Friday, December 12, 2008

Advanced Registry Tracer

Advanced Registry Tracer
http://www.elcomsoft.com/art.html

Stores registry to database to allow for changes and review.
Seems interesting.

Wednesday, November 19, 2008

pop3 and MS Exchange 2007

Looked here to see how to test via telnet
file:///c:/leddymj/research/exchange2007/testing-pop3-access-using-telnet.html

Got error
"Command is not valid in this state" after supplying credentials.
found answer here:
http://msexchangetips.blogspot.com/2007/11/exchange-2007-pop3-err-command-is-not.html

need to use exchange shell command
Set-PopSettings -LoginType PlainTextLogin
then restart the service.

I used
Get-PopSettings -LoginType PlainTextLogin | fl > before.txt
and
Get-PopSettings -LoginType PlainTextLogin | fl > after.txt

when did a Active Directory User Last Logon

first let me say I think Novel Netware user login, I think Windows users Logon.

With several DCs it used to be a bear to get the real last logon, as you would have to check the lastlogon timestamp on each DC, with Windows 2003 Native mode this has been changed.

Details:


lastLogon – old style not replicated to other DCs
lastLogonTimestamp – replicated for each user if the user’s lastlogonTimestamp is older then 14 days ( This is the one to go by for the report. )

http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx

http://addicted-to-it.blogspot.com/2008/09/ad-how-to-determine-last-logon-time-of.html

I included a hist01.txt which has the command line used to generate the report. The adfind tool is a command line utility, already on corpadmints1.
Also found at http://www.joeware.net/freetools/tools/adfind/.

adfind -b "base dn"
-f filter - all user objects except disabled accounts
-csv csv export
-tdc time date change - changed ldap time date into readable format
then attributes DisplayName samaccountname lastLogon lastLogonTimestamp

Thursday, November 13, 2008

Godo site with Lots of AD info and vbscript examples

good site they have vbscript examples and more

http://www.computerperformance.co.uk/vbscript/

they have great pages on using ldifde and csvde

Sunday, September 21, 2008

hid security app

ossec is a host based intrusion detection. The sever only runs on unix, there is a windows agent.

Free helpdesk apps

rt and otis. Otis looks great, what can I say it seems like all you would want. A customer interface, ldap , email built in.

http://otrs.org/index/

Thursday, August 14, 2008

Multi-Value attributes and Exchange 2007

Some notes, I am putting up . After search I some one guy delete with a lines and another one say you had to loop through everything.


To set a multi-value attribute with the Exchange Management Shell
Set-ContentFilterConfig -BypassedSenderDomains "faker1.com","faker2.com"
Get-ContentFilterConfig

You will see both "faker1.com" and "faker2.com" listed.

*************************************************
to remove one item at a time:
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains -="faker2.com"
$foo | Set-ContentFilterConfig


*********************************************************
To clear the entries:
Set-ContentFilterConfig -BypassedSenderDomains $Null
Get-ContentFilterConfig


**************************************************
You can also add an value
$foo = Get-ContentFilterConfig
$foo.BypassedSenderDomains +="faker4.com"
$foo | Set-ContentFilterConfig

Wednesday, August 13, 2008

Active Directory Last Logon

Good info and scripts on Last Logon time, seems like the Windows 2003 DC replicate some info if the logon date is less then 14 days old.


http://www.rlmueller.net/Last%20Logon.htm

Tuesday, August 05, 2008

Perl Encode Decode strings

So I a file SetACL dump that I was trying to parse with Perl, found that the file encoding was UCS2-Little Endian. I was reading the file into perl and wanted to standardize the formatted output I would generate.

$line = decode('UCS-2LE',$oldline);

#answers found here
#http://perldoc.perl.org/Encode.html
#and
#http://coderepos.org/share/browser/lang/perl/Encode/trunk/t/Unicode.t
#also saw possible answers here
#perl -MEncode -le "print for Encode->encodings(':all')"

Thursday, July 31, 2008

cacls and subinacl

I am trying to work with cacls and got this error:

The data area passed to a system call is too small.

I saw a post that said to use subinacl instead. The syntax is different.

Also working on getting the SetACL command to work, so far I have it dumping the info.

