Technology: August 2016

Tuesday, 30 August 2016

XML-RPC brute force hacking attacks

This summary is not available. Please click here to view the post.

centos 6 - bandwidthd

centos 6 - bandwidthd:
1. yum install gcc cpp glibc glibc-devel gcc-c++
2. yum install libpcap libpcap-devel libpng libpng-devel gd gd-devel
3. yum install httpd mod_ssl
4. service httpd start
5. chkconfig httpd on
6. wget http://jaist.dl.sourceforge.net/project/bandwidthd/bandwidthd/bandwidthd%202.0.1/bandwidthd-2.0.1.tgz
7. tar -zxvf bandwidthd-2.0.1.tgz
8. cd bandwidthd-2.0.1
9. ./configure
10. make;make install
11. ll /usr/local/bandwidthd
12. vim /usr/local/bandwidthd/etc/bandwidthd.conf
subnet 10.200.10.0/24
dev "eth0"
output_cdf true
recover_cdf true
13. cd /var/www/html/
14. ln -s /usr/local/bandwidthd/htdocs bandwidthd
15. cd /usr/local/bandwidthd
16. ./bandwidthd
17. service httpd restart
18. vim /etc/rc.local
/usr/local/bandwidthd/bandwidthd
19. http://IP/bandwidthd

Time Configuration in Active Directory

http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx

Run the following command on the PDC emulator:

1) w32tm /query /source

Free-running System Clock

2) w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /update

3) w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:manual /reliable:yes /update
3) w32tm /config /syncfromflags:manual /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org" /reliable:yes /update

4)      Services > Windows Time > Restart (restart W32Time service)
5)   w32tm /query /peers
7    w32tm /resync

==========================================================

Optional:

Run the following command on all other DCs (that are not PDC):

w32tm /config /syncfromflags:domhier /update

Once done, restart W32Time service.
net stop w32time && net start w32time
#Both the domain and non-domain joined protocols requires UDP port 123.
==========================================================
reset the time service on the non-PDCs back to their default:
net stop w32Time
w32tm /unregister
w32tm /register
net start w32time
w32tm /resync
==============================================
For DMZ workgroup computers or Virtual Host machines get time from Internet:
w32tm /config /manualpeerlist:au.pool.ntp.org /syncfromflags:manual /update

==========================================================
How can I check what time source is being used by Windows inside of a virtual machine?

Administrative command prompt > w32tm /query /source.
If you are using the Hyper-V time synchronization integration service you should see the following output:

If you see this output:

It means that there is no time synchronization going on for this virtual machine. This is a very bad thing – as time will drift inside of the virtual machine.
==========================================================
In windows 7:
w32tm /query /status

==========================================================
Google NTP:
time.google.com
time1.google.com
time2.google.com
time3.google.com
time4.google.com

Cloudflare NTP:
time.cloudflare.com

Facebook NTP:
time.facebook.com
time1.facebook.com
time2.facebook.com
time3.facebook.com
time4.facebook.com
time5.facebook.com

Microsoft NTP server:
time.windows.com

Apple NTP server:
time.apple.com
time1.apple.com
time2.apple.com
time3.apple.com
time4.apple.com
time5.apple.com
time6.apple.com
time7.apple.com
time.euro.apple.com

NTP Pool:
pool.ntp.org
0.pool.ntp.org
1.pool.ntp.org
2.pool.ntp.org
3.pool.ntp.org
asia.pool.ntp.org
0.asia.pool.ntp.org
1.asia.pool.ntp.org
2.asia.pool.ntp.org
3.asia.pool.ntp.org

Thursday, 25 August 2016

LCD Info Screen and LED Alert Panel on PowerEdge 12th Generation Servers

Fun Facts about the PowerEdge 12th Generation LCD info screen and LED alert panel.

by Anshul Simlote, Shine K A, and Meghna Taneja

For more information, visit our PowerEdge 12th Generation Wiki

Table of Contents

1. Introduction to the LCD Front Panel Display of Dell 12G PowerEdge Servers

Dell offers a distinctive range of LCD front panel display options on 12G PowerEdge servers. The LCD front panel can be used to configure the Integrated Dell Remote Access Controller (iDRAC7) without accessing a server’s console. This permits customers to use Internet Protocol to configure the iDRAC7 remotely and easily manage and monitor the server. Also, this LCD panel makes it easy to identify a given server in the data center.

