BLOND IT

Thursday 23 November 2017

verinice auf Linux (Ubuntu 16.04, 32bit)

Installation:

Prüfen sie ob alle verinice Voraussetzungen ausgefüllt:

https://verinice.com/support/systemvoraussetzungen/

Schritt 1:

Auf Ubuntu 16.04 32-bit verinice Paket laden:

Link

Schritt 2:

Xulrunner Paket laden:

Link

Schritt 3:

Beide Pakete nach /opt Verzeichnis extrahieren.

root@student-lampp:/opt# ls



verinice-gtk-linux-x86 xulrunner

Schritt 4:

Die Datei verinice.ini anpassen, die Zeile hinzufügen:

-Dorg.eclipse.swt.browser.XULRunnerPath=/opt/xulrunner

(also muss die Richtige Pfad zur xulrunner eingegeben werden)

Schritt 5:

Verinice starten, aber nicht mit root Rechte:

./verinice

Thursday 29 September 2016

Minicom

In practice you can use Minicom for connecting devices via serial port, e.g. Switch - Server. For this you need console cable.

Minicom is a text-based serial port communications program. It is used to talk to external RS-232 devices such as mobile phones, routers, and serial console ports.

Step 1: Install minicom on the server.

yum install minicom

Another command is:

sudo apt-get install minicom

Using the program

Step 2: Find out the name of your port(s):

dmesg | grep tty

Output can be like this:

dmesg | grep tty 

serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A 

00:09: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A 

ttyPS0 at port 0x5080 (irq = 82) is a ST16654 

ttyPS1 at port 0x5088 (irq = 82) is a ST16654 ...

What we are interested in is the name of the serial port. In the first section above it is ttyS0.

Step 3: minicom setup

minicom -s

Adjust the Serial Device settings that you need:

Remember: here is important to choose correct port's name and correct baud rate of the device.
Setup the minicom with the help of letters that you see in menu.

save as dfl

Step 4: Exit minicom and now you can access to your serial port with command:
minicom

Can be that after that you have an output with strange symbols. Then you must again go in minicom settings, Modem and dialing parameter setup and delete the init string:

Thursday 22 September 2016

Linux Server. Useful Tips

Once I had a task to find out Linux Server Serial Number. How to do this remote? All you need to know some useful commands.

dmidecode -t system

Dmidecode tool read DMI (some say SMBIOS) table to fetch data and displays useful system informations like hardware details, serial numbers and BIOS version, Processor etc. in human readable format. You may require root priviledge to execute dmidecode command.

Output can be something like this:

# dmidecode 2.10

SMBIOS 2.7 present.

# SMBIOS implementations newer than version 2.6 are not

# fully supported by this version of dmidecode.



Handle 0x0100, DMI type 1, 27 bytes

System Information

Manufacturer: HP

Product Name: ProLiant ML350 G6

Version: Not Specified

Serial Number: C125B65790

UUID: 12345678-1234-1A23-4A34-123456789012

Wake-up Type: Power Switch

SKU Number: 123124-Z45

Family: ProLiant



Handle 0x2000, DMI type 32, 11 bytes

System Boot Information

Status: No errors detected

Also instead only system you can check other parameters (with the keywords):

bios - bios parameters shown
baseboard - mother board parameters
chassis - machine chassis data
processor - processor information
memory - memory module size
cache - CPU cache information
connector - information about available sockets
slot - bus information

It is also possible to find the neseccary information with dmidecode ID:
The command will look like this (e.x.)
dmidecode -t 6 - to see memory parameters

0   BIOS

1   System

2   Baseboard

3   Chassis

4   Processor

5   Memory Controller

6   Memory Module

7   Cache

8   Port Connector

9   System Slots

10   On Board Devices

11   OEM Strings

12   System Configuration Options

13   BIOS Language

14   Group Associations

15   System Event Log

16   Physical Memory Array

17   Memory Device

18   32-bit Memory Error

19   Memory Array Mapped Address

20   Memory Device Mapped Address

21   Built-in Pointing Device

22   Portable Battery

23   System Reset

24   Hardware Security

25   System Power Controls

26   Voltage Probe

27   Cooling Device

28   Temperature Probe

29   Electrical Current Probe

30   Out-of-band Remote Access

31   Boot Integrity Services

32   System Boot

33   64-bit Memory Error

34   Management Device

35   Management Device Component

36   Management Device Threshold Data

37   Memory Channel

38   IPMI Device

39   Power Supply

40   Additional Information

41   Onboard Devices Extended Information

42   Management Controller Host Interface

Linux Version

cat /etc/*-release

Server Output:

Red Hat Enterprise Linux Server release 5.5 (Tikanga)

