Search This Blog

Wednesday, September 22, 2021

Configure Veeam Hardened Linux Repository Using Ubuntu

In this post, we are going to perform format and partition disks for our veeam Linux repository. Once we have complete this process, we will start to configure our hardened Linux repository.

Follow the below steps:

[Check disk]

sudo fdisk -l


We got a new disk :- 350GB at /dev/sdb

[Partition]
Begin by partition the disk, set to gpt and create primary partition with the size 350GB

sudo parted /dev/sdb

mklabel gpt

make primary 0GB 350GB

quit

[Formatting]

Format as XFS file system, 

sudo mkfs.xfs -b size=4096 -m reflink=1, crc=1 /dev/sdb -f


[Mounting]

sudo mkdir repo
sudo mount /dev/sdb /home/laiys/repo

[Check the mount point]

df -hT


[Set mount point as permanent]

vi /etc/fstab

/dev/sdb /home/laiys/repo xfs defaults 0 0

save it




[Create a non root user]

Scenario: 
username : veeam
group: veeamgroup
path : /home/laiys/repo

Create a user called "veeam"

sudo adduser veeam

Create group name "veeamgroup'
sudo groupadd veeamgroup


Add user to group

sudo usermod -a -G veeamgroup veeam

Check user in which group
groups veeam




[Set permission]

chown -R veeam:veeamgroup /home/laiys/repo
sudo chmod 700 /home/laiys/repo

[Add Veeam Repository]

When add a new repo, remember to select "Single use credentials for hardened repository"


Enter non root credential that you have created earlier
You may encounter this error message when trying to add a user without sudo right.


Workaround, temporary add 'veeam' to sudo group

sudo usermod -a -G sudo veeam

Repeat the step to use "single-use credential" again. This round you can proceed to install Veeam Transport and Data Mover.


Once complete, remove sudo right from veeam account

sudo deluser veeam sudo



Proceed to add the repo



Set fast clone on XFS
Set backup immutable for 7 days


That's all . Now you have successfully set up a hardened Linux repository.




Tuesday, September 7, 2021

Setup VPN Tunnel Using Two Asus Router

 We will look on how to setup VPN tunnel between two sites using Asus router.

Subnet:

Main Site: 192.168.0.0/24

DR Site: 192.168.1.0/24

Here is my configuration:-

Main Site 

Using ASUS RT-AC1300 UHP

Configure using Open VPN - act as VPN Server

1. Go to Advanced Settings | VPN | VPN Server | OpenVPN

2. Enable OPENVPN Server & click on Advanced Settings for VPN Details

3.Set

Interface Type: TUN

Respond to DNS: Yes

Advertise DNS to clients: Yes

Push LAN to clients: Yes

Direct clients to redirect Internet traffic: No (as each site uses their own internet access for external traffic)

Manage Client-Specific Options: Yes

Allow Client <-> Client: Yes

Allow only specified clients: Yes

Common name: client

Subnet : 192.168.1.0

Mask: 255.255.255.0

Push : Yes

4. Click Apply





5.Create a new username & password

6. Export the openvpn configuration file to DR site

DR Site

Using ASUS RT-N18U

Configure using Open VPN - act as VPN Client

1. Go to Advanced Settings | VPN | VPN Client | Add profile


2. Add the user credential that you have created previously & upload the open VPN configuration file

3. Click Activate

End Result


Connection established!

On Main Site Router indicated "Connected"


You are now able to RDP to the machine on both sites.



Wednesday, September 1, 2021

Video - Backup and Recover Using Kasten

 Quick run-through on how to backup and recover containers using Kasten.

Thursday, August 26, 2021

Take part in this ransomware survey & Win an Oculus Rift S VR!

Ransomware is no joke. Cybercriminals extort millions of dollars from companies all over the world, and it has become the most prominent form of online cyber attack. Since 2016, there have been 4,000 daily ransomware attacks on US organizations. And it’s only getting worse, especially in the past year. 


This is why the email security and backup experts at Hornetsecurity are running a survey to understand exactly how organizations are responding to the threat, and whether what’s being done is enough to keep the would-be hackers at bay.






If you’re an IT admin, work for an MSP, or have a role in taking IT related decisions in your organization, you should definitely take part in their 5 minute survey. By participating, you’ll be helping the good guys gather essential information, and you can find out whether your workplace is ahead of the security curve, or lagging behind.


Besides, they’re also giving away an Oculus Rift S VR worth $399 to one of the respondents!

Click here to take the survey and be in with a chance to win.


Your individual answers will be completely confidential and no identifying information will be shared with third parties.

Friday, August 13, 2021

Configuring Auditing for Veeam Backup for o365

 In this post, we will configure auditing for operation perform by operator on view and restore by using Veeam Explorer.

