they seemed to fix it.  But now it’s back.

Error details:

Error Details

Reported error:

550 5.0.350 Remote server returned an error -> 553 Message filtered. Refer to the Troubleshooting page at;http://www.symanteccloud.com/troubleshooting for more;information. (#5.7.1)

DSN generated by:

CY4PR1801MB2038.namprd18.prod.outlook.com

Remote server:

server-12.tower-348.messagelabs.com

0

Related:

  • No Related Posts

Random URL timeouts when accessing through http VIP

End users when accessing internal http based resources see the a random URL would timeout.

From the trace it was clear the server that was serving the requests through ADC was sending incorrect URL encoding, this was right before the next URL GET/POST request we see timing out.

User-added image


When the ADC receives a packet wherein the content length and transfer encoding are set together, the ADC will wait for the connection to terminate before initiating a new connection to send the next GET/POST request, hence the end user see a timeout for the URL that was received by the ADC after this malformed packet.

Related:

  • No Related Posts