Saturday, July 26, 2008

Sorting IP addresses with Excel

What I did was paste the list of ip into A1, select that column and performed text to column, specificying a "." delimiter.
Then sort by a,b,c,d highest to lowest.

then in F or another column I put the following formula.
=A1&"."&B1&"."&C1&"."&D1

I had seen some other post which had more complex answers and thought this method was better.

Openssl convert from iis format to pem

openssl pkcs12 - in -out filename.pem -nodes


then to get the crt and the key open save multiple copies and remove the private key from the .crt and then remove the certificate for the .key file.


***********************************************************************
Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ openssl pkcs12 -in iiscertexport.pfx -out filename.pem -nodes
Enter Import Password:
MAC verified OK

Username@Hostname /cygdrive/c/username/projects-reoccuring/check-ssl/ssl-certs
$ ls
***************************************************************************

Google Code Search

http://www.google.com/codesearch

Google Code Search Link

Wednesday, July 09, 2008

AD - Group Policy Processing Speeds

Active Directory Group Policy
Hands down this is one of the biggest wins for Microsoft int he enterprise. Yes, I love Linux and am a big Linux fan, but this is something Microsoft got right. It wasn't great management in Windows 2000, but with the Group Policy Management Console that they released added a lot.

Here is an article from Mitch Tulloch that discusses Optimizing Group Policy Performance
http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html

Monday, July 07, 2008

my favorite editor

I opened the file with my favorite editor:
http://www.scintilla.org/SciTE.html

Wednesday, July 02, 2008

PGP resources

I am sometimes asked to explain PGP to co-workers, here are a list of refences that I felt were good.

http://en.wikipedia.org/wiki/Public_key_cryptography

http://www.networkworld.com/news/64452_05-17-1999.html

better
http://www.pgpi.org/doc/pgpintro/

Tuesday, July 01, 2008

Perl modules

I needed XML::LibXML and found that the University of Winnipeg has a repository.
Added the repro to my ppm tool and when then able to install the package and get running.

(Active State osname=MSWin32, osvers=5.00, archname=MSWin32-x86-multi-thread version 5.8.8)

http://theoryx5.uwinnipeg.ca/ppms/

Friday, June 20, 2008

Openssl check if certificate chain is available from web server

Sometime you SSL provider maybe change the certificate chain for certificates you get from them. GoDaddy has changed in the last year, and a few years ago Network Solutions had changed because of a renewal date. When you get a SSL certificate from a provider you are often given the option to get the certificate chain. This is so that your web servers can make available to visiting clients the root and intermediate certificates so that the visiting client can confirm if the certificates are trusted.

using the following openssl command line will display the certificate depth, you want greater then 0, as well as the certificates.
openssl s_client -connect server:port -showcerts

Hope this help someone.

Thursday, June 19, 2008

Keeping Track of Virtual Macines

Found this handy method so a virtual machine can detect if it is running in MS environment or a VMware environment. I would like to find out if there is a method from the Guest OS to tell the servername of the Virtual Host/Server it is running on.

I know for MS Virtual Server vbscript to list the guest info:
http://www.microsoft.com/technet/scriptcenter/scripts/vs/default.mspx


detect from guest os if in a MS Virtual Server Environment or a VMWare:
http://x86virtualization.com/intel/vbscript-checking-for-virtual-host.html

Friday, May 30, 2008

Compile dmidecode on Cygwin

http://freshmeat.net/projects/dmidecode/


dmidecode - Default branch
Section: Unix

Click here to find out more!

Click here to find out more!
Added: Mon, Jan 20th 2003 14:01 PDT (5 years, 4 months ago) Updated: Tue, Feb 27th 2007 07:13 PDT (1 year, 3 months ago)

From Freshmeat:
About:
Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag, and a lot of other details of varying level of interest and reliability, depending on the manufacturer. This will often include usage status for the CPU sockets, expansion slots and memory module slots, and the list of I/O ports.

Directions to get this to compile under cygwin.

I had to run cygwin setup and select gcc ( I selected all of them ) and make, also I selected automake but I am not sure if that was necessary.

Then
make
Then I will take the EXE to another system along with Cygwin1.dll.

This resulted in an error, I think the answer is here:
http://www.cygwin.com/ml/cygwin/2007-04/msg00458.html

with Windows 2003 only kernel process have access to physical memory.