To do so,

1. Access to swagger

2. Get Auth Token first

Click Auth & provide correct credential


Once get the Response Code - 200. Go to top & click Explore

3. Get Organization Id
Go to Organization | GET | Try it out

Take the value id


Example:
Id: cbae9938-a613-43db-b145-a0db19f0b4fa

4. Get Organization User
Go to OrganizationUser | GET
Enter the OrganizationID


It will provide all users information.
Take note the ID, DisplayName and Name that you want to audit


Example:

"id": "00000000-0000-0000-0000-000000000000059f610d-8850-481a-9ca9-9dffa5b84c6bAQUAAAAAAAUVAAAA-xyhw56yw8bPBloGeAQAAA",
      "displayName": "Alpha user",
      "name": "alpha@veeamdemo.local",

 "id": "00000000-0000-0000-0000-000000000000274e5496-3868-4a32-8287-65c7013597a4AQUAAAAAAAUVAAAA-xyhw56yw8bPBloG9AEAAA",
      "displayName": "Administrator",
      "name": "Administrator@veeamdemo.local",

5. Let start to audit administrator@veeamdemo.local
Go to OrganizationAudit | POST
Enter OrganizationID & Items

[ {   "type": "user",   "user": {     "id": "00000000-0000-0000-0000-000000000000274e5496-3868-4a32-8287-65c7013597a4AQUAAAAAAAUVAAAA-xyhw56yw8bPBloG9AEAAA",     "displayName": "Administrator",     "name": "Administrator@veeamdemo.local",     }   } ]


6. To verify
Go to OrganizationAudit | GET

Result listed as Response Code 200 and output in Response Body


You have successful enable auditing on administrator user. Next is enable auditing notification of the Audited Item.

7. Go to AuditEmailSettings | PUT

{
"enableNotification": true,
"smtpServer": "dc01.veeamdemo.local",
"port": 25,
"useAuthentication": true,
"username": "administrator@veeamdemo.local",
"userPassword": "P@ssw0rd",
"useSSL": true,
"from": "veeam@veeamdemo.local",
"to": "administrator@veeamdemo.local",
"subject": "VBO Audit - %StartTime% — %OrganizationName% - %DisplayName% - %Action% - %InitiatedByUserName%
}

Make sure result is Response Code 200.

Final step is verify by perform recovery on VBO Server



Error - WinRM Service cannot process the Request Because the Request needs to be sent to a different machine

 Encountered an error when adding on-prem exchange server using Veeam Backup for O365.


[Resolution]

You need to enable basic authentication.

1. Go to Exchange Administrative Center

2. Click on server | Virtual Directories | Powershell


3. Enable basic authentication


Try add again the organization.

Thursday, August 12, 2021

This SysAdmin Day, win with Hornetsecurity!

 This SysAdmin Day, win with Hornetsecurity!


It’s that time of the year again: SysAdmin Day has arrived, and with it comes infinite gratitude for the men and women who support us 24/7. For all the times you’ve prevented catastrophes and saved our skins, for all the long hours and patience, Hornetsecurity want to say thank you!





If you’re a Microsoft 365 administrator, celebrate with them. All you have to do is sign up for free to 365 Threat Monitor and set up your account!

How does it work?

  • - Sign up to 365 Threat Monitor
  • - Receive a guaranteed $20 Amazon voucher and a chance to win one of the Grand Prizes!


What are you waiting for? Get your free 365 Threat Monitor App & Win!

Friday, August 6, 2021

Webinar: Windows Server Storage

Optimizing your storage set up is an extremely effective way to boost your workplace efficiency and reliability and the best part of all: you shouldn’t need to pay for anything as all the tools you need are already built-in to Windows Server!

Storage tends to be one of those ‘set and forget’ things that admins often don’t bother to change once set up. However, in this upcoming webinar from Altaro/Hornetsecurity on August 11, you’ll learn how to utilize the blazing-fast and reliable storage technologies residing within the modern Windows Server stack. 



Presented by Microsoft MVPs Andy Syrewicze and Dider Van Hoye, this free online event will explain what you need to do to modernize your storage infrastructure including Storage Innovations with Storage Spaces Direct & Azure Stack HCI, ReFS, PMem, QUIC & SMB, and more!


As always with Altaro/Hornetsecurity webinars, this event will be presented live twice on the day (August 11, 2021) to give as many people as possible the chance to attend live and ask your questions to the guys on air.


Windows Server storage technologies have come a long way since the days of Windows Server 2008 R2 and SMBv1/v2 – it’s no longer your grandpa's file server. It's time to level-up and unlock a potential you never knew was there!


Learn more & save your seat! 

Thursday, August 5, 2021

Quick Link - Veeam Build Number and Version

[Build & Version]

Here is the place to identify your Veeam build number and version 

 a) Veeam Backup & Replication 

 b) Veeam Agent 

 c) Veeam Backup for Office 365 


[Upgrade]
Upgrade Path from older version to new version, please refer to https://www.veeam.com/kb2053

Read this guide carefully when upgrade your old veeam version to latest version/

Download Installer on Veeam Product [ Require Propartner Login]

Current version :- Click here

Previous version :- Click here

Wednesday, July 21, 2021

Bare Metal Recovery Test Scenario

In this post, we will share on few case scenarios to do bare metal recovery (BMR) using Veeam Agent. 

