Advanced Registry Tracer
http://www.elcomsoft.com/art.html
Stores registry to database to allow for changes and review.
Seems interesting.
Friday, December 12, 2008
Wednesday, November 19, 2008
pop3 and MS Exchange 2007
Looked here to see how to test via telnet
file:///c:/leddymj/research/exchange2007/testing-pop3-access-using-telnet.html
Got error
"Command is not valid in this state" after supplying credentials.
found answer here:
http://msexchangetips.blogspot.com/2007/11/exchange-2007-pop3-err-command-is-not.html
need to use exchange shell command
Set-PopSettings -LoginType PlainTextLogin
then restart the service.
I used
Get-PopSettings -LoginType PlainTextLogin | fl > before.txt
and
Get-PopSettings -LoginType PlainTextLogin | fl > after.txt
file:///c:/leddymj/research/exchange2007/testing-pop3-access-using-telnet.html
Got error
"Command is not valid in this state" after supplying credentials.
found answer here:
http://msexchangetips.blogspot.com/2007/11/exchange-2007-pop3-err-command-is-not.html
need to use exchange shell command
Set-PopSettings -LoginType PlainTextLogin
then restart the service.
I used
Get-PopSettings -LoginType PlainTextLogin | fl > before.txt
and
Get-PopSettings -LoginType PlainTextLogin | fl > after.txt
when did a Active Directory User Last Logon
first let me say I think Novel Netware user login, I think Windows users Logon.
With several DCs it used to be a bear to get the real last logon, as you would have to check the lastlogon timestamp on each DC, with Windows 2003 Native mode this has been changed.
Details:
lastLogon – old style not replicated to other DCs
lastLogonTimestamp – replicated for each user if the user’s lastlogonTimestamp is older then 14 days ( This is the one to go by for the report. )
http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx
http://addicted-to-it.blogspot.com/2008/09/ad-how-to-determine-last-logon-time-of.html
I included a hist01.txt which has the command line used to generate the report. The adfind tool is a command line utility, already on corpadmints1.
Also found at http://www.joeware.net/freetools/tools/adfind/.
adfind -b "base dn"
-f filter - all user objects except disabled accounts
-csv csv export
-tdc time date change - changed ldap time date into readable format
then attributes DisplayName samaccountname lastLogon lastLogonTimestamp
With several DCs it used to be a bear to get the real last logon, as you would have to check the lastlogon timestamp on each DC, with Windows 2003 Native mode this has been changed.
Details:
lastLogon – old style not replicated to other DCs
lastLogonTimestamp – replicated for each user if the user’s lastlogonTimestamp is older then 14 days ( This is the one to go by for the report. )
http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx
http://addicted-to-it.blogspot.com/2008/09/ad-how-to-determine-last-logon-time-of.html
I included a hist01.txt which has the command line used to generate the report. The adfind tool is a command line utility, already on corpadmints1.
Also found at http://www.joeware.net/freetools/tools/adfind/.
adfind -b "base dn"
-f filter - all user objects except disabled accounts
-csv csv export
-tdc time date change - changed ldap time date into readable format
then attributes DisplayName samaccountname lastLogon lastLogonTimestamp
Thursday, November 13, 2008
Godo site with Lots of AD info and vbscript examples
good site they have vbscript examples and more
http://www.computerperformance.co.uk/vbscript/
they have great pages on using ldifde and csvde
http://www.computerperformance.co.uk/vbscript/
they have great pages on using ldifde and csvde
Sunday, September 21, 2008
hid security app
ossec is a host based intrusion detection. The sever only runs on unix, there is a windows agent.
Free helpdesk apps
rt and otis. Otis looks great, what can I say it seems like all you would want. A customer interface, ldap , email built in.
http://otrs.org/index/
http://otrs.org/index/
Thursday, August 14, 2008
Multi-Value attributes and Exchange 2007
Some notes, I am putting up . After search I some one guy delete with a lines and another one say you had to loop through everything.
To set a multi-value attribute with the Exchange Management Shell
Set-ContentFilterConfig -BypassedSenderDomains "faker1.com","faker2.com"
Get-ContentFilterConfig
You will see both "faker1.com" and "faker2.com" listed.
