number of matches found: 421
#view queue
postcat -q << queue-id >>
http://praxistipps.chip.de/windows-10-startmenue-geht-nicht-das-koennen-sie-tun_43348
Sie haben außerdem die Möglichkeit, das Startmenü über die Windows PowerShell zu reparieren:
Drücken Sie die Tastenkombination [Strg] + [Shift] + [Esc], um den Task-Manager zu öffnen.
Klicken Sie unten links auf "Mehr Details".
Suchen Sie im Bereich "Windows-Prozesse" nach dem Eintrag "Windows-Explorer". Klicken Sie ihn mit der rechten Maustaste an und wählen Sie im Kontextmenü "Task beenden" aus.
Klicken Sie in der Menüleiste des Task-Managers zuerst auf "Datei" und anschließend auf "Neuen Task ausführen". Tippen Sie als nächstes "Powershell" (ohne Anführungszeichen) ein.
Geben Sie in der PowerShell diesen Befehl ein: "Get-appxpackage -all *shellexperience* -packagetype bundle |% {add-appxpackage -register -disabledevelopmentmode ($_.installlocation + \appxmetadata\appxbundlemanifest.xml)}" (ohne Anführungszeichen).
Nachdem der Vorgang abgeschlossen ist, geben Sie außerdem "Get-AppxPackage | % { Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppxManifest.xml" -verbose }" ein.
Klicken Sie im Task-Manager erst auf "Datei" und dann auf "Neuen Task ausführen". Geben Sie "explorer.exe" (ohne Anführungszeichen) ein und bestätigen Sie mit dem OK-Button.
Word-Datei mit Passwort schützen
Word-Datei mit Passwort schützen
Je nach Office-Version kann die Passwort-Einstellung leicht von dieser Beschreibung abweichen . Nutzen Sie eine ältere Office-Version, lesen Sie im zweiten Absatz weiter.

Öffnen Sie das Word-Dokument, welches Sie mit einem Passwort schützen möchten.
Klicken Sie oben links im Bildschirm auf den Punkt "Datei".
Unter dem Menüpunkt "Informationen" finden Sie nun den Button "Dokument schützen".
Klicken Sie auf diesen und wählen Sie darunter den Punkt "Mit Kennwort verschlüsseln" aus.
Geben Sie nun ein Passwort ein und klicken Sie auf "OK". Diesen Schritt müssen Sie nun noch einmal wiederholen.
Speichern und schließen Sie nun die Datei, müssen Sie bei der nächsten Öffnung das Kennwort eingeben.


Office 2007 und 2003: Word-Datei mit Passwort schützen

Office 2007: Klicken Sie oben links im Bildschirm auf den Office-Button und wählen Sie unter dem Punkt "Vorbereiten" die Option "Dokument verschlüsseln" aus. Geben Sie auch hier Ihr Kennwort doppelt ein und klicken Sie auf den Button "OK".
Office 2003: Klicken Sie oben in der Menüleiste auf "Extras" und wählen Sie etwa mittig in der Liste den Punkt "Dokument schützen" aus. Nun können Sie auch hier Ihr Kennwort setzen.
FreeIPA - Open Source identity management
readpst - convert PST (MS Outlook Personal Folders) files to mbox and other formats
ping 192.168.2.1 | perl -nle 'print scalar(localtime), " ", $_

with file redirect:
ping 192.168.2.1 | perl -nle 'BEGIN {$|++} print scalar(localtime), " ", $_' >/tmp/log
recode iso-8859-1..UTF-8 test.html
file -i * (abfragen)
put the following to: .vnc/xstartup
gnome-session &
gnome-panel &
screenshot program: http://www.screenpresso.com/de/
echo "ddd 1 test 12345 " | sed 's/[^0-9]//g'
http://tiddlywiki.com/ [ Andi says - the burner! ]
Network Kernel Parameters
These Parameters have been suggested by TIBCO to bring the performance of a LINUX machine to the maximum regarding the network.
We have used these tuning parameters successfully to reduce retransmissions on heavy loaded machines. You will find similar tuning tips, when searching for web-server optimization.

Parameter Red Hat Enterprise Linux Server 5.6 (Tikanga) VALUES proposal
net.core.rmem_max 131071 16777216
net.core.rmem_default 129024
net.core.wmem_max 131071 16777216
net.core.wmem_default 12902?
net.ipv4.tcp_rmem (3) 4096 4096
87380 87380
4194304 16777216
net.ipv4.tcp_wmem (3) 4096 4096
16384 65536
4194304 16777216
txqueuelen 1000 7000
net.core.netdev_max_backlog 1000 30000



Performance daten: missed/pkts und retrans/pkts are good quality parameters
TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or
make non-booting disks bootable again when these symptoms are caused by faulty software: certain types of viruses
or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy.
http://www.heise.de/download/testdisk.html
-> %Public%\Desktop
import os
mp = '/mount1'
if os.path.ismount(mp):
print('{0} is mounted'.format(mp))
else:
print('{0} is NOT mounted'.format(mp))
ps -ef | awk 'BEGIN{"hostname" | getline hstnm ; }; {print hstnm "\t" $0}'

Windows 7 PC sind: Ich würde empfehlen, einmal das lokale Profil zu entfernen.
Unter C:\Users liegt das Profil selber. Einfach Löschen oder umbenennen.

Der Profileintrag in der Registry muss evtuell auch gelöscht werden, ansonsten erstellt Windows kein neues. Der Eintrag findet sich hier:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Dort die Einträge durchschauen. Einer davon ist für den bestimmten user -- diesen löschen.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\profiles\<Profil>


3. Änder den Wert "Category" entsprechend deinen Wünschen ab.

Öffentlich = 0
Privat = 1
Arbeitsplatz = 2
findstr /c: "my search string" xyz*.log
check_mk -v --debug <hostname>


cmk -vpn <hostname>

OPTIONS:
-v show what's going on
-p also show performance data (use with -v)
-n do not submit results to core, do not save counters
pdsh.x86_64 : Parallel remote shell program

Die Startmenü-Einträge des gerade angemeldeten Benutzers sind im folgenden Ordner zu finden:

Original-Windows-7-Pfad:
C:\Users\[Benutzername]\AppData\Roaming\Microsoft\Windows\Start Menu\
Pfad-Bezeichnung in der deutschen Windows-7-Version:
C:\Benutzer\[Benutzername]\AppData\Roaming\Microsoft\Windows\Startmenü\

Pfad unter Windows XP, 2000, 2003 (dt.):
C:\Dokumente und Einstellungen\[Benutzername]\Startmenü

Die Startmenü-Einträge aller Benutzer sind im folgenden Ordner zu finden:

Original-Windows-7-Pfad :
C:\ProgramData\Microsoft\Windows\Start Menu\
Pfad-Bezeichnung in der deutschen Windows-7-Version:
C:\ProgramData\Microsoft\Windows\Startmenü\

Pfad unter Windows XP, 2000, 2003 (dt.):
C:\Dokumente und Einstellungen\AllUsers\Startmenü
Schneller geht es mit einer pfiffigen Tastenkombination. Um das aktuelle Datum einzufügen, drücken Sie einfach die Tastenkombination [Strg]+[.]. Die aktuelle Uhrzeit wird mit der Tastenfolge [Strg]+[Umschalten]+[.] eingefügt.
diff -u
#backup
dd if=/dev/sdb of=/tmp/compact_flash_winxp-embedded.dd

#restore
dd if=/tmp/compact_flash_winxp-embedded.dd of=/dev/sdb
echo "MYFIRST_Bla_bla_bla_123" | grep -oP "^[^_]*"
MYFIRST
in Verzeichnis: /etc/check_mk/rrds/

rrdtool dump xyz.rrd >dump.xml #archive nach xml
dump.xml #editieren ... GAUGE nach COUNTER umstellen
rrdtool restore -f dump.xml xyz.rrd #restore des rrd archives

-> evtl. noch einen Max Value definieren, z.B. auf 20000:
in der <ds> Sektion: <max>2.0000000000e+04</max>
Als Tool eignet sich der Spike Killer for Cacti Graphs version 1.1, siehe:
http://oss.oetiker.ch/rrdtool/pub/contrib/spikekill-1.1-1.txt
http://oss.oetiker.ch/rrdtool/pub/contrib/removespikes-20080226-mkn.tar.gz

Installiert auf server:
/root/install/removespikes.php mit Softlink /etc/check_mk/rrds/removespikes.php

