Sunday, 22 June 2014

2 x FreeNAS Quick Fixes 9.2.0+

Fixes for FreeNAS

There is an error trying to install Plugins, It mentions Jails but it has NOTHING to do with the jails. 

See the issue here....

On a command line this is the fix.....

  • echo '' >> /etc/hosts

Once you have upgraded to the latest version you cannot turn CIFS on and off. And consequently not change permissions. 

Fix for CIFS Share
As root and in SSH do the following commands:
  • cd /tmp
  • fetch
  • chmod +x
  • mv
  • ./

Thursday, 19 June 2014

How To Wipe a Folder on Mac OS (Securely)

srm -f -r -m -z -v *.*

Broadband Terminology (BT UK)

  • SFI test (it stands for special faults investigation), including a PQ (pair quality) test.

  • "lift and shift". This involves an engineer disconnecting your line from one ADSL rack (a digital subscriber line access multiplexer, or DSLAM) in the exchange and connecting it to a different one.

Networking - North Korea IP Block

  • - North Korea

Linux (ESXi) Update ESXi from Command Line

  • wget
  • vim-cmd hostsvc/maintenance_mode_enter
  • esxcli software vib update --depot=/vmfs/volumes/4f3ebfb7-0a4d1490-4fba-2c768aabd269/
  • vim-cmd hostsvc/maintenance_mode_exit
  • reboot

Linux (ESXi/Misc) Working with log files

  • find /var/log/ -name *.log -mtime +1 -exec ls -tl {} \;
  • find /var/log/ -name *.log -mtime +1 -exec rm -f {} \; 
  • egrep 'segfault|fail|denied|oops|warn' /var/log/*
  • tail -f /var/log/mcelog
  • tail -f /var/log/vmkernel.log
  • grep -c "hardware error" /var/log/mcelog
  • grep -i "hardware error" /var/log/mcelog
  • grep -c "hardware error" /var/log/vmkernel.log
  • grep -i "hardware error" /var/log/vmkernel.log
  • grep -r "audit" *
  • grep -r "error" *

  • Clear Log Files
  • cd /; find /vmfs/volumes/ -name vmware-*.log -mtime +1 -exec ls  {} \; 
  • cd /; find /vmfs/volumes/ -name vmware-*.log -mtime +1 -exec ls  {} \; | xargs rm

Linux (Misc) Performance Tweak and Disable IPV6

echo manual | sudo tee -a /etc/init/failsafe.override
echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableiwrpv6.conf 

Linux (ESXi) Power off all VM's on Command Line

vim-cmd vmsvc/getallvms |grep vmx| awk '{ print $1 }'|while read VMID; do echo "work with VM id=$VMID"; vim-cmd vmsvc/power.shutdown $VMID;sleep 1s; done;sleep 1s; poweroff

Linux (ESXi) Enable Jumbo Packets

***Enable Jumbo Packets***

esxcli network vswitch standard set -m 9000 -v vSwitch0
esxcli network vswitch standard list

Linux (ESXi) - Power on VM at the Command Line

To power on a virtual machine from the command line:

    List the inventory ID of the virtual machine with the command:

    vim-cmd vmsvc/getallvms |grep <vm name>

    Note: The first column of the output shows the vmid.

    Check the power state of the virtual machine with the command:

    vim-cmd vmsvc/power.getstate <vmid>

    Power-on the virtual machine with the command:

    vim-cmd vmsvc/power.on <vmid> 

Linux - Installing Nagios 4 (Part 2)

  • /usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc
  • /usr/bin/install -c -m 775 -o nagios -g nagios -d /usr/local/nagios/etc/objects
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/nagios.cfg /usr/local/nagios/etc/nagios.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/cgi.cfg /usr/local/nagios/etc/cgi.cfg
  • /usr/bin/install -c -b -m 660 -o nagios -g nagios sample-config/resource.cfg /usr/local/nagios/etc/resource.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/templates.cfg /usr/local/nagios/etc/objects/templates.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/commands.cfg /usr/local/nagios/etc/objects/commands.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/contacts.cfg /usr/local/nagios/etc/objects/contacts.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/timeperiods.cfg /usr/local/nagios/etc/objects/timeperiods.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/localhost.cfg /usr/local/nagios/etc/objects/localhost.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/windows.cfg /usr/local/nagios/etc/objects/windows.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/printer.cfg /usr/local/nagios/etc/objects/printer.cfg
  • /usr/bin/install -c -b -m 664 -o nagios -g nagios sample-config/template-object/switch.cfg /usr/local/nagios/etc/objects/switch.cfg