But then read this
http://lists-archives.org/cygwin/34232-dev-mem-permission-denied.html

Will have to revisit another day to see if I can get this working for Windows 2003.


************************
More details:


Error Messages on Windows 2003 Server
# dmidecode 2.9
/dev/mem: Permission denied

Here are the files, cygwin is nto installed locally.
biosdecode.exe
cygwin1.dll
dmidecode.exe
ownership.exe
vpddecode.exe


cygwin1.dll version - 1005.25.0.0

Here is information from the workstation I used to build dmidecode.
$ cat /proc/version
CYGWIN_NT-5.1 1.5.25(0.156/4/2) 2007-12-14 19:21

Thursday, May 29, 2008

VMWare ESX / Infrastructure Enabling Root SSH

Enable SSH access to VMware ESX server

To allow the root user to login to a VMware ESX Server over the network using SSH, do the following:

1. Go to the service console on the physical server & login
2. vi /etc/ssh/sshd_config
3. Change the line that says PermitRootLogin from “no” to “yes”
4. Restart sshd with command /etc/init.d/sshd restart

Source:
http://www.kreslavsky.com/2007/12/enable-ssh-access-to-vmware-esx-server.html

Friday, May 09, 2008

Network

Rate my network diagram -
Cool site which has several network diagrams so you can review what others are doing:
http://www.ratemynetworkdiagram.com/


Site which discusses Network Documentation and Network Mapping - free.
http://www.networkdocumentation.com/

Monday, May 05, 2008

Learning some HTML and ASP

I like some of the quick references and examples on this site.

http://www.w3schools.com/

Monday, April 28, 2008

Perl Script into EXE

App::Packer - is a Perl Module to help get your script into a free running program - no dependencies. Its worked with a ntp time check script I have. Now I have a script that will pull a list of the OUs in AD and create a batch file to dsacls is run for each OU.


This link has more details on running p2e.pl the script that runs to create the exe:
http://www.perlmonks.org/?displaytype=print;node_id=215299

Thursday, April 17, 2008

Mysql Cheat Sheet

I was having some problems using the LOAD DATA INFILE.

This guy's cheatsheet helped me out.

http://www.nparikh.org/unix/mysql.php

Tuesday, April 15, 2008

Windows 2003 SP2 install with no backup

Just a reminder that this is the way to run a Windows 2003 SP2 install choosing not to backuup the files.

i386\update\update.exe /nobackup

Monday, April 07, 2008

Cheap diag tool

I like Visio, and I like DIA (GPL - I think ) - here is edraw.


http://www.edrawsoft.com/Network-Diagrams.php

Thursday, April 03, 2008

Some Good Cheat Sheets

Some good cheat sheets from sloppycode.net

I like the programming cheat sheet here lets you see perl next to php, vbscript.
http://www.sloppycode.net/tools/language-reference.aspx

the unix one seems handy as well.
http://www.sloppycode.net/Tools/unix-cheat-sheet.aspx

Friday, March 21, 2008

Nortel VPN Device and Passive FTP problems

We have some site with problematic FTP trasnfers, found that Active FTP was working, Passive FTP was not working. Found IE and FileZilla both have ways to change default behavior. We needed to get FTP working.

Found a note on Nortel's site known issues with specific firmware and passive FTP.

Here is my test file, first line is active, second is passive - the second line was failing. The test downloads a 3 meg file from Microsoft.

I also found this guide:
Active FTP vs. Passive FTP, a Definitive Explanation

ftptesting.cmd
curl ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-norm.zip
curl --disable-epsv ftp://anonymous:wow@ftp.microsoft.com/PSS/Tools/NetMon/netmon2.zip > netmon2-disable.zip


After the firmware it worked as expected.

Tuesday, March 11, 2008

Reloading Laptop After some Problems

Step 1. Pull down corporate apps
Step 2. Install Office 2007 (team thing)

Installed 7.10 Ubuntu Desktop, tried to update the network with Wicd, had some failures will need to redo. The install was nice, I just told it the new size of the ntfs partition during the Ubuntu install.



Here is a program I love - Tea Timer
http://users.adelphia.net/~dceubank/

I am trying to add it to my GTD work.



Other apps
Putty
WinSCP
SongBird
Juice
Cygwin
Hotkeys ( trying to force myself to do this more )