Aufruf des Tools:
php /etc/check_mk/rrds/removespikes.php

Eine Analyse des RRDs / Dryrun (-D) ausführen:

php /root/install/removespikes.php -R=/etc/check_mk/rrds/myrrd.rrd -D

NOTE: Using RRDtool Version 1.4.5
NOTE: Creating XML file '/tmp/myrrd.dump.1082430277' from '/etc/check_mk/rrds/myrrd.rrd'
NOTE: Searching for Spikes in XML file '/tmp/myrrddump.1082430277'

Size DataSource CF Samples NonNan Avg StdDev MaxValue MinValue MaxStdDev MinStdDev StdKilled VarKilled StdDevAvg VarAvg
---------- --------------- ---------- ------- ------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------
1 mins 1 AVERAGE 2880 2657 209509.79 127307.51 500900.16 1530 0 0 2657 0 0 209351.87
1 mins 2 AVERAGE 2880 2652 5.81 1.16 11.43 2.73 17.41 0 2652 0 0 5.8
5 mins 1 AVERAGE 2880 531 209572.01 126806.63 500304.83 2401.56 0 0 531 0 0 208784.81
5 mins 2 AVERAGE 2880 530 5.82 1.04 10.7 3.57 16.19 0 530 0 0 5.81
30 mins 1 AVERAGE 4320 88 208835.31 126307.82 488536.87 5197.31 0 0 88 0 0 204630.94
30 mins 2 AVERAGE 4320 88 5.84 0.72 8.05 4.1 13.03 0 88 0 0 5.82
6 hours 1 AVERAGE 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
6 hours 2 AVERAGE 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
1 mins 1 MAX 2880 2657 209509.79 127307.51 500900.16 1530 0 0 2657 0 0 209351.87
1 mins 2 MAX 2880 2652 5.81 1.16 11.43 2.73 17.41 0 2652 0 0 5.8
5 mins 1 MAX 2880 531 211308.28 127291.49 500900.16 2619.45 0 0 531 0 0 210530.73
5 mins 2 MAX 2880 530 6.2 1.16 11.43 3.75 17.77 0 530 0 0 6.18
30 mins 1 MAX 4320 88 214962.64 127600.81 500900.16 9952.85 0 0 88 0 0 210306.38
30 mins 2 MAX 4320 88 7.49 1.09 11.43 5.27 18.39 0 88 0 0 7.42
6 hours 1 MAX 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
6 hours 2 MAX 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
1 mins 1 MIN 2880 2657 209509.79 127307.51 500900.16 1530 0 0 2657 0 0 209351.87
1 mins 2 MIN 2880 2652 200.68 2694.89 48866.02 3.22 20000 0 2652 0 0 108.96
5 mins 1 MIN 2880 531 208244.05 127277.6 499411.83 1530 0 0 531 0 0 207453.4
5 mins 2 MIN 2880 530 5.45 1 10.21 3.22 15.41 0 530 0 0 5.44
30 mins 1 MIN 4320 88 196106.56 126782.38 483752.74 1530 0 0 88 0 0 191131.96
30 mins 2 MIN 4320 88 4.78 0.75 7.18 3.22 12.29 0 88 0 0 4.77
6 hours 1 MIN 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
6 hours 2 MIN 5840 0 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A


->in Spalte StdKilled und VarKilled sieht man die potentiellen Treffer, möchte man die Treffer von VarKilled korrigieren, so wäre der Aufruf der folgende:
php /root/install/removespikes.php -R=/etc/check_mk/rrds/myrrd.rrd -M=variance

windows 2012 winsxs folder
-> enthält alle komponenten, sind hart verlinkt


Clean up the WinSXS folder from superseded components

You can remove any backup files created during the installation of a service pack by using the following command:

dism /online /cleanup-image /SPSuperseded

Note that after you execute that command you will no longer be able to uninstall the service pack.

To further cleanup any superseded components and reduce the size of the component store execute:

dism /online /cleanup-image /StartComponentCleanup
C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
Shortcut anlegen .. dann services.msc eingeben .. fertig
Computer management Shurtcut auf Desktop: compmgmt.msc
Aufruf: wmic PROCESS
Get-ChildItem *.dat | Foreach-Object {Get-Content $_ | Out-String | Foreach-Object {$_.Replace("altes Haus","neues Schloß")} | Set-Content $_}st
makeNagiosLogReadable.pl

#!/usr/bin/perl
$param1=$ARGV[0];
$file='/var/log/nagios/nagios.log';
if ($param1 ne ''){
$file = $param1;
}
open(IN,"$file") or die "kann Nagios Log Datei $file nicht lesen.";
while(<IN>){
$line = $_;
chomp($line);

if ($line =~ /^\[(\d*)\](.*)$/){
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($1);
my $datum = sprintf "%02d.%02d.%04d %02d:%02d:$sec" , $mday , $mon+=1 ,$year+=1900 , $hour , $min, $sec ;
print "\[$datum\]$2\n";
}else{
print "$line\n";
}

}
close(IN);
xmllint --noout <your-file.xml>
X:\Users\benutzer\AppData\Roaming\Microsoft\Window s\Start Menu

für den einzelnen Benutzer

und

C:\ProgramData\Microsoft\Windows\Start Menu

deployment batch:
set host=hostname

mkdir \\%host%\d$\MSSQL_backup
copy mssql_backup_check.vbs "\\%host%\d$\Program Files (x86)\check_mk\plugins"
sc \\%host% stop "check_mk_agent"
sleep 5
sc \\%host% start "check_mk_agent"

-------------

rem @echo off

set src="d:\my_files\check.ps1

for /f "eol= tokens=1" %%i in (d:\my_files\deploy.lst) do copy /v /y "%src%" "\\%%i\d$\Program Files (x86)\check_mk\local\"
yum install perf.x86_64
Info zu Benutzer auslesen: net user username /dom
If EGit is missing in your Eclipse installation, you can install it via the Eclipse Update Manager via: Help ? Install new Software. EGit can be installed from the following URL: http://download.eclipse.org/egit/updates

Packet Name: Eclipse EGIT
Server unter CentOS aufsetzen
http://www.makethenmakeinstall.com/2012/04/git-part-1-intro-to-git-setup-a-git-server-on-centos-and-create-a-new-project/
http://www.makethenmakeinstall.com/2012/05/git-part-2-interacting-with-your-project/

part1 - server auf centos aufsetzten
- yum install git
- mkdir /git
- cd /git
- mkdir git_projekt1.git
- cd git_projekt1.git
- git init --bare # this command will initialize the server side of your new repository and set up the required git files and 'infrastructure.'
- sc query state= all #alle dienste anzeigen
- sc stop Check_MK_Agent / sc start Check_MK_Agent
UNetbootin, Universal Netboot Installer
http://sourceforge.net/projects/unetbootin/?source=recommended
#windows prozesse -listening anzeigen
netstat -ano |findstr LISTEN

#prozesse anzeigen
tasklist |findstr putty
netstat -antpe
1.) >>Fixit von Microsoft
https://support.microsoft.com/de-de/kb/958012

2.) Configuring Outlook to Not Send Winmail.dat Attachments
Set the Global Properties to have Outlook by default send your email in Hypertext Markup Language (HTML):

Outlook 2007: Select Tools > Options > Email Format > Internet Options. Select Convert to HTML format.
Outlook 2010 and 2013: Select File > Options > Mail and then scroll to the bottom of the dialog. Select Convert to HTML format.
$ wget -O speedtest-cli https://raw.github.com/sivel/speedtest-cli/master/speedtest_cli.py
$ chmod +x speedtest-cli
$ ./speedtest-cli

ntpserver: 0.de.pool.ntp.org

w32tm /query /status
w32tm /config /syncfromflags:manual /manualpeerlist:0.de.pool.ntp.org /update /reliable:yes
w32tm /config /syncfromflags:manual /manualpeerlist:ntp /update /reliable:yes
net stop w32time
net start w32time
WSO is a PHP shell backdoor that provide an interface for various remote operations. It can perform everything from remote code execution, bruteforcing of servers, provide server information, and more.
example: http://snipplr.com/view/70661/
http://www.exploit-db.com/search/?action=search&;filter_description=Linux+Kernel+2.6.32

check-for-backdoors-in-php-scripts
- maldet
- clamav
- https://github.com/emposha/PHP-Shell-Detector --> http://shelldetector.com/
>> http://www.xyz.de/_temp/PHP-Shell-Detector-master/shelldetect.php
lsof -s | awk '$5 == "REG"' | sort -n -r -k 7,7 | head -n 20
neue leer disk erstellen ... danachdas "flat file tauschen" ..
wie hier beschrieben: http://vmwareworld.blogspot.de/2011/05/recreating-missing-virtual-machine-disk.html

vmkfstools -c 64424509440 -a lsisas1068 -d thin hdd1.vmdk
ftp filesync tool + mehr
For those that don't have vCenter or want to connect to a stand alone ESXi 5.5 host via the vSphere Client,
you'll need to ssh into the ESXi host and modify the following file: /etc/vmware/rhttpproxy/config.xml

Insert the following xml line into the appropriate section:

<vmacore>
...
<ssl>
...
<cipherList>ALL</cipherList>
...
</ssl>
...
</vmacore>


After saving your changes restart the service:

/etc/init.d/rhttpproxy restart
This happens if the last 6 characters of this path, ..../ruthwoodtli.ch/httpdocs/ (end of $temp_path), is NOT "typo3/" for some reason.
You may have a strange server configuration. Or maybe you didn't set constant TYPO3_MOD_PATH in your module?

