Search This Blog

Friday, December 22, 2023

Reconnasissance Tools

Useful tool use to know

a)ICMP Traceroute



b) TCP Traceroute

Useful when firewall blocking ICMP



c) UDP Traceroute



d) Nmap

Use nmap to extract info such as live hosts on the network, open ports, services, types of packet filters/firewalls as well as operating systems and version used.

Example: Zenmap

e) MegaPing

Includes scanner such as comprehensive security scanner, port scanner (TCP and UDP ports), IP scanner, NetBios scanner and share scanner

Example: Megaping

f) Netscan tools Pro


g) Solarwinds Port Scanner

h) PRTG Network Monitor


i) OmniPeek Network Protocol Analyzer


 j) Nbtstat utility

Display netbios over tcp/ip protocol statistics, Netbios name tables for both the local and remote computers and the netbios name cache

Example: nbtstat -a

k) Netbios enumerator

Help to enumerate details such as Netbios name, username, domain name and mac address for a given range of ip address

Example: NetBios Enumerator

l) Global Network Inventory


m) Advanced IP Scanner


l) Hyena


m) Nsauditor Network Security Auditor


Saturday, December 2, 2023

Unable to Restore OCP-V VM from S3 When Using Kasten v6.5

I've upgraded to Kasten v6.5. I was able to back up RedHat OpenShift Virtualization VM using Snapshot and S3. However was not able to restore from S3 using TransformSet which I have created on v6.0.12. You may refer to .

Reported as a bug for a future fix. 

The workaround is to create a transform when doing restoration. [Click on below to view in large mode]

Friday, December 1, 2023

Unable to Restore OCP-V VM from S3 When Using Kasten v6.0.12

In my environment, I have used Kasten version v6.0.12 to back up Redhat Openshift Virtualization Virtual machine. No problem on using snapshot however encounter an error when trying to restore from S3.

After troubleshooting, realized that S3 backup data is a reference to snapshot backup data which has expired/removed. Well, it is not supposed to and reported as a bug for the next release fix.

For a workaround, you need to create a TransformSet. Refer to the below diagram to configure it and apply it when doing a restoration. [Click the image to view in large mode]

Friday, November 24, 2023

Internal - Change Corporate Password and Sync with Macbook

This note is only for my own internal reference only. [Not applicable for public use] 

  1. Change your corporate password using web . 
  2. Login to MacBook using old password
  3. Connect to Cisco VPN using new corporate credential
  4. On the menu bar, click the key icon to login to corporate. Use new credential. It will say password expired in 9 days. Just log out
  5. On the key icon, login again with new corporate credential
  6. A prompt will ask to enter corporate AD pwd 

a) enter AD - new pwd

b) enter Mac - old pwd

  1. Click on Sync, since both pwd is not in sync
  2. After sync, it will prompt with result successful
  3. Lock your Mac
  4. Relogin with new password
  5. If log off, please remember your username
  6. Relogin with you Mac username & new password

Thursday, November 2, 2023

Direct Restore to GCP Test Result

 Here is my lab environment test result on Direct Restore to GCP.

Note: Does not represent the real scenario. Recommend testing on your environment to get the exact result.

The below sharing is just for test purposes

Bandwidth used:

  • Download: 800Mbps
  • Upload: 200 Mbps

a) Restore from on-prem backup target to GCP

Using worker e2-micro

Using worker c2d-highcpu-2

b) Restore from GCP object storage to GCP

Using worker c2d-highcpu-2


  • More faster when backup data resides on GCP object storage
  • Changing to the higher spec of worker does not improve the restore speed

Monday, September 25, 2023

Install Older Version of Kasten

You may come to a situation where your customer is running an older version of Kubernetes. Example v1.22. Then you want to back up the container using Kasten.