  • /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
  • sudo /etc/init.d/nagios restart
  • nmap -oG output.txt -sn -O -iR 100 --script smtp-open-relay --min-parallelism 1500 -v -v
  • nmap -oG output.txt -O -iR 100 --script smtp-open-relay --min-parallelism 1500 -v -v
  • cp hosts.cfg /usr/local/nagios/etc/objects/
  • /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Linux - Installing Nagios 4 (Part 1)

  1. sudo apt-get install wget build-essential apache2 php5-gd libgd2-xpm libgd2-xpm-dev libapache2-modphp5 sendmail
  2. cd /tmp
  3. wget
  4. wget
  5. useradd nagios
  6. groupadd nagcmd
  7. usermod -a -G nagcmd nagios
  8. tar zxvf nagios-4.0.4.tar.gz
  9. tar zxvf nagios-plugins-2.0.tar.gz
  10. cd nagios
  11. ./configure --with-nagios-group=nagios --with-command-group=nagcmd
  12. make all
  13. make install
  14. make install-init
  15. make install-config
  16. make install-commandmode
  17. make install-webconf
  18. cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/
  19. chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers
  20. /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
  21. /etc/init.d/nagios start
  22. htpasswd –c /usr/local/nagios/etc/htpasswd.users nagiosadmin
  23. cd /tmp/nagios-plugins-2.0
  24. ./configure --with-nagios-user=nagios --with-nagios-group=nagios
  25. make
  26. make install
  27. chkconfig --add nagios
  28. chkconfig --level 35 nagios on
  29. chkconfig --add httpd
  30. chkconfig --level 35 httpd on
  31. ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios

Funny Forum Post For you to use.....

Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) Apple will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!


It's really simple: QOS ("Quality Of Service") is about discriminating between different types of traffic based on its characteristics and needs (e.g. low-latency-required stuff like VoIP vs. latency-not-important "bulk data" transfers like BitTorrent). That kind of discrimination is just fine. In contrast, Net Neutrality seeks only to prohibit discrimination based on the origin or destination of the packets; i.e., who sent or requested them. That kind of discrimination is very much not "just fine."

For example, Comcast wanting to prioritize Comcast's video-streaming service above Bittorrent is fine; that's QOS. Comcast wanting to prioritize Comcast's video-streaming service above Netflix is wrong; that violates net neutrality.

In my experience, the only people who disagree with this after having it explained to them are those who are paid to believe otherwise.

Wednesday, 18 June 2014

NSA - Not what you think

You guys do know if they where to put a hidden key.... they wouldn't call it NSAKEY! you know NSA does not stand for national security agency...... it was at the time meaning Name Space Assembly Key... had a completely different purpose then the tin foil hatters want you to think.... but lets just ignore all the development documentation on windows back in the 90's and name it some big conspiracy

Solaris - Reset Interface Mask

ifconfig ce0 netmask broadcast + up && ifconfig ce0

Update Cisco IOS - FTP Method

Delete Old Image
delete /force /recursive c2960-lanbasek9-mz.150-2.EZ

Download,Extract and Install New Image
archive download-sw /overwrite ftp://<<FTPSERVER>>/c2960-lanbasek9-tar.150-2.SE6.tar

NX-OS - Simple Port Chan (LACP)

show system internal clis feature
feature lacp - To Enable LACP

*Identify a free Channel Group Number

interface Eth2/6
description ***DESCRIPTION***
switchport access vlan <<VLAN>>
spanning-tree port type edge
no shutdown
channel-group 100 mode active

interface port-channel100
description ***DESCRIPTION***
vpc 100
switchport access vlan <<VLAN>>
spanning-tree port type edge