If you want to debug this issue, please edit typo3/init.php of your TYPO3 source and search for the die()
call right after this line (search for this text to find)...

wenn man die auskommentiert bekommt man:
[PATH_TRANSLATED] => /usr/bin/modsec-clamscan.pl

solution:
In the file init.php located in typo3 folder is a variable called $temp_path.
The code seems to be unable to enumerate the
correct path within a php file located in the same folder
(like alt_doc.php).
$temp_path = str_replace('\\','/',dirname(PATH_thisScript).'/');

So I changed it to the absolute path like that...and
it's working.
$temp_path = "/var/www/vhosts/domain.tld/httpdocs/typo3/";


für unseren Fall: $temp_path = "/var/www/web062/html/typo3/";
use Fcntl ':flock';
open SELF, '<', $0 or die 'I am already running...';
flock SELF, LOCK_EX | LOCK_NB or exit;
Ein "Last Changed" ist in Typo3 kein Problem und lässt sich einfach einfügen.

## Last Changed [Begin]
lib.lastUpdated = TEXT
lib.lastUpdated.data = page:SYS_LASTCHANGED
lib.lastUpdated.strftime = %d-%m-%Y %H:%M
lib.lastUpdated.wrap = <p>Last Changed: |</p>
## Last Changed [End]
Typo3 eMail Absendeadresse kann in der localconf.php angepasst werden. Die Keys lauten:

$TYPO3_CONF_VARS['MAIL']['defaultMailFromAddress'] = 'me@example.com';
$TYPO3_CONF_VARS['MAIL']['defaultMailFromName'] = 'Der Absender der Mail';

[TS]#Zeigt den Inhalt des Sysordners mit der PID 12 am Marker ###TEST### an
page.10.marks.TEST = CONTENT
page.10.marks.TEST {
table = tt_content
select {
pidInList = 12
orderBy = sorting
where = colPos= 0
}
}
[/TS]


... oder anders element #58 einbauen
### Linker Spezial-Inhalt (Öffnungszeiten)##
linke_info = RECORDS
linke_info {
tables = tt_content
source = 58
}

C:\Users\benutzername\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar

+ registry:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband
http://blog.rimuhosting.com/2012/09/20/finding-spam-sending-scripts-on-your-server/
mail.add_x_header = On
mail.log = /tmp/phpmail.log

Your php.ini will be in /etc/php.ini if you are using a RedHat based distro (Centos, Fedora, etc) and in /etc/php5/apache/php.ini if you run a Debian derivative (Ubuntu, etc)

- indexing alternative sourceforge software: docfetcher
- agent ransack: 64bit version! http://mythicsoft.com/agentransack/download
- http://sourceforge.net/projects/docsearcher/
--> http://www.copernic.com/en/products/desktop-search/index.html --> copernic
--> out of support tool: google desktop search
-> es liegt wohl am 64bit windows
-> Lösung: Microsoft Office 2010 Filter Packs: http://www.microsoft.com/de-de/download/confirmation.aspx?id=17062
sbs 2008 susdb to clean it up: http://social.technet.microsoft.com/Forums/en-US/winserverwsus/thread/6ba524ba-6cf4-48f3-bcf3-18469ce14552/
Connecting to the Windows Internal Database requires the use of a Named Pipes connection. The connection string you want is:
\\.\pipe\MSSQL$MICROSOFT##SSEE\sql\query
powershell: tail -f
powershell -command "gc D:\Qt\log\log_dispatcherRcvNotEdi.txt -wait"
altes menü etc: classicShell (sourceforge)
run the dump
tcpdump -l -i eth0 -n not port 22 -w tcpdump.dump

--> read in the data
ntop -m 192.168.2.0/24 -f tcpdump.dump
Get-MailboxStatistics -server <Servername> | sort TotalItemSize | FT DisplayName,TotalItemSize
google analytics:

anonymous approach:

############# GOOGLE ANALYTICS ############
page.headerData.50 = TEXT
page.headerData.50.value (

<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-xxxxx']);
_gaq.push(['_gat._anonymizeIp']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

)
C:\Programme\OpenVPN\bin\openvpn-gui.exe --config_dir C:\Programme\OpenVPN\config\ --connect d12345_v2.ovpn
Da die Systemwiederherstellung auch in den Systemprogrammen ist versuche:
Start/Ausführen und
%SystemRoot%\System32\restore\rstrui.exe
---> oder einfach rstrui eingeben
apt-cache search nikto
nikto - web server security scanner
Here are the steps that I did to build the rpm:

1. installed Red Hat 5.7 / 64 bit server on our VMWARE test (IP 192.168.172.23 / name rhel5-mw-64)
2. installed the follwing rpm out of the 5.7 image:
rpm-build-4.4.2.3-22.el5
elfutils-0.137-3.el5
elfutils-libs-0.137-3.el5
gcc-4.1.2-51.el5
3. download the tool "checkinstall" .. this is a creat tool to build rpm's
- http://asic-linux.com.mx/~izto/checkinstall/download.php
--> saved to /root/checkinstall-1.6.2.tar.gz
--> extract: tar -xvzf /root/checkinstall-1.6.2.tar.gz
--> cd /root/checkinstall-1.6.2
--> make
--> make install

--> command "checkinstall" is now available
4. download the perl module -> source files from http://search.cpan.org/~mshoyher/TacacsPlus-0.16/TacacsPlus.pm
--> saved to /root/TacacsPlus-0.16.tar.gz
--> extract: tar -xvzf /root/TacacsPlus-0.16.tar.gz
--> cd /root/TacacsPlus-0.16
--> generate the make file: perl Makefile.PL
--> use now the command "checkinstall"
check install parameters:
- Should I create a default set of package docs? [y]: n
- Slackware [S], RPM [R] or Debian [D]? R
- description. TacacsPlus Perl Module

--> done:
Done. The new package has been saved to
/usr/src/redhat/RPMS/x86_64/TacacsPlus-0.16-1.x86_64.rpm
You can install it in your system anytime using:


5. problem / warning when running checkinstall: ERROR: ld.so: object /usr/local/lib64/installwatch.so from LD_PRELOAD cannot be preloaded: ignored.
Solution: The problem occurs because the loader cant find the shared object file. The solution is very simple. Assuming that the installwatch.so is located in /usr/local/lib, just type the following commands:
echo "/usr/local/lib64" >/etc/ld.so.conf.d/installwatch.conf
ldconfig
ln -s /usr/local/lib/installwatch.so /usr/local/lib64/installwatch.so
file: /etc/yum.repos.d/local.repo
[localrepo]
name=Red Hat 5.7 - My Local Repo
baseurl=file:///mnt/iso/Server/
enabled=1
gpgcheck=0
#gpgkey=file:///path/to/you/RPM-GPG-KEY

test with "yum update"
http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html#resetting-permissions-unix
1. Stop mysqld and restart it with the --skip-grant-tables option. This enables anyone to connect without a password and with all privileges. Because this is insecure, you might want to use --skip-grant-tables in conjunction with --skip-networking to prevent remote clients from connecting.
2. Connect to the mysqld server with this command: mysql
3. mysql> UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root';
4. mysql> FLUSH PRIVILEGES;
for example to 5.6:

