Hello everyone,
I want to share the tests performed on Beta 12.1.0.1944. From the installation of the PostgreSQL Database to VBR12.1, with a focus on the new Security & Compliance features introduced in this release. This version is particularly interesting for the introduction of new features dedicated to the security of the backup infrastructure and the related data protection.
Planning and Preparation - User Guide for VMware vSphere (veeam.com)
Prepare the virtual machine with requirements according to the needs of your infrastructure.
- Vmware Side:
NEVER use a vmdk disk as a backup repository in production.
Add new Disk ( vmdk for only test) for dedicate d repository NVMe Controller.
- Format disk REFS 64k
- Check System requirements
System Requirements - User Guide for VMware vSphere (veeam.com)
- Install from your template golden Image Windows
- Install Vmware Tools & Windows CU last version
Install & configure PostgreSQL
- Download last version PostgreSQL 15.4 setup Community DL Page (enterprisedb.com)
- Check this link if you need switch from MSQL Express to PostgreSQL
Switch from SQL Server to PostgreSQL for Veeam
- In my case the first installation of PostgresQL 15.4 failed with this error launching executable with Runa As Administrator
TIP: Istall PostgraSQL only in NTFS filesystem
- The PostgreSQL setup does not successfully complete the Database installation I encountered a bug, I will highlight later how to fix it.
During installation this error is proposed:
- The database was not created
- Uninstall PostgeSQL 15
Press OK
After uninstall completed reboot server
- Workaround install PostgreSQL 15.4
net user /add postgres m+HYy:Lt6=2rXh
net localgroup administrators postgres /add
net localgroup "power users" postgres /add
runas /user:postgres cmd.exePost installation remove usre from Local Administrator
- Run the install file from within the command window.
- Run the installation file from the CMD Run AS postgres user
- Create New Folder il C:\PostgreSQL
The default Installation path in “C:\program Files” the wizard set up lack of permission in the installation process
Add the group and user in the folder security
- Relaunch the PostgreSQL installation from the DOS window with Run As Postgre user launched earlier and recompile wizard.
- Post Install
Remove postgres user for Local Administrator
- Verify the Installation PostgreSQL
- Check DB connection
- Server Enter
- Database Enter
- Port Enter
- Create a PostgreSQL account preparatory to vbr server installation.
Account PostgreSQL
vbr
m+s_41peW2!*=2rXh!
Install VBR 12.1.1944
- Check creration Veeam DB
Install EM
- Launch VBR console & check new VEEAM AI (i love It)
Through the new "Veeam AI" feature it is possible to query the chatbot to obtain information regarding the assessment and other information relating to the safety and configuration of the product
- Malware Detection
@Rick Vanover @Mildur after inserting the extension files and saving, I reopened extension monitor but it returns this error
- A list of suspicious or trusted file extensions can be additions
exe file icon exe Program executable
dll file icon dll Dynamic Link Library
lnk Windows Shortcut
swf file icon swf ShockWave Flash, Animated vector format for the Internet
sys System file
jar file icon jar Compressed archive file package for Java classes and data
scr file icon scr MS Windows screensaver
gzquar BitDefender quarantined data file
js file icon js JavaScript source code script
com file icon com Command executable
zix file icon zix WinZix compressed archive
bat file icon bat Batch file (executable)
ocx file icon ocx ActiveX Control
vbs file icon vbs Visual Basic script
bin Binary executable
class file icon class Java bytecode class
ws file icon ws Microsoft Windows script
drv file icon drv Microsoft Windows device driver
ozd Win32.TrojanDownloader.Agent.OZD trojan
shs file icon shs Microsoft Windows Shell Scrap Object
wmf file icon wmf Windows Metafile Format
aru Autorun.aru malicious data
dev file icon dev Windows device driver
chm file icon chm Microsoft compiled HTML help module
pgm file icon pgm Portable graymap file format
xnxx Spyware file
pif file icon pif Microsoft Windows program information
vxd file icon vxd Microsoft Windows virtual device driver
dxz Trojan backdoor virus data
xlm file icon xlm Microsoft Excel macro
tps Scam torrent file
vbe file icon vbe Visual Basic encoded script
scr Script
pcx file icon pcx Paintbrush bitmap image
sop Malware word.sop data
vba file icon vba Visual Basic VBA module
0_full_0_tgod_signed CrossFire_OBV4.8.3.0_Full_0_tgod_signed.exe
boo Microsoft Booasm.arc encoded file archive
386 file icon 386 Windows virtual device driver
hlp file icon hlp Help file
