Cloud Computing – a legal minefield? #igaware #linuxsbs

Cloud computing involves handing over your data to a third party. This is called outsourcing and as with any outsourcing arrangement it comes with legal implications.

When outsourcing IT you no longer have control over your IT infrastructure and data, but you are still responsible for it. You have to check and understand your supplier contracts to ensure compliance with data protection and privacy laws, such as GDPR (General Data Protection Regulation).

Cloud providers are by and large US corporations. The laws that they have to comply with, regarding data and privacy, are based on US laws. You have to comply with EU/UK law.

Under US law, there is no right to privacy for your data in the cloud as it is deemed public. This is contrary to EU law where privacy is a human right. This means that having personal data in the Cloud may not be legal under GDPR.

US Cloud providers say they are committed to being GDPR compliant but being committed does not mean they are in fact compliant. And achieving and maintaining compliance is difficult as it is the US government that make the laws. The current US administration is focused on ‘America First’ so data privacy is seen as a barrier to tracking down terrorists and criminals.

Even where US companies have opened up EU data centres there are problems as the US government sees these as US subsidiaries.

Microsoft admitted as far back as 2011 that

‘We can hand over Office 365 data without your permission’

Unless US Cloud providers can protect the privacy of data in the UK and Europe in law, they are dead. And they are battling with their own government.

Even if you ignore the legalities of holding data in the cloud there are other issues too:

US cloud vendors provide non-negotiable contracts that they can re-write at anytime – you have no control or influence. Your data is in their hands wholly on their terms. Any legal dispute will mean a trip to the US for you to undertake legal action.

Data Ownership
Legally data doesn’t exist. You have no rights to your data. You surrender your data to cloud providers. If your data is lost you have no legal protection whatsoever. You must have a local physical backup at all times. Not an easy thing if you have gigabytes of data off-site somewhere.

If you fall foul of terms of use, or your payment fails, then you may find access to your data and email is blocked. Your data can be held to ransom.

Business Continuity
If you fall out with your Cloud provider how will you move away from them and keep your IT running?

Cloud providers can increase prices and services can be withdrawn as they deem fit. If you find yourself in a situation where things aren’t working out then how do you exit and keep your business going?

An on-premise server with your data and email under your control is a big step to keeping your data private.

Related Articles

The Safest Place for your Data and Email is On-site

Why We Can No Longer Trust Microsoft

Why GDPR Compliance is Difficult in the Cloud

GDPR: Killing cloud quickly?

Posted in Cloud, GDPR, Linux Small Business Server | Leave a comment

The safest place for your email and data is on-site #igaware #linuxsbs #GDPR

Your email and data are your crown jewels. If they are lost, stolen or corrupted there will likely be severe consequences for your operations and a hefty fine for breaching the General Data Protection Regulation (*GDPR).

The safest place for your email and data is under your control, on a dedicated security hardened server, protected by a PCI compliant firewall, managed by people you know and trust. This is the level of security Igaware offers.

The alternative is to outsource your IT and hand over your email and data to third party suppliers who, if they are US corporations, may not be GDPR compliant and therefore unable to legally supply you with IT services now and in the future.

Outsourcing has been a growing trend under the marketing banner of ‘Cloud Computing’ and has been heavily advertised by US corporations including Microsoft, Google, Rackspace and Amazon. These companies have used their marketing muscle to push cloud computing because it suits their business model, not because it is in customer interests. Microsoft has even gone as far as removing on-premise server options to force customers into the cloud.

The good news is that Igaware offers a wholly secure, robust and cost effective on-premise Linux Small Business Server. It includes a UTM firewall that ensures your data and email secured. And because Igaware is an on-premise server you know exactly where your data is and who has access to it. This means GDPR compliance is simplified and you can completely forget about the significant practical and legal issues faced by cloud users.

*GDPR comes into law in May 2018

Posted in Linux Small Business Server | Leave a comment

Cloud Warning #igaware #linuxsbs #GDPR

Any EU (including the UK) organisation using US cloud services (Microsoft 365, Google Apps, Amazon Web Services, Rackspace Hosting etc.) will have to find alternatives before GDPR kicks in next May.

The alternative is Igaware:

Posted in Uncategorized | Leave a comment

GDPR shock for Cloud users #igaware #linuxsbs #GDPR

In May 2018 new legislation comes into effect, across the EU & the UK, called the General Data Protection Regulation (GDPR).