Use the 5.6 repos from the vault in your yum configs:
http://vault.centos.org/5.6/

[base]
#name=CentOS-$releasever - Base
name=CentOS-5.6 - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
baseurl=http://vault.centos.org/5.6/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

usw....
egrep -v '(^$|^#)' /etc/proxychains.conf
strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks5 10.10.10.10 1080
socks5 11.11.11.11 1080
-> auf englisch umstellen:
https://www-304.ibm.com/support/docview.wss?uid=swg21195484
-> in verknüpfung: "C:\Program Files\IBM\SDP75\eclipse.exe" -nl en_US -product com.ibm.rational.rsa4ws.product.v75.ide
-> 4 kb technologie --> format under linux:
https://bbs.archlinux.org/viewtopic.php?id=99626

--> create filesystem with 4096 block size!!!
mkfs.ext3 -b 4096 /dev/hdd1
/opt/IBM/TDI/V6.1.1/ibmditk
watch cat /proc/mdstat
iozone: http://www.iozone.org/src/current/iozone-3-397.i386.rpm
dd messung: dd if=/dev/zero of=/opt/vmware/test bs=200MB count=1 oflag=direct
rsync messung: rsync --progress test test4
/install/blackbox-0.70.1-1.el5.rf.i386.rpm
cat /root/.vnc/xstartup --->blackbox am ende einfügen
NTFS optimieren
8+3-Dateinamen
Bis Win95 durften Dateinamen lediglich 8 Zeichen beinhalten und 3 Zeichen fü die Datei-Erweiterung (.doc, .xls, .pdf). Seit Windows 95 sind Dateinamen bis zu einer Länge von 259 Zeichen möglich und dennoch wird jeder Dateiname zusätzlich im 8+3-Format gespeichert. Da diese Funktion das System bremst und nur gebraucht wird, wenn die Dateien auf alten DOS-Computern genutzt werden (was sicherlich niemand mehr tut), kann man diese unnötige Funktion getrost abschalten.
Dazu gibt man in die Kommandozeile fsutil behavior set disable8dot3 1 ein und drückt die Enter-Taste
Falls danach Netzwerkprobleme auftreten, lässt sich das 8+3-Format wieder mit fsutil behavior set disable8dot3 0 einschalten.


Datei-Zugriffe
Das NTFS-System speichert für jede Datei, wann sie das letzte Mal benutzt wurde - allerdings benötigt man diese Funktion nur sehr selten. So verursacht das öffnen eines umfangreichen Bilderordners viele unnötige Schreibvorgänge, da für jede Datei der letzte Zugriff gespeichert wird (Dateivorschau sei Dank). Das Abschalten kann vor Allem die Lebensdauer von Solid State Festplatten um einiges erhöhen.
Um die unnötige Speicherung abzuschalten, gibt man in die Kommandozeile fsutil behavior set disablelastaccess 1 ein. Damit die Änderungen übernommen werden, muss der PC allerdings neu gestartet werden.
Um die Funktion bei Bedarf wieder einzuschalten, gibt man in die Befehlszeile fsutil behavior set disablelastaccess 0 ein.
cd c:\windows\System32\config
chngpw -l SAM
chntpw -u username SAM
find archive* -type f -print0 |xargs -0 grep -i m720bz *
mount /dev/scd0 /tmp/cdrom/
A prompt for the RSA II or Management Module user name and password should be displayed.
The RSA II or Management Module comes with a default user name of "USERID" and default password of "PASSW0RD" (0 = zero).
lightning -> Kalendermodul
echo "halloe wie gehts 1 2 3 4" | awk '{sub(/$3[ \t]/,""); o=$1; for (i=2;i<NF;i++)o=sprintf("%s:%s",o,$i); printf("%s\n",o)}'
halloe:wie:gehts:1:2:3

echo "halloe wie gehts 1 2 3 4" | awk '{sub($3"[ \t]",""); gsub(FS,":"); print}'
halloe:wie:1:2:3:4
http://www.imagemagick.org/Usage/thumbnails/#shadow

find . |grep -i jpg | awk '{system("identify -ping \"" $0 "\"" )}' |more


convert DSC05005.JPG -resize 1024x1024 DSC05005.JPG

#resize all pictures
find . |grep -i jpg | awk '{system("convert \"" $0 "\" -resize 1000x1000 \""$0"\"")}'

tif -> jpg
find . |grep -i tif$ | awk {'print "convert \""$0"\" \""$0".jpg\""'}
bmp -> jpg
find . |grep -i bmp$ | awk {'print "convert \""$0"\" \""$0".jpg\""'}
search in google
perl site:experts-exchange.com

perl exeption hanlding: t
Trap exceptions using eval{ ... }; if($@) { ... }

perl hacks:

print out module version:
perl -MLWP -le'print $LWP::VERSION'

find out which modules are missing:
perl -MLWP::Protocol::https -le'print
> LWP::Protocol::https::Socket->can("new")'
"%ProgramFiles%\Outlook Express\msimn.exe"
start->run->conf
kickstarter - extension kickstarter
automaketemplate
quixplorer - dateibrowser
spamshield -> spam protector stable extension
wt_spamshield standard mailform protection: http://typo3.org/documentation/document-library/extension-manuals/wt_spamshield/0.6.1/view/1/5/#id2343767
cc_random_image - zufallsbilder (rsr)
rgmediaimages ---> videos einbauen
sh_coinslider - jquery slider: http://typo3.org/extension-manuals/sh_coinslider/1.0.1/view/1/1/
t3s-headerslider: http://www.t3solution.de/ext/t3s-headerslider.html
perfectlightbox
miflowplayer -> extension to play video's mp4 etc.
-> but with /url
miflowplayer/models/class.tx_miflowplayer_model_config.php zeile 51:
von: $config['video']['url'] = $this->url."uploads/".$this->extKeyPrefix."/".$config['video']['url'];
zu: $config['video']['url'] ="/uploads/".$this->extKeyPrefix."/".$config['video']['url'];
debugging:
//debugging
$TYPO3_CONF_VARS['FE']['debug'] = '1';
$TYPO3_CONF_VARS['SYS']['sqlDebug'] = '1';
$TYPO3_CONF_VARS['SYS']['Debug'] = '1';
$TYPO3_CONF_VARS['SYS']['displayErrors'] = '1'
.align-left { text-align: left }
.align-right { text-align: right }
.align-center { text-align: center }
.align-justify { text-align: justify }
http://www.typo3.net/backendkonfiguration/frontend_konfiguration/#pageNotFound_handling
localconf.php
$TYPO3_CONF_VARS['FE']['pageNotFound_handling'] = '1';
$TYPO3_CONF_VARS['FE']['pageNotFound_handling_statheader'] = 'Status: 404 Not Found';
- problem formatierung wird nciht durchgereicht:
--> bei singel element typoscript anweisung rein:
plugin.tt_news.displaySingle.content_stdWrap.parseFunc < lib.parseFunc_RTE
--> dieses statement ins sub-template der entsprechnden single seite, hat geholfen

plugin.tt_news {
# RTE-Formatierungen in FE-Ausgabe übernehmen
general_stdWrap.parseFunc < lib.parseFunc_RTE
}
metatags
page.meta{
keywords.field = keywords
keywords.ifEmpty (
typo3, backend
)
description.field = description
description.ifEmpty (
Eine Einführung in das TYPO3 Backend und Tutorials zum CMS TYPO3
)
robots = INDEX,FOLLOW
}


Netview:

To subscribe, e-mail: nv-l-subscribe@lists.tivoli.com
To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
For additional commands, e-mail: nv-l-help@lists.tivoli.com

*NOTE*
This is not an Offical Tivoli Support forum. If you need immediate
assistance from Tivoli please call the IBM Tivoli Software Group
help line at 1-800-TIVOLI8(848-6548)
---------------------------------------------------------------------


Ein inoffizielles Netview List Archiv ist auch http://www.vk.net/lists
topas
increase filesystem: chfs -a size=+128M /install -> but check first if there are free PP .. using command: lsvg datavg
lscfg -vp|grep -p Cabi
- init process -> executes rc.boot
- rc.boot 1 //param 1: configure base devices
- rc.boot 2 //param 2: activate rootvg
-> init from boot logical volume is replaced with init from rootvg
-> new init processes the /etc/inittab file
-> rc.boot 3 is running again
/etc/inittab
#example entry
netview:23:wait:/etc/netnmrc #Start netview
#modifiy start map ...
/usr/OV/app-defaults/OVw #startinit
/usr/OV/conf/ovsuf #daemons started by netview

AIX,Apache
/etc/apache/httpd.conf //Einstellungen
/usr/local/bin/apachectl //starten/stoppen
/usr/local/share/apache/htdocs //Document Root Directory
/var/apache/log/error_log //standard log file

add Alias Directory
in file /etc/apache/httpd.conf
Alias /Nways "/usr/tmp/"
<Directory "/usr/tmp">
Options Indexes MultiViews //you may see directory structure then
Order allow,deny
Allow from all
</Directory>

-> Test this in Browser: 127.0.0.1/Nways should work after restarting httpd

#disable apache
comment out: Listen *.:80 & Port 80

#enable ssl
rpm -i mod_ssl-2.8.4-9.s390.rpm

#mod_proxy
#apache module -> forward https-requests to other http ports ...