There’s a wealth of system and health information available inside your new PowerEdge server, and depending on which model server you own, the following display configurations are available:

Dell PowerEdge Server	Indicator Type
R720	LCD panel
R720xd	6 icon LEDs
R620(4/6/8 HDD)	LCD panel
R620(10 HDD)	Quad icon LEDs
T620	LCD panel
M620	Single icon LEDs
R820	LCD panel
R520	LCD panel
R320(4 HDD )	6 icon LEDs
R320(4 hot pluggable HDD/8 HDD)	LCD panel
R420 (4 HDD )	6 icon LEDs
R420 (4 hot pluggable HDD/8 HDD)	LCD panel

2. LCD Features

The LCD front panel allows a user to view and change the network settings of the Dell Integrated Dell Remote Access Controller (iDRAC7). In fact, most of the iDRAC7 configuration can be done using this screen, and quite a bit of the iDRAC7’s features can be accessed here as well, and, of course, system-level error messages will be displayed on the LCD. Another convenient feature offered by the LCD Front Panel, is the ability to setup a user-defined message on the LCD. In this document, we will discuss these features in greater detail.

About the LCD Front Panel navigation menus

There are several navigation menus available on the display panel offering different functions.

The left arrow “<”moves the cursor back in one-step increments.
The select button “✓” selects the currently highlighted menu item.
The left arrow “>” moves the cursor forward in one-step increments.
Screen

The LCD front panel displays user-configurable information about the system. The screen displays system information and error messages, depending on the condition of the system.

- The LCD backlight will be blue during normal operating conditions and only turns amber if there is an error condition.
- The LCD backlight will be off when the system is in standby mode, but it can be turned on by pressing any of the buttons on the LCD front panel.
- However, the LCD backlight will remain off if LCD messaging is turned off; this can be done via the web-based graphical interface, IPMITOOL, Open Manage System Administrator, or a command line tool such as RACADM.

LEDs explained

The number of LEDs on a particular server depends on the amount of physical space available on the front of the chassis. There are four different LED configurations: one with six icons, two others with four icons each, and one with a single LED icon. An example of one such LED panel, from a PowerEdge R720xd is shown below. It will display alerts for general status, hard drive, electrical, thermal, memory and PCI alerts. As with the LCD panel, if trouble arises, an amber indicator will illuminate.

System ID:

In addition to the panels, every Dell PowerEdge 12G server has a System ID button and indicator LED to assist in identifying a particular system.

The identification buttons on the front and back panels can be used to locate a particular system within a rack. This is especially helpful with a densely populated rack when a single system needs to be identified, from either the front or back. If you push one of these buttons, then both the front and rear system status indicators will flash until one of the buttons is pressed again. As a side note, this flashing can also be activated or deactivated remotely with various Open Manage tools.

The rear System ID button contains two LEDs; one is blue and the other is amber.

LED State	System State	Error state on LCD
LED OFF	System is OFF	No Active Error
Solid Blue	System is ON	No Active Error
Blinking Amber (2 second on ,1 second off)¥	System is ON or OFF	There are active errors present; this mode supersedes LED OFF and Solid Blue above and can be active when the system is on OR off
Blinking Blue (1 second on ,1 second off)*	System is ON or OFF	System ID Mode is active; this mode supersedes all states listed above and can be active when the system is on OR off

3. Setting and Viewing Home Panel, iDRAC and System Properties via the LCD control panel

First, let’s start by setting the default message on the LCD panel. Follow these steps on the panel keys to select the desired default display:

It is easy to use the LCD panel to configure network settings and check other system properties. The chart (below) shows the different possible actions and settings available through this panel:

For example, to view network settings, start from the initial (home) display screen and then follow this path:

Home > View > iDRAC IP > IPv4 | IPv6

Then Select IPv4

From this point, most of the networking settings can be viewed:

Home > View > DRAC IP > IPv4 > IP | Subnet | Gateway | DNS

Home > View > DRAC IP > IPv4 > DNS > Primary | Secondary

Home > View > DRAC IP > IPv4 > Gateway > 192.168.2.1

Home > View > DRAC IP > IPv4> IP >192.168.2.12

Similarly, IPv6subnet and gateways can be viewed through

Home > View > DRAC IP > IPv6 > IP | Subnet | Gateway | DNS

Home > View > DRAC IP > IPv6 > DNS > Primary | Secondary

Home > View > DRAC IP > IPv6 > Gateway >

Home > View > DRAC IP > IPv6> IP

And the same holds true for MAC or iSCSI addresses:

Home > View > MAC > iDRAC -> xx-xx-xx-xx-xx-xx

4. Configuring iDRAC properties using the LCD panel

Through the LCD front panel, you can configure the iDRAC7’s network settings.

iDRAC Setup Paths:

Configuring a static IP address through the LCD

Navigate from home screen to setup screen and then to the Static IP tab.

Home > Setup ->iDRAC -> DHCP | Static IP -> IP: 192.168.2.12

After IP v4 configuration from the same screen we can configure sub network mask and gate as well.

Home > Setup > IDRAC > Static IP - >Sub: 255.255.255.0

Home > Setup > IDRAC > Static IP - >Gtw: 192.168.2.1

Other network settings such as DNS servers and DHCP settings are also available through the LCD Front Panel:

Setting domain name server 1 and domain name server 2

Home > Setup > IDRAC > Static IP -> DNS : Yes | No

Domain Name server 1

Home > Setup > IDRAC > Static IP - >D1 :192.168.2.10

Domain Name server 2

Home > Setup > IDRAC > Static IP - >D2 : 192.168.2.1

How to configure Dynamic Host Configuration Internet Protocol (DHCP):

From the LCD Home screen navigate to setup screen and then DHCP tab.

Home > Setup ->iDRAC -> DHCP | Static IP -> Yes | No

5. Errors and Alerts via the LCD

The front panel gives alerts by displaying system error messages. These alerts will cause the LCD backlight color from blue to amber and depending on the nature of the alert, different indicators, depending on the type of panel, will illuminate. Using the front panel, the way system alerts are displayed (or not displayed) can also be changed. The types of alerts covered are as follows:

- Cable and board presence
- Temperature
- Voltages
- Fans
- Processors
- Memory
- Power Supplies
- BIOS
- Hard drives

In all, up to 20 different error messages can be displayed through the LCD front panel. In the event that there are multiple error messages, the most recent error will be displayed.

6. Securing the LCD panel controls

It is important to note that the front panel buttons, by default, have the ability to both view and modify the values that are shown. Using the iDRAC tools, it is possible to limit the panel and buttons to either a view-only state or disable the menu completely, allowing a user to only view the system description and any existing error messages.

7. Using the LCD panel to display component status

Virtual console status on LCD

Through iDRAC7’s software tool or another remote command line tool, a user can enable front-panel notification that a vKVM is attached. If this is enabled and a vKVM session is active on the unit, then the text “virtual console active” will be displayed. If an error occurs, the LCD will enter Error Mode and the “virtual console” message can only be viewed only by navigating up the menu tree to Home Mode. There the “virtual console active” message will display for ~45 seconds before returning to the Error Mode.

Displaying BIOS progress on LCD

The BIOS progress including recent POST messages will display after pressing and holding System ID button for more than 5 seconds.

Status of server boot-up

During system boot, the LCD displays “System booting…” until video is available. This is to give the user indication that the system is booting and video is unavailable at this time. Shortly after power-on or reset, "System booting…" appears on the LCD, with periods appearing for each progress code in the pre-video sequence as they are received from BIOS. Once full memory initialization is complete, the LCD returns to its normal mode

Displaying iDRAC’s reset mode

If the system ID button is held down for more than 15 seconds, then the iDRAC will reset. This will cause the LCD panel to go blank until the iDRAC is once again fully functional. At that point, the display will show the current state of the server.

8. Configuring the LCD panel using remote software tools

One last point worth noting: the LCD panel can be configured remotely by the iDRAC’s software suite as well as through RACADM (command-line) or IPMITOOL software packages.

Monday, 22 August 2016

Chrome and Firefox Standalone Installer

Firefox Standalone:
https://www.mozilla.org/en-US/firefox/all/

Chrome Standalone:
https://www.google.com/chrome/browser/desktop/index.html?system=true&standalone=1

Tuesday, 16 August 2016

How to Recover Your Windows or Office Product Key

Office 2010 & Office 2013

Office 2010 and Office 2013 do not store their product keys in an easily accessible location in the registry file and many third party programs cannot scan for them. However, you can use a script to find the last five digits of the product key.

Open the Command Prompt by searching for “cmd” in Windows.

In the command prompt, type or paste in the following:

Windows (32-bit)
Office 2010 (32-bit)	cscript “C:\Program Files\Microsoft Office\Office14\OSPP.VBS” /dstatus
Office 2013 (32-bit)	cscript “C:\Program Files\Microsoft Office\Office15\OSPP.VBS” /dstatus
Windows (64-bit)
Office 2010 (32-bit)	cscript “C:\Program Files (x86)\Microsoft Office\Office14\OSPP.VBS” /dstatus
Office 2010 (64-bit)	cscript “C:\Program Files\Microsoft Office\Office14\OSPP.VBS” /dstatus
Office 2013 (32-bit)	cscript “C:\Program Files (x86)\Microsoft Office\Office15\OSPP.VBS” /dstatus
Office 2013 (64-bit)	cscript “C:\Program Files\Microsoft Office\Office15\OSPP.VBS” /dstatus

*Please note that if Office is not installed on your C: drive, you will need to update the drive letter in the above script appropriately.

Once you have the last five digits, you can then back track the full key using the last five digits by contacting Microsoft.

Losing a product key does not mean you have to purchase the product again, as most of the time you can recover it by scanning through the registry file.

Thursday, 4 August 2016

Wi-Fi 20mhz 和 40mhz 频段带宽的区别是什么？如果做桥接，哪个更好？

著作权归作者所有。
商业转载请联系作者获得授权，非商业转载请注明出处。
作者：曹梦迪
链接：http://www.zhihu.com/question/20404191/answer/15036354
来源：知乎

20Mhz和40Mhz的区别，可以想象成道路的宽度，宽度越宽当然同时能跑的数据越多，也就提高了速度。
当然，无线网的“道路”是大家共享的，一共就这么宽（802.11 b/g/n的频带是 2.412Ghz ~ 2.472Ghz，一共60Mhz。802.11a/n在中国可用的频带是5.745Ghz ~ 5.825Ghz，同样也是60Mhz），你占用的道路宽了，跑得数据多了，当然就更容易跟别人撞车，一旦撞车大家就都会慢下来，比你在窄路上走还要慢，参考这个图：

原来挤一挤可以四个人同时用的，如果你用了40Mhz的话就只能两个人同时用了。
所以哪个更好的问题和你多大的房子无关，最主要的是你附近有多少个人跟你一起上路的，用NetStumbler这种扫描软件可以很容易看清楚周围频带的占用情况，如果你附近没什么人用，那么恭喜你，用40Mhz来享受高速吧！如果周围“车辆”很多，那么你最好还是找一个车少点的“车道”，老老实实用20Mhz比较好。

当然，一个比较好用的方法就是采用未经许可的频段，比如802.11a/g/n的频段你可以找朋友从其他国家弄一个，然后设定在比如4.915Ghz，这样就跟谁都不干扰了，可以舒舒服服地用40Mhz的。当然这个仅限于极小的公司或者个人用户，规模太小用户国家一般也不会去管你，规模大了可就保不准了。

Wednesday, 3 August 2016

centOS - snmpd

1. yum install net-snmp-utils net-snmp
2. vim /etc/snmp/snmpd.conf
com2sec readonly default MyROGroup
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
view all included .1 80
access MyROGroup "" any noauth exact all none none
syslocation Malaysia, KL
syscontact xxx@yyy.com.my
extend .1.3.6.1.4.1.2021.7890.1 distro /usr/bin/distro

3. mv distro /usr/bin/distro
4. chmod +x /usr/bin/distro
5. service snmpd restart
6. chkconfig snmpd on
7. iptables -I INPUT -p udp --dport 161 -j ACCEPT
/sbin/service iptables save

Tuesday, 2 August 2016

Debian - Nginx - Server Blocks (Virtual Hosts in Apache):

apt-get install nginx
/etc/init.d/nginx status
/usr/share/nginx/html #default server block.

Step One — Set Up New Document Root Directories:
1. mkdir -p /var/www/example.com/html
mkdir -p /var/www/test.com/html
2. chown -R $USER:$USER /var/www/example.com/html
#use the $USER environmental variable to substitute the user account that we are currently signed in on.
chown -R $USER:$USER /var/www/test.com/html
3. chmod -R 755 /var/www
Step Two — Create Sample Pages for Each Site:
1. vim /var/www/example.com/html/index.html
<html>

<head>

<title>Welcome to Example.com!</title>

</head>

<body>

<h1>Success! The example.com server block is working!</h1>

</body>

</html>
2. cp /var/www/example.com/html/index.html /var/www/test.com/html/
3. vim /var/www/test.com/html/index.html
<html>

<head>

<title>Welcome to Test.com!</title>

</head>

<body>

<h1>Success! The test.com server block is working!</h1>

</body>

</html>
Step Three — Create Server Block Files for Each Domain
1. cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com
2. vim /etc/nginx/sites-available/example.com
server {

listen 80 default_server;

listen [::]:80 default_server ipv6only=on;

access_log /var/log/nginx/www.example.com-access.log;
error_log /var/log/nginx/www.example.com-error.log;

root /var/www/example.com/html;

index index.html index.htm;

server_name example.com www.example.com;

location / {

try_files $uri $uri/ =404;

}

}
#Server blocks for subdomain
server {
listen 80;
listen [::]:80;

root /var/www/example.com/html;
index index.html index.htm index.php;

server_name sub2.example.com;
}

3. cp /etc/nginx/sites-available/example.com /etc/nginx/sites-available/test.com
4. vim /etc/nginx/sites-available/test.com
server {

listen 80;

listen [::]:80;

access_log /var/log/nginx/www.test.com-access.log;
error_log /var/log/nginx/www.test.com-error.log;

root /var/www/test.com/html;

index index.html index.htm;

server_name test.com www.test.com;

location / {

try_files $uri $uri/ =404;

}

}
Step Four — Enable your Server Blocks and Restart Nginx
1. ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
2. ln -s /etc/nginx/sites-available/test.com /etc/nginx/sites-enabled/
3. rm /etc/nginx/sites-enabled/default
4. vim /etc/nginx/nginx.conf
server_names_hash_bucket_size 64; #remove the comment
5. service nginx restart

Step Five — Test your Results
1. http://example.com
2. http://test.com

Monday, 1 August 2016

iptables - SSH

vim /iptables.sh

#!/bin/bash

echo 1 > /proc/sys/net/ipv4/ip_forward

IPT='/sbin/iptables'

for a in `cat /proc/net/ip_tables_names`; do

${IPT} -F -t $a

${IPT} -X -t $a

if [ $a = nat ]; then

${IPT} -t nat -P PREROUTING ACCEPT

${IPT} -t nat -P POSTROUTING ACCEPT

${IPT} -t nat -P OUTPUT ACCEPT

elif [ $a = mangle ]; then

${IPT} -t mangle -P PREROUTING ACCEPT

${IPT} -t mangle -P INPUT ACCEPT

${IPT} -t mangle -P FORWARD ACCEPT

${IPT} -t mangle -P OUTPUT ACCEPT

${IPT} -t mangle -P POSTROUTING ACCEPT

elif [ $a = filter ]; then

${IPT} -t filter -P INPUT DROP

${IPT} -t filter -P FORWARD DROP

${IPT} -t filter -P OUTPUT DROP

done

WAN="eth0"

iptables -A INPUT -i eth0 -p tcp --dport 2222 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -o eth0 -p tcp --sport 2222 -m state --state ESTABLISHED -j ACCEPT