Archive

Archive for September, 2007

nbtstat command

September 27, 2007 Leave a comment

K:\>nbtstat -a 1.1.1.140

Dark Network:
Node IpAddress: [0.0.0.0] Scope Id: []

Host not found.

Name of Interface:
Node IpAddress: [1.1.1.140] Scope Id: []

NetBIOS Remote Machine Name Table

Name Type Status
———————————————
MIS3565 UNIQUE Registered
GROUP GROUP Registered
MIS3565 UNIQUE Registered
GROUP GROUP Registered

MAC Address = 00-XX-XX-13-E4-52

Looking for a way to get the Windows username from command line.

Categories: Windows

SMB – chatty protocol

September 24, 2007 Leave a comment

Here is a post detailing why SMB is a chatty protocol.

http://blogs.technet.com/neilcar/articles/247903.aspx

I sniff the network and saw a lot of messages for a simple copy/paste of an Excel file. It was worse for opening an Excel file, making a change, and saving it.

MAPI is also a chatty protocol. SMB 2.0 is suppose to fix this.

http://episteme.arstechnica.com/eve/forums/a/tpc/f/469092836/m/279006746831

Categories: Networking

VPN Concentrator and OSPF

September 21, 2007 Leave a comment

The other day, I wanted to test with our second VPN Concentrator, so exported a good XML config, find/replace all the IP addresses and placed it on the network. It had OSPF turned on the public interface, so it was advertising a route to the Internet. The internal saw this advertisement and routed traffic to the Concentrator, thus breaking everything. I actually had to disabled the interface, then turn off OSPF (turning OSPF on the public interface just by itself didn’t work).

Categories: Networking

Rancid

September 18, 2007 Leave a comment

After installing rancid, create a shell script with the following command.
/home/username/rancid/commands/sh_run is a text file rancid will pass to the router. This is handy if you are pushing a lot of commands.

#!/bin/sh
/usr/local/rancid/bin/clogin -v telnet_password -e enable_password -x /home/username/rancid/commands/sh_run 1.1.1.1 > filename1
/usr/local/rancid/bin/clogin -v telnet_password -e enable_password -x /home/username/rancid/commands/sh_run 1.1.1.2 > filename2

hostname ~ # cat /root/.cloginrc
add user admin 172.10.1.254
add password 172.10.1.254 password
add autoenable 172.10.1.254 1

http://homepage.mac.com/duling/halfdozen/RANCID-Howto.html
http://www.networkcomputing.com/showitem.jhtml?docid=1614ws1

Categories: Linux

Crontab and Date command

September 17, 2007 Leave a comment

10 12 * * * date=`/bin/date ‘+cfg_\%Y-\%m-\%d-\%H-\%M’`; cd /home/username/path/to/script/; ./hosts.sh > $date

final working crontab entry.

man 5 crontab

Percent-signs (%) in the command, unless escaped with backslash (\), will be changed into newline characters, and all data after the first % will be sent to the command as standard input.

http://www.dslreports.com/forum/r18864273-error-using-date-command-in-crontab
http://unix.ittoolbox.com/groups/technical-functional/shellscript-l/crontab-date-command-1074276

Categories: Linux

Installing/Upgrading Sitescope

September 5, 2007 Leave a comment

Before Upgrading please remember that you have to surrender the Old 7.x License
Key to the License Team and get a new 8.x License from them the Transaction is Free.
For this you can call to license team on number 877-837-8457

I have attached the Snap Shot for the 8.5 & 8.8 Download for you.

1. Stop the 7.x SiteScope Service & Take the Backup of Old 7.x SiteScope
Folder & UNINSTALL the SiteScope 7.x from the Machine then Install the
New 8.5 SiteScope on the Machine.