<ifModule mod_proxy.c>
ProxyRequest On
ProxyPass /vdradmin http://192.168.0.x:8012/
</ifModule>


#ssl redirect
#added by mwendig, 03.12.2004
#redirect to ssl
RewriteEngine On

RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/cgi-bin/(.*)$ https://10.0.0.1/cgi-bin/$1 [L,R]

#apache suse
SuSEconfig --module apache
tcpdump -n not port 22
tcpdump -nn -n not port 22 and not port 3389
tcpdump -nn -n not port 22 and src host 10.0.0.1

mailverkehr sniffen: -> wichtig ist option s0 damit paket nicht abgeschnitten werden
tcpdump -l -i eth0 -n not port 22 -s0 -w sniff4.txt

call with: tcpdump -e -n -q -r filename //reading from file
tcpdump -w filename //write to file
tcpdump -I //no buffering
IBM 8239
useful Commands:
display tr_surrogate ...
display rmon log_data All //out errors ...
display stack //model, version
display network_map all_stations //welche MAC gibts?
display port all
display management_interface all //eigene MAC adresse ...
display trap_log
unwrap data_io //DI oder RO Verbindung ins Netz einfügen
display wrap_points //Status der Datenschnittstelle
save //save configuration

<strg>+<r> repeat last command
<strg>+<f> go forward in command protocol
<strg>+<b> go backward in command protocol
Beacon-Betrieb wird typischerweise aufgrund einer fehlerhaften DAtenstations-NIC oder eines
fehlerhaften Anschlusskables verursacht. Hilfe bringt Befehl DISPLAY PORT.

RI/RO Status: wenn LED nicht an -> etwas falsch mit ferner Einheit!
pop 109/tcp # postoffice
pop3 110/tcp # postoffice
pop stream tcp nowait root /usr/local/lib/popper popper -s
pop3 stream tcp nowait root /usr/local/lib/popper popper -s
popper was downloaded from www.bull.de for aix
-> find popper under: /usr/local/bin/popper.aix
you find documentation under /usr/local/lib/qpopper-2.2/...
restart inetd with kill -HUP <inetdpid>
under aix: refresh -s inetd
debugging: telnet to popper port -> startup banner -> user <name> .. pass <passwd>
export LD_PRELOAD=/usr/lib/libtsocks.so
=>package tsocks
=>http://tsocks.sourceforge.net/
compile result:
- libtsocks.so - the libtsocks library
- validateconf - a utility to verify the tsocks configuration file
- inspectsocks - a utility to determine the version of a socks server
- saveme - a statically linked utility to remove /etc/ld.so.preload
if it becomes corrupt
Configuration file: '/etc/tsocks.conf'

unset LD_PRELOAD


/usr/src/packages/RPMS/s390/tsocks-1.8-1.s390.rpm
local = 192.168.2.0/255.255.255.0

path {
server = 192.168.2.99
reaches = 12.13.14.0/255.255.255.0
}
ifconfig eth0 mtu 1450 #change mtu size on linux
netstat:
netstat --tcp -lp #To see what applications are listening on what ports, type command
netstat -a #show both listening and non-listening sockes;
netstat -p #show the PID to which each socket belongs;
netstat -s #display summary statistics for reach protocol;

netstat -p -l #show active internet sockets and there pids

netstat -i #show mtu size
#mtu permanent verdrehen:
/etc/sysctl.conf
man sysctl
compy.ww.tu-berlin.de/Howto-DE/
fetchmail -u username <name>
- password can be stored in .fetchmailrc under root home
- password can be stored in .netrc in the user directory
-> see in "man ftp" for .netrc
-> syntax in .netrc: machine <name> login <userid> password <password>

/usr/bin/vmstat 2 2 |tail -n 1 |awk '{print $4; print 100-$16}'
dstat -d -r --top-io-adv --top-bio-adv
echo bla |mailx -s <subject> <user>
uuencode mylogfile1.log mylogfile2.log |mailx -s logfiles xxx@zzzz.de
www.socks.nec.com/s5examples.html
smitty chlicense //increase number of user for login
snmptrap testnode 0 agentnode 6 1 0 system.sysDescr.0 octetstring bla bla
http://kbase.redhat.com/faq/FAQ_79_2561.shtm

Resolution:The new way to add static routes on Red Hat Enterprise Linux systems is to create a file
/etc/sysconfig/network-scripts/route-ethX where X corresponds to the network interface you wish to use
the alternate route(s). This file deals with three fields: GATEWAY, NETMASK, and ADDRESS. Each field
should have a number appended to it indicating what route it relates to. The example below shows two
static routes configured for the eth0 network interface.

/etc/sysconfig/network-scripts/route-eth0
GATEWAY0=10.10.0.1
NETMASK0=255.0.0.0
ADDRESS0=10.0.0.0

GATEWAY1=10.2.0.1
NETMASK1=255.255.0.0
ADDRESS1=192.168.0.0
default route: route add 0.0.0.0 10.10.10.99 0.0.0.0
bootinfo -P 0 -s hdisk2 #physical partition size of hdisk2
bootinfo -r #amount of real memory
bootinfo -m #machine model code
free -o
ps -eo pid,ppid,rss,vsize,pcpu,pmem,cmd -ww --sort=pmem

The top 10 monopolizing process would be better if sorted as a numberic key :
ps -eo pcpu,pid,user,args | sort -k 1 -r -n | head -1
-pwdadm
-chpass #freeware passworttool
/etc/rc.d/boot.local

vi g/x/s//y/g
->s/192.168.1.30/192.168.1.20/g #in one line
->%s/192.168.1.30/192.168.1.20/g #in whole file
:260,284s/10.0.6.162/newhostname/g #line 260-284
want to replace a string with another string in several text files. I tried the following command which I read from a Linux book, but it doesn't work. Can anyone give me some help?
perl -pi -e "s/search/replace/g;" *.txt
perl -pi -e "s/\/usr\/local\/mrtg\/web\//\/usr\/local\/mrtg\/web\/10.0.6.162\//g;" *.cfg
perl -pi -e "s/\/usr\/local\/mrtg\/web\//\/usr\/local\/mrtg\/web\/10.149.158.52\//g;" *.cfg
example: lslpp -f X11.Dt.lib
smitty->AIX System Backup&Recovery
/var/ifor/i4blt -ls //list license manager
/var/ifor/i4blt -ll //list installed licenses
/var/ifor/i4blt -d -v "'IBM Corporation'" -p "'Nways Mgr AIX SUite' 2.0.T" -t 1231233123 //delete license for proct ...
du -s dir

ls -l |awk '{print $9}' | xargs du -s #for each directory
/etc/hosts and the hosts=local,bind in the /etc/netsvc.conf
find . |xargs -n 1 chmod 644 #chmod for many files
find . -mtime +15 |xargs rm #delete file that is older than 15 days old
/usr/bin/find /home/backup/ -mtime +30 -type f -exec /bin/rm {} ;
nice #prozesse erhöhen
backup #archiv erstellen
restore #vom archiv lesen
format /dev/rfd0.18 #disk formatieren
dtterm -C #title console
errclear 0 #clear errorlog
errpt #print error log
startsrc -s inetd -a "-d" #debug info for syslog
nc XYZ | gzip -dc | dd of=/dev/hda bs=64k
dd if=/dev/hda of=/dev/hdX bs=256k
cp -aX / /mnt/
remount: mount -n -o remount,rw /
reiserfsck /dev/hdXY --check
reiserfsck /dev/hdXY --rebuild-tree
reiserfsck /dev/hdXY --rebuild-sb