*************************************************
to remove one item at a time:
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains -="faker2.com"
$foo | Set-ContentFilterConfig
*********************************************************
To clear the entries:
Set-ContentFilterConfig -BypassedSenderDomains $Null
Get-ContentFilterConfig
**************************************************
You can also add an value
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains +="faker4.com"
$foo | Set-ContentFilterConfig
To set a multi-value attribute with the Exchange Management Shell
Set-ContentFilterConfig -BypassedSenderDomains "faker1.com","faker2.com"
Get-ContentFilterConfig
You will see both "faker1.com" and "faker2.com" listed.
*************************************************
to remove one item at a time:
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains -="faker2.com"
$foo | Set-ContentFilterConfig
*********************************************************
To clear the entries:
Set-ContentFilterConfig -BypassedSenderDomains $Null
Get-ContentFilterConfig
**************************************************
You can also add an value
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains +="faker4.com"
$foo | Set-ContentFilterConfig
Wednesday, August 13, 2008
Active Directory Last Logon
Good info and scripts on Last Logon time, seems like the Windows 2003 DC replicate some info if the logon date is less then 14 days old.
http://www.rlmueller.net/Last%20Logon.htm
http://www.rlmueller.net/Last%20Logon.htm
Tuesday, August 05, 2008
Perl Encode Decode strings
So I a file SetACL dump that I was trying to parse with Perl, found that the file encoding was UCS2-Little Endian. I was reading the file into perl and wanted to standardize the formatted output I would generate.
$line = decode('UCS-2LE',$oldline);
#answers found here
#http://perldoc.perl.org/Encode.html
#and
#http://coderepos.org/share/browser/lang/perl/Encode/trunk/t/Unicode.t
#also saw possible answers here
#perl -MEncode -le "print for Encode->encodings(':all')"
$line = decode('UCS-2LE',$oldline);
#answers found here
#http://perldoc.perl.org/Encode.html
#and
#http://coderepos.org/share/browser/lang/perl/Encode/trunk/t/Unicode.t
#also saw possible answers here
#perl -MEncode -le "print for Encode->encodings(':all')"
Thursday, July 31, 2008
cacls and subinacl
I am trying to work with cacls and got this error:
The data area passed to a system call is too small.
I saw a post that said to use subinacl instead. The syntax is different.
Also working on getting the SetACL command to work, so far I have it dumping the info.
The data area passed to a system call is too small.
I saw a post that said to use subinacl instead. The syntax is different.
Also working on getting the SetACL command to work, so far I have it dumping the info.
Saturday, July 26, 2008
Sorting IP addresses with Excel
What I did was paste the list of ip into A1, select that column and performed text to column, specificying a "." delimiter.
Then sort by a,b,c,d highest to lowest.
then in F or another column I put the following formula.
=A1&"."&B1&"."&C1&"."&D1
I had seen some other post which had more complex answers and thought this method was better.
Then sort by a,b,c,d highest to lowest.
then in F or another column I put the following formula.
=A1&"."&B1&"."&C1&"."&D1
I had seen some other post which had more complex answers and thought this method was better.
Openssl convert from iis format to pem
openssl pkcs12 - in -out filename.pem -nodes
then to get the crt and the key open save multiple copies and remove the private key from the .crt and then remove the certificate for the .key file.
***********************************************************************
Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ openssl pkcs12 -in iiscertexport.pfx -out filename.pem -nodes
Enter Import Password:
MAC verified OK
Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ ls
***************************************************************************
then to get the crt and the key open save multiple copies and remove the private key from the .crt and then remove the certificate for the .key file.
***********************************************************************
Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ openssl pkcs12 -in iiscertexport.pfx -out filename.pem -nodes
Enter Import Password:
MAC verified OK
Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ ls
***************************************************************************
Wednesday, July 09, 2008
AD - Group Policy Processing Speeds
Active Directory Group Policy
Hands down this is one of the biggest wins for Microsoft int he enterprise. Yes, I love Linux and am a big Linux fan, but this is something Microsoft got right. It wasn't great management in Windows 2000, but with the Group Policy Management Console that they released added a lot.