Output from Ubuntu (example):

DISTRIB_ID=Ubuntu

DISTRIB_RELEASE=16.10

DISTRIB_CODENAME=yakkety

DISTRIB_DESCRIPTION="Ubuntu Yakkety Yak (development branch)"

NAME="Ubuntu"

VERSION="16.10 (Yakkety Yak)"

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME="Ubuntu 16.10"

VERSION_ID="16.10"

HOME_URL="http://www.ubuntu.com/"

SUPPORT_URL="http://help.ubuntu.com/"

BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"

PRIVACY_POLICY_URL="http://www.ubuntu.com/legal/terms-and-policies/privacy-policy"

VERSION_CODENAME=yakkety

UBUNTU_CODENAME=yakkety

Distribution Name and Version

lsb_release -a

Output example:

No LSB modules are available.

Distributor ID: Ubuntu

Description: Ubuntu Yakkety Yak (development branch)

Release: 16.10

Codename: yakkety

Other useful commands:

uname -a - Kernel name, version number and machine hardware is output

cat /proc/version - Kernel version and gcc version used

Monday 22 August 2016

HP Pro Curve Switch Settings

How to connect to switches?

The first possibility to connect to HP switch is using direct console connection and access to the switch setup screen. For this you need an adapter for console cable that you can connect to your laptop.

Here i must say that with Windows laptop and putty all my tryings to connect and access console direct were unsuccessful although all necessary drivers were installed. That's why i have used my MacBook.

You have here also two variants of serial port access from your Mac.

The first one: with the help of some App. One good app that I've found for this purpose is Serial - the connection is easy and needs nothing extra for this.

The second one: connect with the help of terminal. Here you must know some commands:

cd /dev

ls -ltr /dev/*usb*

crw-rw-rw-  1 root  wheel   17,   8 22 Aug 16:21 /dev/tty.usbmodem1421

xvost-Laptop:dev xvostik$ screen /dev/tty.usbmodem1421

After all these commands the set-up screen open - you are connected with switch.

Also you can access your switch with ssh or telnet connection. For this i use putty tool from my Windows Laptop.

Switch menu

To access switch menu you must only type in console menu
The window with menu is open. With the help of arrows ←↑↓→ you can move in this window.

Here you can find much useful information. To start initial setup, you need to choose menu Run Setup.

Here you can set up your device due to requirements.

General commands can be useful

show running-config

show ip

show version

show flash

show system

show ip ssh

show spanning-tree

SSH enable

To enable SSH you must switch in configuration modus:
configure terminal
Generate RSA key:
crypto key generate ssh
Enable SSH:
ip ssh
Disable telnet:
no telnet-server (For enabling: telnet-server)

Time and timezone

To configure time and timezone you must also switch in configuration modus. Here is one example hot to adjust time for Central European Time UTC+01:00:

time daylight-time-rule western-europe

time timezone 60

time HH:MM MM/DD/YY

Remember: after any set up you must save your settings:

write memory

Exit from configuration modus:

exit

User and password

To create manager user and password you need to know only one command:
password manager user-name [user-name] plaintext [password]
Here you must be careful with password: if firmware on your device is old, can be it is not supported 16-numbers password or password with special characters.

Firmware update

How important to update your devices firmware i think is clear. With every version of firmware manufacturer try to close all possible security breaches. The latest firmware version for your HP switch you can find on HP Enterprise Site. As security check you can also prove checksums from downloaded files or just scan them with some virus scanner.

Here is necessary to say that all HP switches have two images: primary and secondary, that saved in flash memory of the device. If primary image get wrong, device boots from the secondary image. To check the image version you can with command show flash.

For downloading firmware on your switch you need TFTP server. You can choose any you will find. My choice is SolarWinds TFTP Server - free software easy to use.

To copy file on your switch you must start TFTP Server. The first one I copy the file for the secondary image. I make it just for testing if with image everything goes good and switch will work with it. If something goes wrong - you need just to plug out your switch and it will reboot from the primary image (which is the older version). The command for switch:

copy tftp flash [tftp-server IP] [firmware-file-name].swi [secondary]

Now I boot switch from the secondary image to check if everything goes good:

boot system flash secondary

Remember: it is good to monitor your switch in this moment to see it it works good. Sometimes CPU can be overloaded and then you have problems with your device. To see how it works all the time - just ping it from your terminal:

ping -t [switchIP].

If everything is good and your switch successfully rebbooted, you need to copy secondary firmware image in primary. Of course you can use again your TFTP Server and command

copy tftp flash [tftp-server IP] [firmware-file-name].swi [primary].

But more easy just copy image from secondary to primary:

copy flash flash primary

After that you need reboot your switch from primary image:

boot system flash primary