>> if you have to repair something you have to use command "--rebuild-tree", and you should check with "--check"
adding user xyz to group trusted:

gpasswd -a xyz trusted
#######################
#using netcat
#######################
#see open ports on target ..
echo QUIT | nc -v -w 5 target 20-250 500-600 5990-7000

Netcat can be used as a simple data transfer agent, and it doesn't really
matter which end is the listener and which end is the client -- input at one
side arrives at the other side as output. It is helpful to start the listener
at the receiving side with no timeout specified, and then give the sending side
a small timeout. That way the listener stays listening until you contact it,
and after data stops flowing the client will time out, shut down, and take the
listener with it. Unless the intervening network is fraught with problems,
this should be completely reliable, and you can always increase the timeout. A
typical example of something "rsh" is often used for: on one side,

nc -l -p 1234 | uncompress -c | tar xvfp -

and then on the other side

tar cfp - /some/dir | compress -c | nc -w 3 othermachine 1234

will transfer the contents of a directory from one machine to another, without
having to worry about .rhosts files, user accounts, or inetd configurations
at either end.
sample entry in /etc/inetd.conf:
pop3 stream tcp nowait root /usr/sbin/pop3d pop3d
Den TK Perl Debugger findet man bei: http://world.std.com/~aep/ptkdb/ .
Für diesen ist jedoch noch das Perl-TK Modul notwendig (http://www.cpan.org oder http://www.rpmfind.net).
Aufrufen tut man den Debugger so: perl -d:ptkdb rrd_test.pl.
fdisk /dev/hdd
talk 5 / network 0 / LE-services
MIB-OID: .1.3.6.1.2.1.17.2.3 #dot1dStpTimeSinceTopologyChange
http://dotnot.org/blog/archives/2005/09/09/quick-nfs-howto-for-centos/

NFS under linux:
#export verzeichnis /home/nfsshare
/home/nfsshare 10.0.0.1(rw,no_root_squash,insecure) 10.0.0.2(rw,no_root_squash)
-> import under AIX using smitty nfs

check.
rpcinfo -p
=> 100003 2 udp 2049 nfs

on client:
/etc/fstab
lnxsni01:/usr/local/uar /mnt/share nfs rsize=8192,wsize=8192,timeo=14,intr,soft,tcp 0 0
lnxsni01:/usr/local/uar /mnt/share nfs rsize=8192,wsize=8192,timeo=14,intr,soft
include vfat partition
mount /dev/hda7 /mnt/hda7 -o id=your-login,gid=users

or have something like this for it in /etc/fstab

/dev/hda7 /mnt/hda7 vfat user,uid=your-login,gid=users 1 0

/dev/hda7 /mnt/hda7 vfat defaults,umask=000 1 0

/dev/hdb /cdrom iso9660 ro,noauto,user,block=2048 0 0
sysrestore -Nn -f /dev/rmt1 -t Directory -vx '/usr/OV'
-> command: "wpostemsg -r CRITICAL probe"test of tec functionality" smc_action XYZ
-> on Tivoli TEC Console the event should appear - if not there is a problem.
- CISCO: http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_4_1/mib/mover.htm
- CISCO: http://www.cisco.com/univercd/cc/td/doc/product/fhubs/fh400/index.htm
- CISCO: using ftp-server:
ftp.cisco.com
cd /pub/mibs
get README #all available files
echo 1 >/proc/sys/net/ipv4
Action IOS SET
passwords enable password level 1 <pwd> set password <cr>
enable password level 15 <pwd> set enablepass <cr>
hostname hostname <name> set prompt <name>
IP address (config)# ip address <ip> <mask> (ena) set interf so= <ip><mask>
set interf so0 <vlan>
port description (config-if)#description <string> set port name x/x <string>
speed n/a set port speed x/x {10/100/auto}
duplex mode (config-if)#duplex {auto|full| set port duplex x/x {full/half}
full-flow-control|half}
conf. VLANS n/a set vlan <vlan#> x/x
conf. trunk (config-if)#trunk on set trunk x/x [on|off|desirable|auto|nonegotiate]
<vlan-range> [isl|dot1q|dot10|lane|negotiate]

clear VLANS from trunk n/a clear trunk x/x <vlan-range>
choose vtp version n/a set vtp v2 enable
vtp doamin + mode n/a set vtp domain <str> password <str>
set vtp domain <str> mode [clslt]
show vtp show vtp statistics
show vtp domain
vtp pruning set vtp pruneeligible <vlan_range>
clear vtp pruneeligible <vlan_range>
show trunk
enable STP (config)#spantree <vlan_list> set spantree enable x/x
set spantree disable x/x
set spantree enable all
show spantree <vlan>
STP Root Bridge set spantree root <vlans> ..
STP Port Cost (config-if)#spantree cost <xx> set spantree portcost 2/1 <xx>
STP Priority (config-if)#spantree priority <xxx> set spantree portpri x/x <xx>
Multicast (config)#ip multicast-routing
(config-if)#ip pim {dense-mode|
sparse-mode|sparse-dens-mode}
show ip pim interface [<if>][count]
show ip pim neighbour [<if>]
(config)#ip pim rp-address <ip#>
[group-access-list-number]
[override]
(config)#ip pim send rp announce x/x
scope <#> group-list <ad#>
(config)#ip pim send-rp-discovery scope
(config)#ip multicast <xx> threshold <xx>
show ip mroute
debug ip mpacket [detail][add][group]
(config)#ip igmp join-group <gr#>
(config)#ip igmp version {2|1}
show ip igmp interface
(config)#ip cgmp set cgmp enable
set cgmp leave
show cgmp statistics [<vlan>]
show multicast group cgmp [<vlan>]
Channel (config#)port-channel mode [on|off show port capabilities x/x
|des] set port channel x/x {on|off|auto|desirable}
portfast (config#)spantree start-forwarding set spantree portfast x/x enable
uplinkfast (config#)uplink-fast set spantree uplinkfast enable
show uplink-fast show spantree uplink fast
show uplinkfast statistics
backbonefast set spantree backbonefast
ip rout. on route proc. (config)#ip routing router <protocol> n/a
(config-router)#network <#>
VLAN if on external RP Router(config)#int eth 2/1.1 n/a
(config)# encapsulation isl <vlan#>
default gw ip default-gateway <ip addr> set ip route default <ip addr>
MSL (config)#mls rp ip set mls flow [destination|destination-source..
(config-if)#msl rp vlan-id <#> set mls enable
" " mls rp vtp-domain <str> set mls agingtime (#)
" " mls rp ip
show mls rp
show mls rp vtp-domain show mls
(config-if)#mls rp management-intf
show mls rp inteface
(config-if)# mlsrp ip input-ad show mls entry
show mls entry ..
HSRP (config-if)#standby <gr#> ip <ip#>
" " priority <pr#>
" " preempt
" " timers <hello> <hold>
" " track <if> <prio>
debug standby
show standby [<if>|<gr#>|brief]
- Ethernetcard: http://www2.neweb.ne.jp/wd/fbm/3c556/
use 3c59x module
- modem
Lucent softmodem
http://lisas.de/~david/t21/download/ltmodem-5.78e-1.src.rpm
http://lisas.de/~david/t21/download/ltmodem-2.4.3-5.78e-1.i386.rpm
- sound
Sound worked right out of the box. But when I tried playing DVD, the sound was really choppy, lagging a lot ... pretty badly screwed up! (I used omi_gtk dvd player from
the Livid project).
So I decided to use ALSA drivers as reccomended by quite a few people. I downloaded ALSA 0.5.8, untar it, and switched to the directory. Run these commands :
- ./configure --with-cards=cs461x
- make
- make install
After this, you can find the modules on /lib/modules/(kernel version)/misc directory.
Then, add these lines to /etc/modules.conf file :
alias char-major-116 snd
alias char-major-14 soundcore
alias snd-card-0 snd-card-cs461x
alias sound-slot-0 snd-card-0
alias sound-service-0-0 snd-mixer-oss
alias sound-service-0-1 snd-seq-oss
alias sound-service-0-3 snd-pcm-oss
alias sound-service-0-12 snd-pcm-oss
- TokenRing: try ibmtr_cs.o
http://www.linuxtr.net/newhowto/Token-Ring.html
I have a Token Ring Auto 4/16 Credit Card Adaptor that works good with my SuSE setup. One major key to getting it to work was
having at least the 3.x.x series of PCMCIA card services loaded onto your machine. Additionally in your conf.modules file you'll need the
following verbage:
alias tr0 ibmtr_cs mmiobase=0xd6000 srambase=0xd8000 ringspeed=[16]|[4] sramsize=16 irq_list=9