Here is an article from Mitch Tulloch that discusses Optimizing Group Policy Performance
http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html
Hands down this is one of the biggest wins for Microsoft int he enterprise. Yes, I love Linux and am a big Linux fan, but this is something Microsoft got right. It wasn't great management in Windows 2000, but with the Group Policy Management Console that they released added a lot.
Here is an article from Mitch Tulloch that discusses Optimizing Group Policy Performance
http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html
Monday, July 07, 2008
Wednesday, July 02, 2008
PGP resources
I am sometimes asked to explain PGP to co-workers, here are a list of refences that I felt were good.
http://en.wikipedia.org/wiki/Public_key_cryptography
http://www.networkworld.com/news/64452_05-17-1999.html
better
http://www.pgpi.org/doc/pgpintro/
http://en.wikipedia.org/wiki/Public_key_cryptography
http://www.networkworld.com/news/64452_05-17-1999.html
better
http://www.pgpi.org/doc/pgpintro/
Tuesday, July 01, 2008
Perl modules
I needed XML::LibXML and found that the University of Winnipeg has a repository.
Added the repro to my ppm tool and when then able to install the package and get running.
(Active State osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread version 5.8.8)
http://theoryx5.uwinnipeg.ca/ppms/
Added the repro to my ppm tool and when then able to install the package and get running.
(Active State osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread version 5.8.8)
http://theoryx5.uwinnipeg.ca/ppms/
Friday, June 20, 2008
Openssl check if certificate chain is available from web server
Sometime you SSL provider maybe change the certificate chain for certificates you get from them. GoDaddy has changed in the last year, and a few years ago Network Solutions had changed because of a renewal date. When you get a SSL certificate from a provider you are often given the option to get the certificate chain. This is so that your web servers can make available to visiting clients the root and intermediate certificates so that the visiting client can confirm if the certificates are trusted.
using the following openssl command line will display the certificate depth, you want greater then 0, as well as the certificates.
openssl s_client -connect server:port -showcerts
Hope this help someone.
using the following openssl command line will display the certificate depth, you want greater then 0, as well as the certificates.
openssl s_client -connect server:port -showcerts
Hope this help someone.
Thursday, June 19, 2008
Keeping Track of Virtual Macines
Found this handy method so a virtual machine can detect if it is running in MS environment or a VMware environment. I would like to find out if there is a method from the Guest OS to tell the servername of the Virtual Host/Server it is running on.
I know for MS Virtual Server vbscript to list the guest info:
http://www.microsoft.com/technet/scriptcenter/scripts/vs/default.mspx
detect from guest os if in a MS Virtual Server Environment or a VMWare:
http://x86virtualization.com/intel/vbscript-checking-for-virtual-host.html
I know for MS Virtual Server vbscript to list the guest info:
http://www.microsoft.com/technet/scriptcenter/scripts/vs/default.mspx
detect from guest os if in a MS Virtual Server Environment or a VMWare:
http://x86virtualization.com/intel/vbscript-checking-for-virtual-host.html
Tuesday, June 03, 2008
Friday, May 30, 2008
Compile dmidecode on Cygwin
http://freshmeat.net/projects/dmidecode/
dmidecode - Default branch
Section: Unix
Click here to find out more!
Click here to find out more!
Added: Mon, Jan 20th 2003 14:01 PDT (5 years, 4 months ago) Updated: Tue, Feb 27th 2007 07:13 PDT (1 year, 3 months ago)
From Freshmeat:
About:
Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag, and a lot of other details of varying level of interest and reliability, depending on the manufacturer. This will often include usage status for the CPU sockets, expansion slots and memory module slots, and the list of I/O ports.
Directions to get this to compile under cygwin.
I had to run cygwin setup and select gcc ( I selected all of them ) and make, also I selected automake but I am not sure if that was necessary.
Then
make
Then I will take the EXE to another system along with Cygwin1.dll.
This resulted in an error, I think the answer is here:
http://www.cygwin.com/ml/cygwin/2007-04/msg00458.html
with Windows 2003 only kernel process have access to physical memory.