When you run preflight check, the result indicates "Unsupported"

When we checked the user guide:,

Minimum version support is v1.24


Kasten version to support v1.22 is Kasten 5.5.9

Command to install particular version

helm install k10 kasten/k10 -n kasten-io --version 5.5.9

Friday, August 25, 2023

Failed to open MySQL client library

You may encounter this error message when trying to backup mysql database using Veeam agent for Linux

"Failed to open MySQL client library"

Few thing to check

1. Make sure it is supported mysql version : 5.7 - 8.0
2. Correct credential. Use MySQL Workbench to access from VBR to source database server
3. Install libmysqlclient package manually on source database server
Execute command:

sudo apt-get update
sudo apt-get install libmysqlclient-dev

4. Rerun backup

That should do the trick!

Video -Rename Existing Veeam Backup Job Using Powershell

Video -Change Veeam Backup Job Setting Using Powershell

BDRSuite v7.0.0 Release Candidate (RC)

We're excited to announce the availability of the BDRSuite v7.0.0 Release Candidate (RC) build! This pre-release build marks an important step toward our upcoming major release v7.0.0. The RC build enhances our BDRSuite capabilities and is tailored for users seeking backup solutions in KVM, Azure, and AWS environments.

Key Features of BDRSuite v7.0.0 RC:

● KVM Backup and Recovery - Agentless backup for KVM virtual machines through seamless integration with KVM hypervisor. -

● Azure Backup and Recovery - Agentless Backup using Azure Native APIs and store backup data locally or in cloud. -

● AWS Backup and Recovery - Agentless Backup using AWS APIs and store backup data locally or in the cloud -

BDRSuite v7.0.0 RC Download Link: BDRSuite v7.0.0 RC is now ready for download and is now live on our official website - Download BDRSuite v7.0.0 RC

For additional information and in-depth insights into the v7.0.0 RC, please refer to the following resources:

● Release Notes: 

● Release Blog:

Thursday, July 13, 2023

How to Enable SSH and Secure Copy (SCP) on Linux?

 Execute this command:

sudo apt update

sudo apt install openssh-server

nano /etc/ssh/sshd_config

Inside the file, locate the "PermitRootLogin" and set to "yes"

save the file

Restart the SSH server

systemctl restart ssh

Wednesday, July 12, 2023

Change Veeam Backup Job Setting with PowerShell | Maintain Same Job Name

There is no rename PowerShell cmdlet on veeam v12. So here is my workaround to maintain the same backup job. If I use the clone backup job name, it will perform an active full when scheduling the job run. This is a norm scenario as the backup job name has changed and existing backup data cannot map.

# Connect to the Veeam Backup & Replication server

Connect-VBRServer -Server "VBR12GA"

# Get the backup job you want to clone

$sourceJob = Get-VBRJob -Name "VmwareVM-DC01-demodomain"

# Get the new proxy server

$newProxy1 = Get-VBRViProxy -Name "proxy1.veeamlab.local"

$newProxy2 = Get-VBRViProxy -Name "proxy2.veeamlab.local"

#update proxy

Set-VBRJobProxy -Job $sourceJob -Proxy $newProxy1, $newProxy2

# Specify the name for the cloned job

$clonedJobName = "ClonedJobName-Lai"

$clonedJobNameOriginal = "VmwareVM-DC01-demodomain"

# Clone the backup job

$clonedJob1 = Copy-VBRJob -Job $sourceJob -Name $clonedJobName -Repository "Default Backup Repository"

Remove-VBRJob -Job $sourceJob -Confirm:$false

$clonedJob2 = Copy-VBRJob -Job $clonedJob1 -Name $clonedJobNameOriginal

Remove-VBRJob -Job $clonedJob1 -Confirm:$false

# Save the cloned job

Set-VBRJobOptions -Job $clonedJob2

# Disconnect from the Veeam Backup & Replication server


Tuesday, July 11, 2023

Change Veeam Backup Job Setting Using Powershell

 Below script is using Veeam v12.

I would like to change the existing backup job in terms of proxy and backup repository. In veeam v12, changing the backup repository on the backup job is not supported. 