/etc/pcmcia
-> config.opts
# Options for IBM Token Ring adapters
module "ibmtr_cs" opts "mmiobase=0xd000 ..." <- auskommentieren

- PCI Devices
lspci -v
lspci -vv
- reboot notfall
linux init 1
- DHCP
dhclient
- ICA Client
/opt/Citrix/ICAClient

- Token Ring Card
To get the IBM Turbo tokenring 4/16 to work on a Thinkpad 770(9548) I did
the following.
Kernel 2.2.10
pcmcia-cs-3.0.13 And edit '/etc/pcmcia/config.opts' like this
#
# Local PCMCIA Configuration File
#
include port 0x100-0x4ff, port 0x1000-0x17ff
include memory 0xc0000-0xfffff
#
# Extra port range for IBM Token Ring
#
include port 0xa00-0xaff
#
# Resources we should not use, even if they appear to be available
#
# First built-in serial port
exclude irq 4
# Second built-in serial port
#exclude irq 3
# First built-in parallel port
exclude irq 7
module "ibmtr_cs" opts "m
use pump from redhat, should be working if installed ...
- Firewall logs
on management server:
- fw logswitch name
- del $FWDIR\log\name.log
- del $FWDIR\log\name.alog
- script for log files
@ECHO OFF
REM Edit below to modify fw directory
set FWDIR=C:\WINNT\FW

for /F "tokens=1-4 delims=/ " %%i in ('date /t') do (
set DayOfWeek=%%i
set Month=%%j
set Day=%%k
set Year=%%l
set Date=%%i %%j/%%k/%%l
)

cd \
cd %FWDIR%\log

ren fwd.log fwd.%Year%%Month%%Day%.log
ren fwui.log fwui.%Year%%Month%%Day%.log
ren mdq.log mdq.%Year%%Month%%Day%.log
ren sam.log sam.%Year%%Month%%Day%.log
ren aclientd.log aclientd.%Year%%Month%%Day%.log
ren aftpd.log aftpd.%Year%%Month%%Day%.log
ren ahttpd.log ahttpd.%Year%%Month%%Day%.log
ren arlogind.log arlogind.%Year%%Month%%Day%.log
ren asmtpd.log asmtpd.%Year%%Month%%Day%.log
rem atelnetd.log atelnetd.%Year%%Month%%Day%.log

..\bin\fw kill fwd
..\bin\fw d

-----
rc= &docommand("$FWEXE logexport -i $todaylog -o $MYLOG -n");
date | awk '{print $6"_"$3"_"$2"_fw.tar"}'
w//-> get filename like: 2001_8_May_fw.tar

set date:
date -s "11/20/2003 12:48:00"
date -s "12:48"
date -s "11/20/2003"

Then if you want to set the hardware(BIOS) clock so the system will keep the time when it reboots type:
clock -w
or
setclock
shell script:
#!/usr/bin/sh
filename = `date | awk '{print $6"_"$3"_"$2"_fw.tar"}'`
tar -cvf /home/backup/$filename /tmp/*.*

#put STDOUT together
( echo "please check the directory $CHECKDIR\n"; ls -l $CHECKDIR; )

cat austria.usernams |awk '{print tolower($1)}'


IDLEPOS=`eval /usr/bin/vmstat 1 1 | /usr/bin/awk '/ sy /{i=1; while (i<NF) {if ($i~/sy/) print i; i+=1}}'`
vmstat 1 5 | awk 'BEGIN{ID=0}; / id /{i=1; while (i<NF) {if (tolower($i)~/id/) {ID=i; printf("ID in Spalte %s\n", ID)} ; i+=1}} ; /^ [0-9]+/{print $ID}'
at 10:00 /every:Mo,Di,Mi,Do,Fr "e:\test.cmd"
ps -ef |grep xclock |awk '{print $2}' |xargs kill
mypids=`ps uxw | grep ssh-agent | grep -v grep | awk '{print $2}'`
mypids=`ps $psopts 2>/dev/null | grep "[s]sh-agent" | awk '{print $2}'` > /dev/null 2>&1
cat hostlist |awk '{print $1 " 1"}' |xargs ping
#!/usr/bin/ksh -fx
rftpp 10.10.10.10 <<xxx 2>&1 | tee -a $0.log
prompt
verbose
mget *AVAIL*
by
xxx


#for automatic authenticaion create a file ".netrc"
#start script one hour later, if failure

if [ $? -ne 0 ] ; then
at now next hour <<yyy
$0
yyy
fi
Perl

If you are behind a firewall, you may need to set the following
environment variables so that PPM will operate properly:

set HTTP_proxy=address:port [e.g. 192.0.0.1:8080]
set HTTP_proxy_user=username
set HTTP_proxy_pass=password
set HTTP_proxy_agent=agent [e.g. "Mozilla/5.0"]


Installing Modules:

set HTTP_proxy=http://proxy:80/ #windows
export http_proxy=http://proxy:80/ #unix

-> search tk
-> install "module name"

-> perl -MCPAN -eshell

LINUX
runsocks MCPAN -eshell
-> o conf // see config
-> o conf ftpproxy proxy // modify ftp proxy
-> o conf commit // save config
-> o conf urllist push http://cpan.noris.de/
- man perldebug
- perl -d -e 42

commands in debug mode:
h #help
b [line] [condition] #set breakpoint
b [subname] [condition] #breakpoint to sub name
L #List breakpoints and actions
Perl timestamp
open(INFILE,$filename);
($dev,$ino,$mode,undef,undef,undef,undef,undef,
$atime,$mtime,$ctime )= stat INFILE ;

$mdate = &ctime($mtime);
$adate = &ctime($atime);
$cdate = &ctime($ctime);

print "${filename}:mtime:$mtime:$mdate";
print "${filename}:atime:$atime:$adate";
print "${filename}:ctime:$ctime:$cdate";
BASH

Prompt


[tux] $ export PS1="Hallo \u, bin in \w \$" #Prompt ändern
Hallo tux, bin in ~ $

Und schon ist der Prompt persönlicher.
Wie du sicher siehst, hat alles hinter einen "\" ein besondere Bedeutung, hier mal ein kleiner Auszug der Möglichkeiten:

\$
Promptzeichen: $ für normale Benutzer und # für root
\!
Kommando-Nummer, denk an history
\#
Kommando-Nummer, der aktuellen Shell-Sitzung
\d
Datum
\h
Hostname (Rechnername)
\t
Aktuelle Zeit im 24 Format
\u
Username (Benutzer)
\w
Aktuelles Verzeichnis
\W
letzter Teil vom aktuellen Verzeichnis

-> ~/.bashrc
export PS1="...."

---> export PS1="[\u@host04 \w]# "
place where ssh-keys are stored:
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY

winscp:
place where ssh-keys are stored:
HKEY_CURRENT_USER\Software\Martin Prikryl
Lösung: im vi "set paste" setzen .. bzw. das in der /etc/vim/vimrc auf default ...

ssh -R 6010:localhost:6000 remotehost
-> export DISPLAY=localhost:10
remotehost:> ssh +x netview system

in .profile
DISPLAY=`who -mT |sed 's/ */ /g' |cut -d' ' -f7 | sed 's/(//'g | sed 's/)//'g`":0"
export DISPLAY
tty -s && ifconfig -a|awk '/^(en|eth|hsi)[0-9]+/{getline;"uname -n"|getline L; printf("\033]2;%s -- %s \007\n", $2,L);exit}'

tty -s && {
cat /etc/SuSE-release
# update putty terminal window header
HOST=$(ifconfig -a |awk -v U=$USER -v H=`uname -n` '/^(en|eth|hsi)[0-9]+/{getline;if ($2~/addr/){$2=substr($2,6)};printf("\033]2;%s@%s -- %s \007\n", U,$2,H) | "/bin/cat 1>&2";print $2; exit}')
export HOST
PS1='$USER@${HOST}:${PWD#$HOME/}$ '
}
vi
The standard full-screen editor available under Unix.