2. REBOOT the Machine

3. Stop the SiteScope Service

4. Take the BACKUP of the Whole New 8.5 SiteScope Folder

5. Copy the /SiteScope/groups Directory from Old 7.x SiteScope to the New /SiteScope/groups

6. Copy the /SiteScope/logs Directory from Old 7.x SiteScope to the New /SiteScope/logs

7. Copy the /SiteScope/htdocs Directory from Old 7.x SiteScope to the New /SiteScope/htdocs

8. Copy the templates.* Directories from Old 7.x SiteScope to the New SiteScope

9. On the New SiteScope Server Delete the *.dyn files from the /SiteScope/groups

10. On the New SiteScope Server Delete the *.ssf & *.dcf files from the /SiteScope/persistency

11. On the New SiteScope Server Delete the *.ssf & *.dcf files from the /SiteScope/persistency/history

12. On the New SiteScope Server go to SiteScope/groups Directory and Edit the master.config and
change the License on the _license field to the New 8.5 License.

13. On the New SiteScope Server go to SiteScope/groups Directory and Edit the master.config.bak and
change the License on the _license field to the New 8.5 License.

14. On the New SiteScope Server go to SiteScope/groups Directory and Edit the master.config and
Update the IP Address/Host Name with that of the New Server where ever you see it.

15. On the New SiteScope Server go to SiteScope/groups Directory and Edit the master.config.bak and
Update the IP Address/Host Name with that of the New Server where ever you see it.

16. Copy the Custom Driver files from Old SiteScope/java/lib/ext to the New 8.5 SiteScope/java/lib/ext
& SiteScope/WEB-INF/lib .(Remember copy only those files which are NOT there in the
New SiteScope/java/lib/ext & SiteScope/WEB-INF/lib)

17. Start the SiteScope Service

18. Install the SS 8.8 Service Pack over it.

The black interface is called the Sitescope Interface. It runs on a different port. The default port on the Sitescope install is 8888, the classic interface runs on 8890. Also, you had to tell Sitescope to run as a valid Windows account on the Log on tab within services.msc.

Categories: Windows

Cisco VPN Concentrator for remote access

September 4, 2007 Leave a comment

A very good PDF explaining how to setup remote access.
http://www.movement3.com/docs/VPN_remote_access.pdf

Configuration > User Management > Groups
Identify tab
Group name and pre-shared password

General tab
Primary and Secondary DNS tabs

IPsec tab
IPSec SA – ESP-3DES-MD5
Tunnel Type – Remote Access
Authentication – Radius

Client Config tab
IPSec over UDP – checkmark
Split Tunneling Policy – If you are tunneling everything, then you need to define the tunnel default gateway. That is under Configuration > System > IP Routing > Default Gateways. If you are performing split tunneling, then click on Only tunnel networks in the list

Split Tunneling Network List – Select the one you created under Configuration > Policy Management > Traffic Management > Networks Lists > Create/Modify, you would list the IP subnets of your internal network here.

Here is a PDF with more info about creating split tunnels.
http://www.movement3.com/docs/VPN_Split_tunnel2.pdf

To use IPSec over TCP
Configuration > Tunneling and Security | IPSec | NAT Transparency
Checkmark IPSec over TCP
Port 10000

Errors on the production Concentrator

Jul 25 16:15:53 10.1.1.X 2387836: 2007 Jul 25 16:13:01.260 CDT -5:00 %IKE-5-127: RPT=40: 98.200.X.X: Group [some_grp] Xauth required but selected Proposal does not support xauth, Check priorities of ike xauth proposals in ike proposal list

http://www.cisco.com/warp/public/471/vpn_3002_nem_5402.html

This is a phase 1 error.
Configuration > Tunneling and Security > IP Sec > IKE Proposals

I had to activate CiscoVPNClient-3DES-MD5 and move it to the top of the list.

To have the Concentrator authenticate against Microsoft Radius server, see entry from June 07, 2007.

NAT Transparnet
http://www.cisco.com/warp/public/471/nat_trans.html
http://www.microsoft.com/technet/community/columns/cableguy/cg0802.mspx
http://lists.shmoo.com/pipermail/vpn/2003-October/004443.html
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html

Categories: Networking
Follow

Get every new post delivered to your Inbox.