Therefore here is my workaround:

# Connect to the Veeam Backup & Replication server
Connect-VBRServer -Server "VBRServerName" 

# Get the backup job you want to clone
$sourceJob = Get-VBRJob -Name "OldJobName" 

# Get the new proxy server
$newProxy1 = Get-VBRViProxy -Name "newproxy1"
$newProxy2 = Get-VBRViProxy -Name "newproxy2"

 #update proxy

Set-VBRJobProxy -Job $sourceJob -Proxy $newProxy1, $newProxy2

 # Specify the name for the cloned job

$clonedJobName = "ClonedJobName"

 # Clone the backup job

$clonedJob = Copy-VBRJob -Job $sourceJob -Name $clonedJobName -Repository "NewRepository"

# Save the cloned job

Set-VBRJobOptions -Job $clonedJob

# Disconnect from the Veeam Backup & Replication server


In summary,

  • Change new proxy
  • Clone a new job
  • Change new repository name

Wednesday, May 3, 2023

VeeamOn 2023 Virtual / Physical Event


Date: May 22-25 2023

Entry: FREE

Virtual Event registration is still available. To attend online, please register - click here

Referral : Lai Yoong Seng

Content: Learn the latest Veeam technology.

Attendee which has registered, you can view on-demand video - click here

Friday, April 28, 2023

Add Kasten Helm Repo

 To install the Kasten Helm chart, follow this step

[root@ocp-svc ~]# helm repo add kasten

"kasten" has been added to your repositories

Lastly, run 

helm repo update

Error: WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/ocp-install/auth/kubeconfig Error: no repositories found. You must add one before updating

 Error message when execute command helm version

WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/ocp-install/auth/kubeconfig

Error: no repositories found. You must add one before updating

Solution: Remove the permission

chmod o-r ~/ocp-install/auth/kubeconfig

chmod g-r ~/ocp-install/auth/kubeconfig

Once done, execute helm version again

[root@ocp-svc ~]# helm version

version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"clean", GoVersion:"go1.15.11"}

More detail, please refer to 

Monday, April 17, 2023

Access Denied ADMIN$

 Your machine is on workgroup and you would like to access the machine via share/credential.




and has key-in computername\username but failed to gain access. The password is correct yet unable to access via Share. 

If you've encountered the same scenario, you can try this on the machine and put these registry key

Open Registry Editor

  1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
  2. On the Edit menu, point to New, and then click DWORD (32-bit) Value.
  3. Type LocalAccountTokenFilterPolicy to name the new entry, and then press Enter.
  4. Right-click LocalAccountTokenFilterPolicy, and then click Modify.
  5. In the Value data box, type 1, and then click OK.
  6. Exit Registry Editor.

This should do the trick and solve the problem

Thursday, April 6, 2023

Create Vcenter SSH Public Key

 To use SSH public key on vcenter, you need to perform this steps:

1. Create Key using puttygen (download putty to use this tool)

a) click on generate

b) move your mouse cursor to generate

c) Save the public key
d) Save the private key

2. Use putty to SSH into vcenter
To enable and start the Bash shell, type
> shell.set --enabled True
> shell

3. Edit authorized_keys
> sudo vi ~/.ssh/authorized_keys

a) Insert the public key. Example that you have created
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw7K7657C3KVD8uEtuBxvEjPui4lD+xZqw0+k95mCH19/xOEWhY6UJREPVRTIw8sgIa2PvlUjuCh+m7ZUqHdheChFE55qxjvZLhGJrAU2MvpAv6ltL5ePUYo1iQYRD/PdMMJKY9EcOE7MOBFkSKKI9IYnLyGr3+6QDfSbeuLc42qNcxUQVTPhRAn6gbxj3ISTxOrf1PdwixbM5GGlyIPmYxzcRX91QFVuhsPfXPdOeWczm+0cBkqIPraRjBwmu3B5dTZz12EFQtQbZxc6fpxhyj0eIMsu8bFjk49IZkat1hLdP00unYOfyTrkAnF5XdtglNcw40ot5MwW4mRCKfGCZ rsa-key-20230406
b) save it and exit

4. To activate key authentication, you have to make sure /etc/ssh/sshd_config: has the following line

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Saturday, April 1, 2023

Error "No suitable authentication method is supported. Supported method "publickey"

Error message when adding Linux credential on Veeam Console

Error "No suitable authentication method is supported. Supported method "publickey" 

Note: Below is for AWS EC2 VM access. We would like to use a password instead of using pem key.