In a nutshell, GDPR has been created to protect citizens from privacy and data breaches and applies to every organisation, regardless of size to ensure data is kept private.  Breaches of GDPR will result in fines of up to 4% of annual turnover.

Because US law is not compatible with EU law, US cloud companies cannot legally supply services to EU companies.

This means any organisation using US cloud services (Microsoft 365, Google Apps, Amazon Web Services, Rackspace Hosting) will have to find alternatives.

Stay tuned for more on this.

Posted in Cloud, Linux Small Business Server | Leave a comment

Igaware Version 13.3.1 released #Igaware #linuxsbs

New in Version 13.3.1 [ Jun 28 2017] ========================================

* New Features and Improvements *

  • Installed a new version of Sophos AV software
  • Updated the OpenSSL libraries
  • Modified the Rsync backup server config’ To allow multiple entries
  • Security hardened the Mail Server to only allow high strength ciphers
  • Web activity report search function has been re-written. Can now use | to separate multiple websites and * for a wildcard
  • New Anti-Spam rule added (IGA_RDNS_SPFERR). Triggers on both no RDNS and an SPF error

* Fixes *

  • Fixed a bug with the Desktop vacation message. It didn’t work properly for non ADS accounts
  • Added the secure flag for HTTP cookies ( for PCI compliance)
  • Completely re-written the hardware sensors health monitoring. Using IMPI and legacy sensors data. The CPU temps and FAN speed will now be as accurate as possible. Tailored for each unique hardware platform.
Posted in Linux Small Business Server, System Updates | Leave a comment

Cloud Computing – A Reality Check

Cloud Computing is where your data and applications are on a server that is in remote building and you access it over the Internet.

There are 2 cloud options:

Rented: Where you rent space and applications on someone else’s server.

Hosted: Where you have your own server hosted in someone else’s building.

Is it really practical?

If you don’t have an office, and all your staff work remotely then the fact is you have no-where to put a server.  You therefore have two options:

  • Buy a server and host it at someone else’s premises
  • Rent IT services running on some else’s server.

If you have an office, and most of your staff access your data from within the office it makes sense to hold your data locally for speed of access and security.

Pros of an On-Premise Server are:

  • Access to server by office staff even when broadband fails.
  • Fastest possible access speed to data and email
  • Data is secure. You know where your data is and you hold a physical backup.
  • If there’s an issue with your IT supplier; financial, contractual or whatever, your data is under your control.

Cons of an On-Premise Server:

  • Remote users can’t access data if office broadband fails.
  • Slow/congested broadband can make remote access to data slow.

Pros of the Cloud

  • Remote users can access data and email if office broadband fails.

Cons of a Rented Cloud

  • If broadband fails, office staff can’t access data.
  • Access speed is limited by local broadband connection.
  • Latency is an unavoidable issue accessing data over the Internet.
  • Internet usage is increased which can mean higher broadband costs or loss of service if ‘fair usage policy’ breached.
  • Users tend to store data on their local devices to negate latency and speed issues.
  • Increased cost of broadband to upgrade link to resolve slow connectivity (may not be available)
  • If hosted server fails you have no access to physical systems to resolve issues.
  • There is no option to backup locally and encrypt data.
  • Deleted files, emails cannot be easily retrieved from previous backups.
  • If service fails then downtime could be several hours as most cloud outages are serious.
  • Increasing costs as your data volume grows.
  • Migration is difficult and costly as all your email and data (hundreds of Gigabytes potentially) need to be transferred over the Internet. This normally take weeks and few organisations who are office based do this for this reason alone.
  • Your data isn’t held physically separate from other companies whose security policies could put your data at risk.

Pros and Cons of a hosted server are similar to the rented cloud only you can have the server hosted where you can get to it, you know where your data is and you can easily get a physical backup into your hands. It is also more secure as it isn’t on a hard disk shared with other companies.

The Cloud is rarely used for data because on-premise is more secure and makes data access and management easier.

Companies who have used exchange server for email, and are faced with high capital cost to upgrade email services on-site, often choose to use email in the cloud as this can be more cost effective for them. That said, managing exchange in the cloud has the same overhead to maintain security and administer as an on-premise server.

Support is another consideration. Cloud vendors provide support via a ticket system. You will no-longer be able to talk directly to someone who can immediately access you systems, diagnose and fix the issue.

What about Hybrid Cloud

To provide data access to remote staff if the office broadband fails, there is the option to synchronise data with a cloud storage provider. This is what’s known as a hybrid solution.

