Monthly archives: April, 2017

Skapa SpamAssassin-signaturer för blockering av ransomeware-kampanjen Torrentlocker/Crypt0l0cker

Just nu pågår en ransomware-kampanj som försöker infektera privatpersoner och företag genom bluff-mail (spam). Myndigheten för samhällsskydd och beredskap har gått ut med signaturer som kan användas för att identifiera och blockera kampanjen på följande länk: Signaturer för pågående ransomware-kampanj. Signaturerna innehåller tre länkar till ZIP-filer som ligger hos Dropbox, men även ämnesraden för bluff-mailen:…



NetScaler user authentication to backend with cookies

A system one of my co-workers are load balancing and configuring AAA/SSO uses cookies for authentication. The username is inserted using a cookie, for example “username=simon”. It’s very easy to first of all identify this cookie and modify it to another value, which makes it insecure. The idea we got was to stop exposing the cookie…



Windows Login prompt with Single Sign-On XenApp

Lately some customers reported they didn’t get Single Sign-On all the way into the desktop when logging in via the browser to StoreFront. Single Sign-On worked partly with automatic login to the StoreFront desktop/application view, but whenever they tried to start a new session the users faced a Windows login prompt. Citrix have released a…



Convert SCCM schedule to readable format

Reading SCCM Maintenance Windows is not an easy thing to do from WMI as they are stored as 16 char hex values To get the schedule hex values simply run the below line, but the result might not be easy to understand

A server might return the following values.

Now, how do we read…



NetScaler SD-WAN WANOP – Hur initieras en optimerad TCP-session?

NetScaler SD-WAN WANOP Edition försöker optimera all trafik som passerar enhetens interface men det är TCP sessionens Handshake som avgör om en den ska optimeras eller ej. Sessioner som bedöms som icke-otimerbara passerar enhetens interface utan påverkan men sessioner som istället bedöms som optimerabara kommer att dra nytta av den nätverksoptimering som SD-WAN WANOP erbjuder….



Citrix PVS: UEFI Boot of Targets

If you wish to perform UEFI boot of Targets that are provisioned using Citrix PVS, below are the settings (mainly DHCP) that you need to apply. Majority of the info below was taken from this Citrix PowerPoint presentation. If using Boot Device Management file (BDM): With BDM, DHCP options are not needed since everything is…



Filtering list in NetScaler and converting to XML using Policy Extension – v2

As I’ve stated, my knowledge of Lua and development is very limited. My good friend Ulrik pointed out to me that the code I was using (in my previous blog post) wasn’t optimized and helped me get it both faster and easier to understand. It’s actually works better and is about 21 times faster (the…



Filtering list in NetScaler and converting to XML using Policy Extension

UPDATE: Updated the Lua-code, which seems to work better and is about 21 times faster. Big thanks to Ulrik! You can find the updated code here. There was a question on the Citrix discussion forums where an administrator wants to output the groups a user is member of in a SAML Assertion, but with the caveat…