But then read this
http://lists-archives.org/cygwin/34232-dev-mem-permission-denied.html
Will have to revisit another day to see if I can get this working for Windows 2003.
************************
More details:
Error Messages on Windows 2003 Server
# dmidecode 2.9
/dev/mem: Permission denied
Here are the files, cygwin is nto installed locally.
biosdecode.exe
cygwin1.dll
dmidecode.exe
ownership.exe
vpddecode.exe
cygwin1.dll version - 1005.25.0.0
Here is information from the workstation I used to build dmidecode.
$ cat /proc/version
CYGWIN_NT-5.1 1.5.25(0.156/4/2) 2007-12-14 19:21
dmidecode - Default branch
Section: Unix
Click here to find out more!
Click here to find out more!
Added: Mon, Jan 20th 2003 14:01 PDT (5 years, 4 months ago) Updated: Tue, Feb 27th 2007 07:13 PDT (1 year, 3 months ago)
From Freshmeat:
About:
Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag, and a lot of other details of varying level of interest and reliability, depending on the manufacturer. This will often include usage status for the CPU sockets, expansion slots and memory module slots, and the list of I/O ports.
Directions to get this to compile under cygwin.
I had to run cygwin setup and select gcc ( I selected all of them ) and make, also I selected automake but I am not sure if that was necessary.
Then
make
Then I will take the EXE to another system along with Cygwin1.dll.
This resulted in an error, I think the answer is here:
http://www.cygwin.com/ml/cygwin/2007-04/msg00458.html
with Windows 2003 only kernel process have access to physical memory.
But then read this
http://lists-archives.org/cygwin/34232-dev-mem-permission-denied.html
Will have to revisit another day to see if I can get this working for Windows 2003.
************************
More details:
Error Messages on Windows 2003 Server
# dmidecode 2.9
/dev/mem: Permission denied
Here are the files, cygwin is nto installed locally.
biosdecode.exe
cygwin1.dll
dmidecode.exe
ownership.exe
vpddecode.exe
cygwin1.dll version - 1005.25.0.0
Here is information from the workstation I used to build dmidecode.
$ cat /proc/version
CYGWIN_NT-5.1 1.5.25(0.156/4/2) 2007-12-14 19:21
Thursday, May 29, 2008
VMWare ESX / Infrastructure Enabling Root SSH
Enable SSH access to VMware ESX server
To allow the root user to login to a VMware ESX Server over the network using SSH, do the following:
1. Go to the service console on the physical server & login
2. vi /etc/ssh/sshd_config
3. Change the line that says PermitRootLogin from “no” to “yes”
4. Restart sshd with command /etc/init.d/sshd restart
Source:
http://www.kreslavsky.com/2007/12/enable-ssh-access-to-vmware-esx-server.html
To allow the root user to login to a VMware ESX Server over the network using SSH, do the following:
1. Go to the service console on the physical server & login
2. vi /etc/ssh/sshd_config
3. Change the line that says PermitRootLogin from “no” to “yes”
4. Restart sshd with command /etc/init.d/sshd restart
Source:
http://www.kreslavsky.com/2007/12/enable-ssh-access-to-vmware-esx-server.html
Thursday, May 15, 2008
Appendix O: Active Directory Delegation Wizard File
Appendix O: Active Directory Delegation Wizard File
http://technet2.microsoft.com/windowsserver/en/library/1d05f294-bb1e-4a55-aec3-2ee80f0db2791033.mspx?mfr=true
http://technet2.microsoft.com/windowsserver/en/library/1d05f294-bb1e-4a55-aec3-2ee80f0db2791033.mspx?mfr=true
Difference between Active mode and Passive Mode FTP
Here is a link which states it clearly.
Click Here
Click Here
Friday, May 09, 2008
Network
Rate my network diagram -
Cool site which has several network diagrams so you can review what others are doing:
http://www.ratemynetworkdiagram.com/
Site which discusses Network Documentation and Network Mapping - free.
http://www.networkdocumentation.com/
Cool site which has several network diagrams so you can review what others are doing:
http://www.ratemynetworkdiagram.com/
Site which discusses Network Documentation and Network Mapping - free.
http://www.networkdocumentation.com/
Monday, May 05, 2008
Monday, April 28, 2008
Perl Script into EXE
App::Packer - is a Perl Module to help get your script into a free running program - no dependencies. Its worked with a ntp time check script I have. Now I have a script that will pull a list of the OUs in AD and create a batch file to dsacls is run for each OU.