A hybrid solution would keep your data secure on your own local server giving fast access for local users, but also provide access to remote users to data if your Internet fails. Any changes on files remotely are synced back to the server. This is what’s known as a hybrid solution. This solution does provide access to data if office broadband is unreliable, but it isn’t as secure as holding data on-premise only.

Cloud providers frequently get hacked.


On-premise remains the most secure and practical solution for office based businesses, and using Igaware remains more cost effective than the cloud as all services and support are fully inclusive with no hidden extras.

Even with data moved off-site, if you still have a central office you will still require network security; firewalling, and web filtering, are included as part of the Igaware solution and these would still be required to protect your local network.

If remote connectivity is an issue then that is where attention should be focused. Users may not be setup correctly to access data. SSL VPN is a far more robust and secure method to access files rather than PPTP, which users may still be using. Or users can use webaccess to files on the server via https which is easily done by logging onto the Kopano Webapp or Deskapp.

If broadband is seems unreliable then get your network tested. Maybe there’s an issue with a network switch, a wireless access point, a router, or indeed the broadband itself. Maybe a second Internet connection should be considered so you can take advantage of the Igaware’s ability to failover to another connection if one fails. And with a second Internet connection, data load can be balanced across the two connections with one being reserved for remote users, and the other for local users.

Unless the cloud enables you to do something that you can’t do in your own office, then avoid it. It is unlikely to solve any issues, but is sure to give you lots of new ones.

Office 365 – Known Issues:

Almost three quarters (71.4 per cent) of corporate Office 365 users have at least one compromised account each month.

Igaware Cloud Options

 Where the cloud is the right solution .i.e. most staff work remotely, we can provide:

Hybrid Solution
Data can be synchronised to OwnCloud. Owncloud is compatible with Kopano  Groupware making files easily accessible via the web or deskapp, or via OwnCloud app on smart phones, tablets and desktop computers.

Your Igaware Server can be hosted in our secure data centre.

Posted in Cloud, Linux Small Business Server | Leave a comment

Don’t get held to ransom – keep your data safe and secure #igaware #utm

There are many threats to your business and personal data, and the first step to keeping important data safe and secure is to be aware of what the threats are and what steps you can take to protect your data. This blog article considers the main threats and how to protect against them.

Malware: This term is applied to software programs that have been designed to damage or do other unwanted actions on a computer system.There are different types of malware:

  • Viruses
    A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity from causing mildly annoying effects to damaging data or software.
  • Worms
    Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them. A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.
  • Trojan Horses
    A Trojan is another type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the Internet.
  • Spyware
    Spyware can gather data from a user’s system without the user knowing it. This can include anything from the Web pages a user visits to personal information, such as credit card numbers.
  • Ransomware
    Ransomware is an advanced type of malware that encrypts your data files until you pay a ransom fee.  This fee can be a few hundred pounds to several thousand.

How to protect against malware

  • Update your software
    Malware generally exploits weaknesses in the code of your computer’s operating system or that of programs running on your computer so it is VERY important that you ensure you have the latest software updates installed on all the computers used to access your data. This may of course include personal computers used by staff from home which is why staff should be made aware of their responsibilities in keeping your data safe.
  • Install a UTM (Universal Threat Management) on your network and Anti-Malware on your computers
    There are many holes and vulnerabilities in software that remain unplugged, so preventing them reaching computers and devices on your network using a UTM is VERY important.  A UTM is a ‘supercharged’ firewall that not only protects against unauthorised access to your network from the Internet, but also filters out malware from emails and prevents malware being downloaded from the Internet.A UTM will also allow you to prevent staff from downloading executable files and installing them. Executable files can do literally anything on a computer, so having control on what people download and install is VERY important.

Phishing Emails
Phishing emails encourage you to visit the bogus websites. They usually come with an important-sounding excuse for you to act on the email, such as telling you your bank details have been compromised, or claim they’re from a business or agency and you’re entitled to a refund, rebate, reward or discount.

The email tells you to follow a link to enter crucial information such as login details, personal information, bank account details or anything else that can be used to defraud you.

Alternatively, the phishing email may try to encourage you to download an attachment. The email claims it’s something useful, such as a coupon to be used for a discount, a form to fill in to claim a tax rebate, or a piece of software to add security to your phone or computer. In reality, it’s a virus that infects your phone or computer with malware, which is designed to steal any personal or banking details you’ve saved or hold your device to ransom to get you to pay a fee.