We will limit the environment to 
a) on-prem repository 
b) secondary repository 
c) local storage 
d) NAS storage 


 Scenario A 

 Env: Backup to local storage (another disk) or Veeam Backup repository using Veeam agent


Test result:- Able to perform bare metal recovery on backup data from veeam agent stored on local storage or veeam backup repository

Scenario B

Env: 
a) Backup to 1st repo
b) Backup copy job to 2nd repo using Veeam Backup Server/ Agent


Test result:-

a) Able to perform BMR when select "Veeam backup repository" and get backup data for 1st Backup Job and Backup Copy Job. Must point to veeam backup repository to recover BCJ.

Scenario C

Env:

Manual copy backup copy job backup data to 
a) local storage
b) shared folder

or point to network storage "Shared folder" where backup data is located


Test result:-

No backup data is visible or

Error message " Veeam agent unable to open backup files created by Veeam Backup & Replication".

Scenario D

Env:

a) Manual copy veeam agent backup data to NAS or local disk
b) Access backup copy job backup data from shared folder


Test result:-

a) BMR successful for backup by veeam agent (either local or NAS storage)
b) BMR unsuccessful for backup copy job data ( no backup data)


Scenario E

Env:
a) Install new VBR Server and point to an existing repository that has backup copy job data
b) Select Veeam Backup Repository


Test result:-

a) No data visible for BMR
b) After rescanning backup repository on VBR Server. Able to see data on BMR and perform recovery



Conclusion on the test scenario:

1. For Backup Copy Job Data: You need to have Veeam Backup Server, add it as an existing repository, and rescan the repository before being able to recover Backup Copy Job Data. 
2.No issue on Veeam Agent backup data resides on any storage when doing bare metal recovery.

Thursday, July 15, 2021

Demo: Instant SQL Recovery

In this video, we are going to explore on how to perform instant SQL database recovery. Check out

 

Thursday, June 3, 2021

Webinar - Your 5 Most Critical M365 Vulnerabilities Revealed and How to Fix Them

Microsoft 365 is an incredibly powerful software suite for businesses, but it is becoming increasingly targeted by people trying to steal your data. The good news is that there are plenty of ways admins can fight back and safeguard their Microsoft 365 infrastructure against attack. 



This free upcoming webinar, on June 23 and produced by Hornetsecurity/Altaro, features two enterprise security experts from the leading security consultancy Treusec - Security Team Leader Fabio Viggiani and Principal Cyber Security Advisor Hasain Alshakarti. They will explain the 5 most critical vulnerabilities in your M365 environment and what you can do to mitigate the risks they pose. To help attendees fully understand the situation, a series of live demonstrations will be performed to reveal the threats and their solutions covering:


  • O365 Credential Phishing
  • Insufficient or Incorrectly Configured MFA Settings
  • Malicious Application Registrations
  • External Forwarding and Business Email Compromise Attacks
  • Insecure AD Synchronization in Hybrid Environments


This is truly an unmissable event for all Microsoft 365 admins!


The webinar will be presented live twice on June 23 to enable as many people as possible to join the event live and ask questions directly to the expert panel of presenters. It will be presented at 2pm CEST/8am EDT/5am PDT and 7pm CEST/1pm EDT/10am PDT. 


Don’t miss out - Save your seat now! 

Tuesday, April 20, 2021

Change Veeam One Data Retention

By default data store on Veeam One SQL database will keep for 12 months. If you would like to change the retention period, you can do so by following the below step.

1. Go to C:\Program Files\Common Files\Veeam\Veeam ONE Settings

2. Double click VeeamOneSettings



3. Click on Retention tab


4. Enter your prefer value , click Apply Retention & save.

Hope this help


Monday, April 19, 2021

Check SSD Lifetime

 In today's post, we are going to explore how to check your SSD or NVME SSD lifetime.

You probably have this hardware running for quite some time. Each SSD or nvme has a lifetime based on usage on writing.

[Tool]

Download CrystalDiskInfo. Click here

[View output]

The following was my hardware screenshot:


a) SSD -480 GB. Currently 97% healthy.

b) SSD - 1 TB


c) NVME SSD - 512 GB

d) External HDD - 480 GB



e) External HDD -WD 2 TB

[Compare output]

Next is to use the brand and model to search for it original spec.

Example:- KINGSTON SA400S37480G. Refer to here and check for TBW [Total Bytes Written]

Kingston:-
480 GB -> can support till 160 TB
960 GB -> can support till 300 TB

On CrytalDiskInfo, refer to Total NAND Writes, to see how much is current total write. 

ADATA nvme ssd:-


512GB -> 320 TB

On CrystalDiskInfo, refer to Total Host Writes. 

Currently, I have used 9320 GB. Roughly 9TB & still has a buffer to continue use: 311 TB