vb file icon vb Microsoft Visual Studio Visual Basic script
tsa jnana.tsa malware
bkd Book Library Local Dos exploit data
exe1 Renamed executable
vbx file icon vbx Microsoft Visual Basic Extension
exe_renamed Renamed EXE file
lik Trojan.Win32.Agent.lik data
.9 YoutubeAdBlocke data
rhk Backdoor.Win32.Rbot.rhk data
xir BackDoor.Generic9.XIR trojan data
osa W32/Sober-AD data
cih Chernobyl virus data
dyz Backdoor.Win32.ProRat.dyz trojan file
mjz Trojan.Win32.Agent.mjz data
hlw win32/AMalum.EDHZ data
bxz itaup.bxz malware data
cla file icon cla Java class data
dlb Troj/Dloadr-AHT data
wsc file icon wsc Microsoft Windows scripting component
mjg Trojan data
dom DomPlayer malicious data
spam Spam e-mail message
cxq SillyDl.CXQ downloading trojan data
s7p SubSeven malware
mfu Backdoor.Win32.Agent.mfu data
dyv WORM_AUTORUN.DYV worm data
kcd rshiphop.kcd malware
wsh file icon wsh Microsoft Windows Scripting Host data
bup McAfee quarantined data
rsc_tmp Temporary data
mcq McAfee quarantined data
upa Fake download
dli Win32.Sober.AD@mm file
txs Beast Trojan data
bhx BinHex compressed file ASCII archive
fnr Trojan-Dropper.Win32.Flystud.lc. data
xlv file icon xlv Microsoft Excel VBA module
xdu Backdoor.Win32.PcClient.xdu data
wlpginstall Possible Malware data
ska Happy99 virus data
dllx Backdoor.Bot data
vexe Infected executable
tti Beast Trojan data
cfxxe Possibly Malware file
smtmp Trojan:Win32/FakeSysdef folder
xtbl deshifrovka01@gmail.com data
fag Win32.AutoRun.fag
qrn Quarantine data
ceo Winewar worm data
oar HSQLDB database
uzy Backdoor.Sokacaps data
dbd DemoShield project
tko Win32/Oficla malware data
bll VBS/European-A worm file
plc Lotus add-in functions macros applications
smm Ami Pro macro
ssy W32/Sober-AD file
zvz Malware data
blf Beast Trojan data
cc Trojan Spymaster.A text document
ce0 Winewar worm data
iws Trojan-Downloader.JS.Agent data
lkh Worm.Generic.LKH virus data
nls Troj/Agent-GIS data
crypt1 UltraCrypter ransomware encrypted file
hsq Qaz Trojan data
vzr Sinowal.vzr malware data
ctbl Malware encrypted data
ezt Worm.Win32.AutoRun.ezt data
atm file icon atm Troj/ProAgent-A data
aut Malware AutoStartup data
hts Troj/DelSpy-E data
rna Malware data
let Nuke Randomic Life Generator data
aepl Trojan data
fuj Worm.Win32.AutoRun.fuj virus data
buk Malicious data
capxml Capella XML document
delf Malicious or virus data
fjl Rootkit.Win32.Agent.fjl virus data
bmw W32/Liji-A virus data
bps AdwareBlaster data
cyw Rbot.CYW worm data
iva Dementia.4207 virus data
pid W32/Yayin-A worm data
lpaq5 LPAQ5 compressed archive
dx Win32/Alureon data
qit Backdoor.QIT trojan horse data
xnt W32/Sober-AD data
lok W32/Rbot-WE log file
bqf Backdoor.Win32.Ciadoor.bqf trojan
pr W32/Brontok-DP worm file
bxz Balabolka text document (compressed)Microsoft Word
winword.exe
rtf
doc
dot
docm
docx
dotx
dotm
docbWordPad
wordpad.exe
docx
rtfMicrosoft Excel
excel.exe
xls
xlt
xlm
xlsx
xlsm
xltx
xltm
xlsb
xla
xlam
xll
xlw
Microsoft PowerPoint
powerpnt.exe
ppt
pot
pps
pptx
pptm
potx
potm
ppam
ppsx
ppsm
sldx
sldmAdobe Acrobat
acrord32.exeFoxit PDF Reader
FoxitReader.exeSTDU Viewer
STDUViewerApp.exeMicrosoft Edge
MicrosoftEdge.exeGoogle Chrome
chrome.exeMozilla Firefox
firefox.exeYandex Browser
browser.exeTor Browser
tor.exeSciprts
BAT – A batch file. Contains a list of commands that will be run on your computer if you open it. Originally used by MS-DOS.
CMD – A batch file. Similar to .BAT, but this file extension was introduced in Windows NT.
VB, .VBS – A VBScript file. Will execute its included VBScript code if you run it.
VBE – An encrypted VBScript file. Similar to a VBScript file, but it’s not easy to tell what the file will actually do if you run it.
JS – A JavaScript file. .JS files are normally used by webpages and are safe if run in Web browsers. However, Windows will run .JS files outside the browser with no sandboxing.
JSE – An encrypted JavaScript file.
WS, .WSF – A Windows Script file.
WSC, .WSH – Windows Script Component and Windows Script Host control files. Used along with with Windows Script files.
PS1, .PS1XML, .PS2, .PS2XML, .PSC1, .PSC2 – A Windows PowerShell script. Runs PowerShell commands in the order specified in the file.
MSH, .MSH1, .MSH2, .MSHXML, .MSH1XML, .MSH2XML – A Monad script file. Monad was later renamed PowerShell.
enjoy
;)
Check Security & Compliance
[GUIDE] VBR 12. 1 How to pass all Security & Compliance Part 01 | Veeam Community Resource Hub
[GUIDE] VBR 12. 1 How to pass all Security & Compliance Part 02 | Veeam Community Resource Hub
Check Set Hardening script & Report.
Edit: 10/12/2023
I attach xml file to import suspicious files & trusted files
Import-Malware-Sospicious-file-extension-And-Trusted-files.xml