  • USB Scam
    This is a simple and effective scam whereby a USB drive is dropped in an office car park and when someone finds it they connect it to their computer to see what’s on it. kaboom – they infect their company network. It’s a good idea to disable USB ports on PCs.
  • IT Support
    Someone phones you saying they are from IT support and they need to make an update to your computer. They ask for your Teamviewer user name and password and then access your data and email, maybe emptying the company bank account while they’re on. Staff should never be told what teamviewer credentials are and certainly shouldn’t give them to anyone who phones up.

Password Hacks
One of the easiest ways to have your systems compromised is to use a weak password. A typical weak password would be a name with the first letter as a capital followed by a number. These types of passwords can be cracked in seconds (using software).

Hackers have successfully obtained databases of millions of passwords that people have used by hacking corporate servers, be they Sony, Linked-in, Tesco Bank….Dropbox lost 68 million passwords! By using these known passwords, chances are they’ll crack yours unless you have got a VERY strong password.

A STRONG password:

  • Has 12 Characters, Minimum: You need to choose a password that’s long enough. There’s no minimum password length everyone agrees on, but you should generally go for passwords that are a minimum of 12 to 14 characters in length. A longer password would be even better.
  • Includes Numbers, Symbols, Capital Letters, and Lower-Case Letters: Use a mix of different types of characters to make the password harder to crack.
  • Isn’t a Dictionary Word or Combination of Dictionary Words: Stay away from obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they’re obvious, is also bad. For example, “house” is a terrible password. “Red house” is also very bad.
  • Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. That’s just obvious.

And if one of your accounts somewhere gets hacked, ensure you change the password wherever it is used elsewhere. Obviously you should use different passwords for all your accounts (I bet you don’t, and so do the hackers).

System Hacks

Remote systems that have been compromised by malware can access your systems through open ports (doors) to get to your computers. You may need some of these ports open, such as port 25 to receive email but others perhaps should not be open. Every port left open is an opportunity for your systems to be penetrated. Ensure you have a good quality firewall, that you have it continuously updated and get it tested on a regular basis.

You should also close outgoing ports that computers on your network can use. If a laptop comes into your office that has been infected with malware, you don’t want it sending out thousands of spam emails through your office broadband connection. If this happens you will likely be blacklisted by email servers around the globe and prevented from sending email for quite sometime. Closing outgoing email ports will prevent this. Firewalls should control not only what comes in, but also what goes out.

What else should I do?

Backup your data
As well as the horrors lurking on the Internet there are some fairly simple risks closer to home such as theft, physical system failure or maybe a fire. Ensure you have your data backed up, ideally to an external hard drive that can be taken off-site.

You may also wish to consider an offsite backup solution providing your data is going somewhere VERY secure. And if your data is in the cloud, make sure you have a local copy of your data just in case you fall out with your cloud provider, or their systems get compromised.

Encrypt your data
If your are working on MOD contracts you may need to ensure your data is held on an encrypted file server, and backups of that data are encrypted.

Use secure software
Microsoft software is the main target for malware and hackers. And what compounds the security vulnerabilities in Microsoft is their approach to security – Security Through Obscurity.

Security Through Obscurity is the idea that by hiding your software code no-one can find holes in it. It’s akin to burying your money under a tree. The only thing that makes it safe is no one knows it’s there. Real security is putting it behind a lock or combination, say in a safe. You can put the safe on the street corner because what makes it secure is that no one can get inside it but you. Open source software such as Linux uses the principle that the code is visible to all making it easier to identify and plug security vulnerabilities faster.

Where possible avoid using Microsoft web browsers and email programs such as Outlook. It may mean you need to learn to use a different email client but security should be your priority.

This is especially pertinent following the actions of the NSA in the USA. The NSA documented vulnerabilities in Microsoft software through which they could access systems for the purposes of surveillance.  Unfortunately the vulnerabilities are now known to the hacking community following the leak of over 8000 documents via Wikileaks ( The recent Wannacry Ransomware used exploits leaked from the NSA.

Take care using Out of Office
If you use out of office, just let people know that you are unavailable and give them an alternative contact. Try and avoid telling potential thieves you are on holiday for the next two weeks! Be aware that information in your message could be used to scam third parties….’As you know Bob, Jane is away in Greece for the next couple of weeks and she has asked me to update your computer. Can I have your teamviewer password?’

The rule of thumb is: if you wouldn’t tell a room full of strangers don’t put it in your out-office-reply.