#cd /etc/ssh

#vi sshd_config

Locate PasswordAuthentication no

Change to

PasswordAuthentication yes

Save it.

Restart the ssh service

#systemctl restart ssh

Create a new linux account and add into Veeam Console

Linux - Create another user with root right

Create another user & assign it as root right

# more /etc/passwd

ubuntu user is a root admin on the Linux VM

#-id -a ubuntu

Create another user "veeamadmin" & assign same right as ubuntu user.

#useradd -u 1001 -g 1000 -m -d /export/home/veeamadmin veeamadmin

Check veeamadmin

#id -a veeamadmin


Go to #User privilege specification, after root entry, key in

veeamadmin ALL=(ALL:ALL) ALL

Save the file

Assign password to veeamadmin

# passwd veeamadmin

Key in your password

To verify, type

su - veeamadmin

Wednesday, March 29, 2023

Veeam V12 - Backup and Recovery Oracle Using RMAN

 Prior to v12, deployment of oracle rman and configuration is a tedious and manual process. With v12, it is a game changer. You can now deploy the plug-in & configure the backup job centrally from Veeam Console. View the below video in action

Veeam V12 - HPE Storeonce Immutability with Veeam

 Let's view immutability enhancement on Veeam v12 and HPE Storeonce

Veeam V12 - Object Storage Enhancement

 Let's move on to the next Veeam V12 next enhancement. The video below exploring on object storage

Friday, March 24, 2023

Deploy Veeam Linux Hardened Repository in 10 Minutes

 Having a hard time deploying Linux Repository?

Well, you need to have Linux knowledge to do so. However, you can refer to the below guide to learn how to setup within less than 10 minutes.

Thursday, March 23, 2023

Veeam V12 - NAS Recovery Enhancement

We have performed NAS backup using Veeam V12, and it's time for us to look at NAS recovery. Click on the below video:

Monday, March 20, 2023

Enable Application Aware on Veeam Backup for AWS

 Before enabling application-aware processing backup on EC2 instance, follow below steps. 

Here are a few guidelines and steps for ensuring the VSS-enabled snapshots complete successfully.

  1. The Windows instance must have the SSM agent installed and running. For system requirements and installation instructions for the SSM agent, visit the AWS Systems Manager documentation, ... l-win.html
  2. The Windows instance must have an IAM instance profile attached that:
    * Allows Systems Manager to interact with the instance
    * Allows Systems Manager to create VSS-enabled snapshots
    For information on instance profiles and IAM policies required to create VSS-enabled snapshots, visit the AWS EC2 User Guide for Windows Instances, ... shots.html.
  3. Ensure the IAM instance profile has the "AmazonSSMManagedInstanceCore" role attached.
  4. Ensure the IAM instance profile has an IAM policy attached that allows VSS-enabled snapshots. See the following page for the JSON IAM policy for VSS-enabled snapshots, ... d-vss-role
  5. The Windows instance must have the AWS VSS Components package (AwsVssComponents) installed. Installation instructions for the AWS VSS Components are in the AWS EC2 User Guide for Windows Instances, ... ss-package

Here are the steps I followed to fix the issue on one Windows 2012r2 EC2 (affected OS version):

1. Uninstalled SSM Agent on EC2 (cleaned %ProgramData% caching);

2. Installed AWS Tools and SDK (msi setup containing Powershell extensions enabler);

3. Installed SSM agent;

4. Distributed AwsVssComponents package (here i think was now the point);

5. Run Command AWSEC2-CreateVssSnapshot and worked

Friday, March 17, 2023

Set Postgresql Limit on Veeam Database

When you make changes to hardware for Veeam Database or want to set limit, you are required to re-run this command.