Upgrading to a New Firmware Release - Cisco 800 Series Routers

Upgrading to a New Firmware Release

Perform the following steps to upgrade to a new firmware release:

1. Download the new firmware from Software Center at

Choose Products -> Routers -> Branch Routers -> Cisco 800 Series Routers -> Cisco 887VA Integrated Services Router -> Very High Bitrate DSL (VDSL) Firmware

2. Copy the firmware to a designated location; for example, router flash or a TFTP server.

3. Configure the router to load the new firmware from a designated location.

Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# controller vdsl 0
Router(config-controller)# firmware filename ?
  archive:  Download fw file name
  cns:      Download fw file name
  flash:    Download fw file name
  ftp:      Download fw file name
  http:     Download fw file name
  https:    Download fw file name
  null:     Download fw file name
  nvram:    Download fw file name
  rcp:      Download fw file name
  scp:      Download fw file name
  system:   Download fw file name
  tar:      Download fw file name
  tftp:     Download fw file name
  tmpsys:   Download fw file name
  xmodem:   Download fw file name
  ymodem:   Download fw file name
Router(config-controller)# firmware filename flash:vdsl.bin.35j23jdslfw

Note Controller VDSL 0 should not be turned off.
4. Enter the copy running-config startup-config command to save your configuration.

5. Enter the reload command to restart the router.

Problem Solving - BPDU Filter Disabled On Access Ports ***ONLY IF NOT WIRELESS APs***

Problem Solving -  BPDU Filter Disabled On Access Ports ***ONLY IF NOT WIRELESS APs***

spanning-tree bpdufilter enable

Problem Solving - Uplink Fast Not Enabled

Problem Solving - Uplink Fast Not Enabled

set spantree uplinkfast enable rate 25

Cisco Macro Usage

Using Predefined Cisco Macros

macro apply cisco-desktop $access_vlan <<<VLAN>>>
macro apply cisco-wireless $native_vlan <<<VLAN>>>

More Info:

Cisco IOS - Simple Port Span

Setting up a simple Port Span

c3750(config)#monitor session 1 source interface fastethernet 0/1
c3750(config)#monitor session 1 destination interface fastethernet 0/2

Cisco IOS (Wireless AP) Updating Image

Updating a Cisco AP Image

AP#debug lwapp console cli or debug capwap console cli
AP#config t
AP(confg)int fa 0
AP(confg-if)ip addr <addr> <mask> (same subnet as that of the laptop)
AP#archive download-sw /force-reload /overwrite tftp://<tftp ip address>/<image name.tar>

Cisco IOS - Include Command Examples

  • show mac address-table | include 
  • sh arp | inc <IP Address>
  • show int status
  • show interface | i line|escription
  • sh spanning-tree detail | i ieee|occur|from|is
  • sh int | include (is down)
  • sh int | include (is up)
  • sh run | include (helper-address)
  • show int status | inc (a-10)
  • sh int | inc line protocol is|Last input (notconnect)

Cisco IOS - Recover from a Damaged or Broken IOS, Using the Console Cable

Recover from a Damaged or Broken IOS, Using the Console Cable:

dir flash:
boot flash:c2950-i6k2l2q4-mz.121-22.EA13.bin

Replace with whatever IOS version is in your flash. 

Windows Generic

Show and Reset Proxy Settings In Windows.

  • netsh winhttp show proxy
  • netsh winhttp reset proxy

Windows Powershell - Find Old Files

Change the Path and Days Accordingly

Get-ChildItem -Path "C:\" -Include "*.*" -Recurse | where {$_.LastWriteTime -le $(get-date).AddDays(-365)}

Windows Powershell - Starting As An Elevated User

Two Commands to Start PowerShell As an Elevated User.

Run Both Commands separately on one line. Both Commands do the same job. Just replace USER and DOMAIN accordingly.

  • Start-Process powershell.exe -Credential "DOMAIN\USER" -NoNewWindow -ArgumentList "Start-Process powershell.exe -Verb runAs"
  • C:\Windows\System32\runas.exe /env /noprofile /user:USER@DOMAIN "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noprofile -command \"start-process powershell -verb RunAs\""