This link has more details on running p2e.pl the script that runs to create the exe:
http://www.perlmonks.org/?displaytype=print;node_id=215299
This link has more details on running p2e.pl the script that runs to create the exe:
http://www.perlmonks.org/?displaytype=print;node_id=215299
Thursday, April 17, 2008
Mysql Cheat Sheet
I was having some problems using the LOAD DATA INFILE.
This guy's cheatsheet helped me out.
http://www.nparikh.org/unix/mysql.php
This guy's cheatsheet helped me out.
http://www.nparikh.org/unix/mysql.php
Tuesday, April 15, 2008
Windows 2003 SP2 install with no backup
Just a reminder that this is the way to run a Windows 2003 SP2 install choosing not to backuup the files.
i386\update\update.exe /nobackup
i386\update\update.exe /nobackup
Monday, April 07, 2008
Cheap diag tool
I like Visio, and I like DIA (GPL - I think ) - here is edraw.
http://www.edrawsoft.com/Network-Diagrams.php
http://www.edrawsoft.com/Network-Diagrams.php
Thursday, April 03, 2008
Some Good Cheat Sheets
Some good cheat sheets from sloppycode.net
I like the programming cheat sheet here lets you see perl next to php, vbscript.
http://www.sloppycode.net/tools/language-reference.aspx
the unix one seems handy as well.
http://www.sloppycode.net/Tools/unix-cheat-sheet.aspx
I like the programming cheat sheet here lets you see perl next to php, vbscript.
http://www.sloppycode.net/tools/language-reference.aspx
the unix one seems handy as well.
http://www.sloppycode.net/Tools/unix-cheat-sheet.aspx
Friday, March 21, 2008
Nortel VPN Device and Passive FTP problems
We have some site with problematic FTP trasnfers, found that Active FTP was working, Passive FTP was not working. Found IE and FileZilla both have ways to change default behavior. We needed to get FTP working.
Found a note on Nortel's site known issues with specific firmware and passive FTP.
Here is my test file, first line is active, second is passive - the second line was failing. The test downloads a 3 meg file from Microsoft.
I also found this guide:
Active FTP vs. Passive FTP, a Definitive Explanation
ftptesting.cmd
curl ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-norm.zip
curl --disable-epsv ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-disable.zip
After the firmware it worked as expected.
Found a note on Nortel's site known issues with specific firmware and passive FTP.
Here is my test file, first line is active, second is passive - the second line was failing. The test downloads a 3 meg file from Microsoft.
I also found this guide:
Active FTP vs. Passive FTP, a Definitive Explanation
ftptesting.cmd
curl ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-norm.zip
curl --disable-epsv ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-disable.zip
After the firmware it worked as expected.
Tuesday, March 11, 2008
Reloading Laptop After some Problems
Step 1. Pull down corporate apps
Step 2. Install Office 2007 (team thing)
Installed 7.10 Ubuntu Desktop, tried to update the network with Wicd, had some failures will need to redo. The install was nice, I just told it the new size of the ntfs partition during the Ubuntu install.
Here is a program I love - Tea Timer
http://users.adelphia.net/~dceubank/
I am trying to add it to my GTD work.
Other apps
Putty
WinSCP
SongBird
Juice
Cygwin
Hotkeys ( trying to force myself to do this more )
Step 2. Install Office 2007 (team thing)
Installed 7.10 Ubuntu Desktop, tried to update the network with Wicd, had some failures will need to redo. The install was nice, I just told it the new size of the ntfs partition during the Ubuntu install.
Here is a program I love - Tea Timer
http://users.adelphia.net/~dceubank/
I am trying to add it to my GTD work.
Other apps
Putty
WinSCP
SongBird
Juice
Cygwin
Hotkeys ( trying to force myself to do this more )
Subscribe to:
Posts (Atom)
