SELKS | Suricata | update the rulesets

You can use the web interface to do that, but i had some issues soing so. It’s better (and much faster) to run this: /bin/su -s /bin/bash -c ‘cd /usr/share/python/scirius/ && . bin/activate && python bin/manage.py updatesuricata && deactivate’ www-data You can check your success by inspecting /etc/suricata/rules/scrirus.rules To check the plausibility/validity of your rules […]

Windows 10 | Unpin/Remove/Delete Programs from Taskbar via GPO/powershell

At first approve applications name: ((New-Object -Com Shell.Application).NameSpace(‘shell:::{4234d49b-0245-4df3-b780-3893943456e1}’).Items()) Then get your languages localized Unpin-String, simply rightclick on that item in yout taskbar and get the unpin string. For English it’s ‘Unpin from taskbar’, for German it’s ‘Von Taskleiste lösen’ ARRRGGGG! # THE EDGY EDGE $appname = “Microsoft Edge” ((New-Object -Com Shell.Application).NameSpace(‘shell:::{4234d49b-0245-4df3-b780-3893943456e1}’).Items() | ?{$_.Name -eq $appname}).Verbs() […]

THUNDERBIRD | GPO or Registry | Certificate handling

Basics: https://bytesandbones.wordpress.com/2019/09/30/thunderbird-gpo-admx   Via Registry: HKCU\Software\Policies\Mozilla\Thunderbird\Certificates\Install\1 = “mycert.der” or Software\Policies\Mozilla\Thunderbird\Certificates\Install\2 = “\\MYHOST\Users\username\mycert.pem” or Software\Policies\Mozilla\Thunderbird\Certificates\Install\3 = “C:\CERTS\mycert.pem” as REG_EXPAND_SZ. If you define only a file name without a path Thunderbird searches %USERPROFILE%\AppData\Local\Thunderbird\Certificates%USERPROFILE%\AppData\Roaming\Thunderbird\Certificates for your files. Via GPO: Use the user branch. Define full path file location or file names only. If you specify only a file […]