Note: Require to restart postgresql services once execute the below command. If your VBR is using MFA-enabled, you need to turn it off first


a) VBR + Database on the same server



b) VBR Database on a different server/ remote server

Example: 16 cores, 30GB RAM

Set-VBRPSQLDatabaseServerLimits -OSType Windows -CPUCount 16 -RamGb 30

Set-VBRPSQLDatabaseServerLimits -OSType Linux -CPUCount 16 -RamGb 30

For more detail, please refer to

Wednesday, March 15, 2023

Veeam V12 NAS Backup Enhancement

 View the below video on the latest v12 enhancement on NAS Backup

Enabled MFA on Veeam Backup Console

In v12, Veeam dropped a new security feature. You can now enable MFA for additional security before using the Veeam console. To view it in action, please view below video

Monday, February 27, 2023

Error: Unable to connect to the server with MFA-enabled user account. Execution environment cannot be initialized to Remote

 Encountered this error message when using

  • VBR v12 - Veeam Backup & Replication
  • VRO v6 - Veeam Recovery Orchestrator

Error message:

"Unable to connect to the server with MFA-enabled user account. Execution environment cannot be initialized to Remote"

This happened when trying to add Microsoft Azure Recovery Location.

The problem is when using an account with MFA to connect from VRO to VBR v12.


1. Remove Orchestrator Agent that connects to VBR Server

2. Add a service account [without MFA] to VBR Server. Example: veeamlab\veeamsvc

3. Add the service account that you've used into VBR local administrator

4. Re-deploy the Orchestrator agent using the service account. Example: veeamlab\veeamsvc

Saturday, February 18, 2023

Upgrade Veeam V11 to V12

 Veam just launched v12 for their Veeam Backup & Replication.

We do encourage you to 

1. Backup Configuration Catalog

2. Clone the VBR Server & perform a test upgrade on the isolated environment first

3. Identify issues and problems of the upgrade before doing it on the production environment

4. Review the Upgrade checklist :- 

Don't rush to perform an upgrade to the production environment.

You may view on upgrade video on how the upgrade process looks like

Optional to migrate to Postgresql if you're running SQL Server. However, if you're using SQL Express, you may want to try to migrate the database.

Enjoy and Good luck with upgrading to Veeam V12. 

Stay tuned for daily releases on new enhancement V12 on my youtube channel

Friday, February 17, 2023

Veeam Services Unable to Start Due to Conflict

 After installation of veeam, you may encounter that services were not able to start.

The reason is probably in conflict with an existing application.

Example: 6161 is conflicting with other port

[To verify]

Open PowerShell and execute the command

Get-Process -Id (Get-NetTCPConnection -LocalPort 6161).OwningProcess


Open regedit, find the service port, and change it

Thursday, February 9, 2023

Backup and Recover Microsoft SQL Server Running on a Container

 I've set up a lab environment. Scenario is 

MS SQL Server deployed as a container 

Management tool on Windows VM

In this demo, I've shown on how to perform a backup and recover the MS SQL Server database running on a container.

Thursday, January 5, 2023

Increase Kasten Catalog Storage

You may notice that Kasten indicated less than 50% on catalog storage. Less than 50% storage will not allow you to perform further Kasten upgrades. 

The first thing that you need to do is add more storage on the worker node & expand it.

If the problem still persists, then you need to increase the default catalog pv size from 20Gi to 40Gi.

Before you do that, you need to check and make sure your storage class allows you to do so.


kubectl get storageclass <storageclass> -o jsonpath={'.allowVolumeExpansion'}
Note:- take note of the dot inside the { }
The result must be "true"

Next steap
Run a helm upgrade to increase global.persistence.catalog.size to your desired value (example below sets to 40GB):

helm get values k10 --output yaml --namespace=kasten-io > k10_val.yaml && \
   helm upgrade k10 kasten/k10 --namespace=kasten-io -f k10_val.yaml \
   --set global.persistence.catalog.size=40Gi

You storageclass pv has increased to 40Gi

Kasten side: