Updated sheets

http://packetlife.net got some new cheet sheets!

Updated:

http://packetlife.net/static/cheatsheets/bgp.pdf

http://packetlife.net/static/cheatsheets/eigrp.pdf

http://packetlife.net/static/cheatsheets/first-hop-redundancy.pdf

http://packetlife.net/static/cheatsheets/spanning-tree.pdf

http://packetlife.net/static/cheatsheets/ios-ipv4-access-lists.pdf

http://packetlife.net/static/cheatsheets/cisco-ios-versions.pdf


Check em' out!

Cheers :)

Recap on netsh (Windows)

Dump interface config (Tested on Windows 2003 STD SP2)


Save your perfect running config (real pain add many many ip's in windows manually).

C:\documents and settings\Administrator\My Documents>netsh -c interface dump > interface.server1.txt

Want to update or change some values? Just edit interface.server1.txt (carefull about correct syntax - http://technet.microsoft.com/en-us/library/cc738592(WS.10).aspx)
Save as new file like "interface.server1.new.txt"

Deploy your new settings

C:\documents and settings\Administrator\My Documents>netsh -f interface.server1.new.txt

Something went wrong or testing done?
- Revert to old config!

C:\documents and settings\Administrator\My Documents>netsh -f interface.server1.txt


Violá! Be sure always verify settings and connectivity!

Remove old files (*nix commandline)

Other day I needed to remove quite a few old files, modified X days ago

/var/www/htdocs/disttool/filedata# ls -lah
-rw-r--r-- 1 www-data www-data 15M 2007-10-12 15:41 349
...
-rw-r--r-- 1 www-data www-data 44M 2008-12-10 11:48 510

File names are 349 interated up to 510 in this case

So how to remove every file older than 2 days?


#find /var/www/htdocs/disttool/filedata/ -mtime +2 -exec rm {} \;


I recomend replacing "-exec rm" with "-exec ls -lah" before rm'ing..
rm will *not* ask for confirmation during delete..
Platform is Debian

Cheers!

Extract multiple zip files with 7-zip (Windows)

The other day I needed to extraxt some ESX 3.x patches within one directory.
http://www.vmware.com/ allow downloading patches using small java applet.
But every patch is zipped archive containing many files.

Using one windowsserver for ESX patch depot I needed to extract all these files in one command. Since this Server already had 7-zip installed using that would be nice.


C:\>cd "Program Files\7-Zip"


EXECUTE!

C:\Program Files\7-Zip>7z.exe x G:\VMware_Patches\ESX350\*.zip -o"G:\VMware_Patches\ESX350\"

Processing archive....
....
....
Processing archive: G:\VMware_Patches\ESX350\ESX350-Update01.zip
Extracting ESX350-Update01Extracting ESX350-Update01\descriptor.xmlExtracting ESX350-Update01\contents.xmlExtracting ESX350-Update01\contents.xml.sig
...
...
Everything is Ok
Total:Archives: 89
C:\Program Files\7-Zip>

Now I want to check directories

C:\Program Files\7-Zip>dir /AD g:\VMware_Patches\ESX350

Directory of g:\VMware_Patches\ESX350
ESX350-200802301-BG2008-09-24
...
...

Seems ok!

DONE!

Networking packet traces

Just found this site, http://packetlife.net/captures/1

Among many things traces available include

GLBP_election.cap
ISIS_level2_adjacency.cap
MPLS_encapsulation.cap
PIM-SM_join_prune.cap

Not so much security as in networking stuff tho.

I plan to do some analysis using latest HeX Live CD
( please check it out! http://www.rawpacket.org/projects/hex/hex-livecd)

HeX contains variety of crucial tools needed while doing packet analysis.

Happy packet hunting!

Patching VMware ESX 3.0.1, with VMware ESX patches

One way to do this of many.. :)
This patching procedure asumes no Virtual Center just standalone ESX w NAS (NFS)

First download and install Patch ESX-5874303

VMware ESX Server 3.0.1, Patch ESX-5874303: Update to the esxupdate Utility
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=5874303

# /usr/sbin/esxupdate -v 10 -noreboot -r file:/mnt/ESXPatches/ESX-5874303


Then create list of extracted patches within /mnt/ESXPatches/

#!/bin/sh
#
# Create list of patchid's in /mnt/patches to patchesList.txt
cd /mnt/ESXPatches
rm patchesList.txt
ls -l | grep '^d' | awk '{ print $9 }' > patchesList.txt
echo DONE
echo /mnt/ESXPatches/patchesList.txt created


Now we are ready to install every patch that been downloaded and installed

patchESX.pl
#!/usr/bin/perl
# patchESX.pl -- auto update esx perl script
# by Vincent Vlieghe
# Version 6/03/2007
# Edited by Niklas Eriksson
use LWP::Simple;
$patchlist = get 'file:///mnt/ESXPatches/patchesList.txt';
@array = split(/\n/, $patchlist);
foreach $item (@array)
{
print $item;
$item = trim($item);
$cmdQuery = "/usr/sbin/esxupdate query | grep $item";
if(system($cmdQuery) == 0)
{
print "\n$item is already installed - skipping\n";
}
else
{
print "\n$item is not yet installed - installing\n";
$cmdUpdate = "/usr/sbin/esxupdate -v 10 -n -r file:///mnt/ESXPatches/$item update";
system($cmdUpdate);
}
}
sub trim($)
{
my $string = shift;
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
}

Now we can verify installed software and REBOOT our server!!!

[root@esx1 bin]# /usr/sbin/esxupdate -l query
Installed software bundles:
------ Name ------ --- Install Date --- --- Summary ---
3.0.1-32039 18:14:49 10/11/07 Full 3.0.1 release of VMware ESX Server
ESX-2158032 12:12:28 10/12/07 Add LFENCE for RWO on AMD K8 before RevF
ESX-1410076 12:15:33 10/12/07 BSOD 0x109 during 64-bit Windows install
ESX-1006511 12:16:10 10/12/07 Fixing TX hang in 80003ES2LAN Controller
ESX-9986131 12:16:54 10/12/07 Updated openssh, python, and openssl
ESX-8173580 12:18:11 10/12/07 Fix COS Oops running Dell OM5 w/ QLogic
ESX-6921838 12:20:38 10/12/07 hot removal of a virtual disk thru SDK
ESX-2066306 12:21:08 10/12/07 Patch for VM crashes and possible freeze
...

Shutdown ESX 3.0.1 VM's from console

Small script for VMware ESX 3.0.1

VMShutdown.sh
--------------------
#!/bin/sh
# VMware ESX 3.0.1
# Get VM state, shutdown running VM's
# From http://www.mgeups.com/download/soft/install/linux/nsm/how_to_vmware_en_1_2.pdf
# VMware tools MUST be installed in each VM for this script to work
#
VMLIST=`/usr/bin/vmware-cmd -l`
for VM in $VMLIST
do
VMSTATE=`/usr/bin/vmware-cmd "$VM" getstate -q`
# Guest OS shutdown if VMSTATE is equal to "on"
if [ "$VMSTATE" == "on" ]
then
/usr/bin/vmware-cmd $VM stop trysoft hard
echo Waiting 10 SEC
sleep 10
fi
done
echo ----------------------------------------------------------------
echo DONE, check for errors if VM's don't have VMware tools installed
echo ----------------------------------------------------------------

Extract several VMware ESX patches within one directory (ESX 3.0.1 Console)

I wanted to extract all archives with one line.

First mounting my NFS share (R/W)
#mount 172.16.1.20:\ESXPatches /mnt/ESXPatches
#cd /mnt/patches
#ls
..
ESX-9986131.tgz
ESX-8173580.tgz
..

Action begins here;

root@esx1 patches]# for i in *.tgz; do tar -xzvf $i;done
ESX-1000039/
ESX-1000039/VMware-esx-scripts-3.0.1-42368.i386.rpm
ESX-1000039/VMware-esx-vmkernel-3.0.1-47426.i386.rpm
ESX-1000039/headers/
ESX-1000039/headers/VMware-esx-scripts-0-3.0.1-42368.i386.hdr
ESX-1000039/headers/VMware-esx-vmkernel-0-3.0.1-47426.i386.hdr
ESX-1000039/headers/header.info
ESX-1000039/descriptor.xml
ESX-1000070/
ESX-1000070/VMware-esx-scripts-3.0.1-42368.i386.rpm
ESX-1000070/VMware-esx-tools-3.0.1-47426.i386.rpm
ESX-1000070/VMware-esx-vmx-3.0.1-47426.i386.rpm
..
..

Seems OK!

Now I just need to wait for rest of 118 archives untaring..

Cheers!

Reasons behind slow blogging

My father died 2008-02-16 after 5 years of having prostate cancer.
Tough times but I manage by, also inherit lots stuff and papers.
Time have been short also bit lack of motivation but will keep posting at semi-regular intervalls ;-)

Regards,
Niklas