Finally, don’t lose you shirt in the Cloud
Cloud computing is the buzz word that major vendors pushing. Vendors want you to give them your data and email to look after, with the promise of it being cheaper. The problem is that it isn’t reliable or  secure. When things go wrong your data is where exactly, and with whom?

Local computers and servers may crash but when that happens all your confidential information isn’t going to Eastern Europe to be used by criminals. You know the headline “SIXTY EIGHT MILLION user accounts stolen!”

Unless the cloud enables you to do something that you can’t do in your own office, then consider avoiding it.

Almost three quarters (71.4 per cent) of corporate Office 365 users have at least one compromised account each month. These can be very costly

Posted in Email Filtering, Internet Security, Uncategorized, UTM, Web Filtering | Leave a comment

Should we be worried about WCRY/WannaCry Ransomware? #WanaCry #ransomware

To date, no Igaware customers have been victims of any ransomeware, including the latest WCRY outbreak.

To ensure you are protected, make sure that Windows machines have the relevant Microsoft patch – MS17-010 (SMB RCE). This was release in March 2017. See

This will stop the ability to install the backdoor on the windows machine that can then be exploited.

It’s thought that the backdoor is distributed via a phishing email. You will be protected by Igaware Email Filtering if you are using Igaware as your email server.

Any versions of windows XP should have file sharing disabled / or disconnected from the network as there is no patch currently available.

Posted in Uncategorized | Leave a comment

Kopano Deskapp #Kopano #linuxsbs #Igaware

The Kopano Deskapp replaces the need for MS Outlook while delivering enhanced communications options including file sharing and video conferencing.

The Kopano Deskapp has the same familiar interface as Outlook so it’s a painless transition, and more painless when you factor in that the Kopano Deskapp is more responsive, secure and free!


To get started with the Kopano Deskapp you’ll need;

  • Igaware user name and password
  • Server address e.g.

Once you have these details to hand you are ready to download the Deskapp which is available in 3 flavours;

  1. Windows 32 bit
  2. Windows 64 bit
  3. Mac OS

Download from here:

If you’re not sure if your Windows OS is 32 or 64 bit then this article should help:

When you launch the DeskApp it will ask you to enter a profile name. This can be what ever you want e.g. Work, Bob.etc. Next enter you email address and your user name and password. For the Webapp address enter https://serveraddress/webapp/  *note* don’t miss off the ending / . And ensure ‘serveraddress’ is your server address e.g.

If you are unsure if your user credentials used to login to your computer are the same as your Igaware user name and password then don’t tick ‘use system credentials’.

Check ‘Set as default profile’ and then save and login.

That’s it. You should be up and running.

Posted in Kopano, Linux Small Business Server, Outlook | Leave a comment

Igaware Version 13.2.11-1 released #Igaware #linuxsbs

New in Version 13.2.11-1  [ Mar 31 2017]

* New Features and Improvements *

  • Updated the cryptography libraries ( openssl) to the lastest version for security reasons.
  • Updated the Zarafa supporting libraries. This provides speed improvements.
  • Added HTTP v2 support to the Apache web server. This provides bandwidth reduction and speed improvements.
  • Improved the speed of the Apache web server. Moved the scoreboard file to shared memory.
  • Added HTTP v2 support to the Apache web server.
  • Updated Nmap to version 7.40. Nmap is a utility for network exploration and security auditing.
  • The FTP server now has a built-in ls command. This allows directory listings for Shares.
  • Updated the XML library (libxml2) to version 2.9.
  • Updated NTFS related programs to the latest version. Mainly used for NTFS filesystem backups.
  • Added the option – “Force use of high security SSL ciphers”  – for the Zarafa (POP/ IMAP) gateway.
  • Disabled the “ADS Realm” field if the Igaware server is already provisioned as an Active Directory server.

* Fixes *

  • Squashed a bug with the new version of Zarafa. When sending to a mal-formed email address the bounce message would contain foreign characters for the failed recipient.
  • SSL VPN. Fixed a typo in the config file.
  • Added a one-off call to z-push-admin -a fixstate. This is to fix and/or upgrade the z-push ( active-sync) profiles.
  • Allow selected boxes to use an older version of PHP. This is until Horde is upgraded.
  • Failed local email delivery will now be queued instead of being delivered to the users default mail folder.
  • Set backend for z-push to BackendZarafa if Kopano is not being used.
  • Fixed the firewall init’ script for the fail2ban server.
  • Fixed a bug with the Health status for the PPPOE network watchdog.
  • Squashed a bug with the certificate renewal.

New in Version 13.2.10-3  [ Mar 22 2017]

* New Features and Improvements *

  • Fixed z-push ( active-sync) state data for 13.2.10-3
  • Several features and fixes addedd for 13.2.10-2
  • Updated the Linux kernel to version 4.4.36-64.
  • Installed fail2ban to block remote access from persistent “script kiddies”.
  • Updated the Zarafa system to the latest version of 7.2.5. This fixes a memory leak that slowed the server down over several weeks.
  • Re-compiled Zarafa 7.2 with new Gsoap, tcmalloc and vmime libraries. This removes a memory leak.
  • Major update for PHP software to v5.5 from v5.3
  • Added “Don’t allow insecure plain-text login for POP or IMAP” option for Zarafa IMAP/ POP.
  • Added a “RELAY:” option to the “SMTP Relay” page for the user entered domain list. The “Relay” host will be able to relay through the mail server. This will never normally be required.
  • Updated the tcpdump program ( network packet tracing) to the latest version.
  • Updated the libpcap network libraries.
  • Added a charset alias for glibc iconv. /usr/lib/gconv/gconv-modules – added “alias   KS_C_5601-1987//EUC-KR//”. This is to handle Korean character sets in MIME Email.
  • Removed the libiconv libraries. Was causing confusion and is not required – support is in glibc.
  • Recompiled all binaries relying on the old libiconv libraries – rsync, clamav, lm_sensors, Zarafa.
  • Updated the hard disk untility program – hdparm – to the latest version.
  • Re-compiled gperf-tools ( tcmalloc) to create new .la ( libtool linker) files. To reference new compiler libstd++ file location
  • Added a “within subnet” sanity check to the WAN gateway address.
  • Updated the “checkin” web page with the real hardware product data, up-time and RAM information.
  • Updated the hardware sensors ( for temperature and fan speed). Installed IPMITOOLS for sensors.
  • Updated Zarafa Search with a new configuration  file.
  • Modified “default email domain” in Email=> General to include forwarded domains.
  • Installed new self-signed SSL certificates for sendmail . You should use the letsencrypt certificates, if possible.
  • Updated the FTP server software.
  • Updated the IMAP/POP email server software.
  • Updated the Fing network scanning software to v3.0
  • Update the Z-Push active-sync software to v2.3
  • Updated the cifs-utils software used to mount remote SMB shares for backup.( mount.cifs)
  • The incoming SMTP mail server now also listens on port 587.
  • Updated the Nmap network scaning software to v7.
  • Updated System_Daemon php scripts
  • Changed default dhcp lease time to 3 days from 1 month
  • Updated  the DHCP server software to the latest version.
  • Removed root user access for FTP server.

* Fixes *

  • Fixed ifup-aliases. Now ignores the main WAN ip and does not duplicate it.
  • Fixed Zarafa for Korean charset display problem.
  • Patched the GSOAP libraries with Zarafa patches ( memory leak) . Compiled as shared libraries. Looks like previously it was static.
  • Fixed some console system status health scripts. Now stores time of last fail. Reboot status now shows all reboots in history.
  • Brain-dead Zarafa servers issue a kill(0,) which sends a kill to all process group members. Kills init.d script and affects console_health. Added trap ” SIGTERM to init.d script for Zarafa.
  • Removed the loading of SIP VOIP helper modules on all machines. (rmmod sip helper modules in rsyncittemp)
  • Fixed the email alias user list for file share access. For ADS users use the sAMAccountName as the key for write-read access list.
  • Changed the sendmail MTA CA certificate bundle to ca-bundle ( STARTLS can now verify incoming SSL connections)
  • NOTE: ASMedia Technology Inc. ASM1083/1085 PCIe to PCI Bridge  causes lost interrupt and poll mode for bad performance !!!
  • Make sure that the Realtek r8168 driver is installed if the card is a 8168 chipset. The Linux default r8169 will not work at gigabit speeds !!
  • DHCP server config – don’t allow “/” in machine names.
  • Fixed display issues with “Lan Devices” pages. Did not remember interfaces option and defaulted back to LAN if LAN2 was selected.
  • Enabled LOOSE_PROVISIONING for Z-push ( active-sync). Android update requires it.
  • Permissions and owner of mail spool file are now checked and set for users.
  • Fixed a problem with Zarafa Out of Office.
Posted in Linux Small Business Server, System Updates | Leave a comment