Using Command mode
ZZ - save file and exit
:q! - exit without save
:w - write buffer to disk
h (left) j (down) k (up) l (right)
ndw - delete n words (default for n = 1)
nx - delete n characters (default for n = 1)
ndd - delete n lines (default for n = 1)
- - go to start of previous line
^ - go to first non-blank character of current line
O - go to first column of current line
$ - go to end of current line
nG - go to nth line of file (default for n = 1)
nyy - yank and save n lines
p - put down lines saved

Using INSERT MODE
<esc> - exit INSERT mode
i - enter INSERT mode ; insert to left of cursor
a - enter INSERT mode ; insert to right of cursor
A - enter INSERT mode ; add at end of current line
o - enter INSERT mode ; add a new line after current line
O - enter INSERT mode ; add a new line before current line
/<pat> - search from cursor down for pattern <pat>
?<pat> - search from cursor up for pattern <pat>
n - go to next occurrence of last pattern indicated
N - go to previous occurrence of last pattern indicated
date
displays the current date and time. (OPTIONAL)

Syntax:


date
date +<format>
<format> may contain the following
a abbreviated day (Sun to Sat)
d day of the month
D date in month/day/year format
h abbreviated month (Jan to Dec)
H hour (00 to 23)
j day of the year (001 to 366)
m month of the year (01 to 12)
M minutes (00-59)
r time in A.M./P.M. notation
y last two digits of year (00 to 99)
S seconds (00 to 59)
T time in hours:minutes:seconds format
w day of the week (0 to 7, Sun=0)
n newline
t tab


Example:

$ date
Wed Aug 7 10:44:34 MST 1991

$ date '+%a %t %h %t %y'
Tue Dec 93

$ date '+%d%t%D%t%H'
07 12/07/93 09

$ date '+%r%n%T'
09:35:16 AM
09:35:16

Serial Cable 2 Linux

-> /etc/inittab
-> S0:123:respawn:/sbin/agetty -L 9600 ttyS0
-> reboot
-> connect serial nullmodem cable to serial port
-> use HyperTerminal / Tera Term ....
-> login, enjoy hacking over serial ;-)
Network Time protocol: NTP

linux: ntpdate IP-Adress
linux packet: ntp-4.0.99k-15

#ntp time synchronization
30 1 * * * /usr/sbin/ntpdate ntp1.ptb.de

-----------------------------------------------

information from colleage F:
ntp installieren und diese 4 zeilen in /etc/ntp.conf
server xyz
multicastclient
driftfile /var/lib/ntp/drift/ntp.drift # path for drift file
logfile /var/log/ntp # alternate log file


-----------------------------------------------

#check difference
/usr/sbin/ntpq -c peers
ntp1.ptb.de
DE ptbtime1.ptb.de
DE ptbtime2.ptb.de
DE ntp0.fau.de
DE ntp1.fau.de
DE ntp2.fau.de
DE ntp3.fau.de
DE ntps1-0.cs.tu-berlin.de
DE ntps1-1.cs.tu-berlin.de
DE rustime01.rus.uni-stuttgart.de
net time /setsntp:"192.168.0.1"
net time /querysntp

Registry: see HKEY_LOCAL_MACHINE\SYSTEM\CurrentContorlSet\Services\W32Time\Parameters

automatisch zeit aktuellisieren:
net time \\w2ktsv /set /yes


programm für windows:
http://home.att.net/~Tom.Horsley/ntptime.html#Download%20NTPTime

LINUX:
hwclock --systohc #set the system time from the hardware clock

AIX user settings
-> .profile ins Home
-> /etc/.kshrc

.kshrc
set -o emacs
if [ "${TERM:=vt100}" = "ibm3151" ]; then
alias _A=^P
alias _B=^N
alias _C=^F
alias _D=^B
alias _H=^A
alias _P=^D
alias _q=^E
else
alias __A=^P
alias __B=^N
alias __C=^F
alias __D=^B
alias __H=^A
alias __P=^D
alias __q=^E
fi

set -o vi
ESC - #befehl zurück
ESC + #befehl vor
ESC / #suchen

access control:
Um bei Apache ein Verzeichnis mit User und Passwort zu schützen müssen in diesem
Verzeichnis 2 Dateien vorhanden sein: ("/home/httpd/htdocs/")
.htaccess
.htpasswd

um zu testen ob .htaccess geht:
#Rewrite Test
ErrorDocument 404 http://www.google.de
-> danach eine ungültige Seite aufrufen .. die es nicht gibt
-> solution:
echo HOST.DOMAIN.com > /etc/hostname
/bin/hostname -F /etc/hostname

Inhalt der .htaccess:

AuthUserFile /home/httpd/htdocs/.htpasswd
AuthGroupFile /dev/null
AuthName TMT
AuthType Basic
<Limit GET>
require valid-user
</Limit>

Nachdem Sie diese Datei erstellt haben, gehen Sie z.B. auf:
"http://www.inch.com/commercial/web/server/apache/htpasswd.html";
Das daraus resultierende Ergebnis sieht dann z.B so aus: TMTuser:rcyjBGYsfasdf0FOfs
Diesen Eintrag fügen Sie nun in die .htpasswd ein und speichern diese ab.
Das Verzeichnis ist nun geschützt!

-> Problem htaccess geht immer noch nicht!
-> /etc/http/conf/httpd.conf
-> im Abschnitt:
# Each directory to to which Apache has access, can be configured with respect
# to which services and features are allowed and / or diasabled in that
# directory (and its subdirectories).

<Directory />
AuthAuthoritative Off
AuthName "TMT User"
AuthType Basic
AuthUserFile /home/httpd/htdocs/.htpasswd
Options FollowSymLinks
require valid-user
</Directory>
Load php module:

httpd.conf
LoadModule php4_module libexec/libphp4.so
AddModule mod_php4.c
AddType application/x-httpd-php .php
ssl mod_ssl


from http://www.apache-ssl.org/#FAQ

removing passphrase:
openssl rsa -in server.key -out server.pem

Now I've got my server installed, how do I create a test certificate?

Step one - create the key and request:


openssl req -new > new.cert.csr

Step two - remove the passphrase from the key (optional):

openssl rsa -in privkey.pem -out new.cert.key

Step three - convert request into signed cert:

openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365

The Apache-SSL directives that you need to use the resulting cert are:

SSLCertificateFile /path/to/certs/new.cert.cert
SSLCertificateKeyFile /path/to/certs/new.cert.key

SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

add user to gruop apache ..

chgrp apache apachectl
% chmod 4510 apachectl
% chmod 4510 httpd

The execution order is important. If you swap the command execution order you will lose the setuid bit.

Now if we look at the file we see:

% ls -l apachectl
-r-s--x--- 1 root apache 32 May 13 21:52 apachectl
MRTG under AIX

dowloaded gcc from www.bull.de
-> install following AIX packets from AIX CDs
- bos.adt.base
- bos.adt.include
- bos.adt.debug

-> get mrtg source:
cd /usr/local/src
gunzip -c mrtg-2.9.17.tar.gz | tar xvf -
cd mrtg-2.9.17
./configure --prefix=/usr/local/mrtg-2

grep over several zipped files
unzip

find *.tar.Z | xargs zcat >out.temp

ls *.tar.Z |xargs zcat >out.temp
LINUX & NOTES

The most frequent question I get about Notes and Linux: If you are using
Windows NT, do not let WINE use your Windows NT directory as it's "Windows"
directory (specified in wine.conf or wine.ini). Instead, point WINE at a Win95/98
directory or create a fake "Windows" directory and use that. If Lotus Notes complains
about missing DLLs, you can find the missing DLLs in the Lotus Notes installer
directories and put them in the Windows directory.

Howto (for systems that can dual-boot Linux and Win95/98/NT)

1.Boot into Win98/95/NT and install a copy of Lotus Notes client for Win32 on a
FAT or FAT32 drive partition.
2.If your notes.ini file is in your Windows directory, move it to your Notes executable
directory.
3.Boot into Linux and mount your FAT / FAT32 drive partitions. You may need to set
up entries in /etc/fstab for Linux to recognize and mount these partitions.
4.Verify that you have set up the X Window system and your window manager of
choice.
5.Download a copy of WINE (open-source Windows on UNIX) from
http://www.winehq.com/ WINE is evolving rapidly, each week brings new changes
and greater functionality, so it pays to stay current. WINE releases are named by
release date; releases before 981108 do not run Lotus Notes very well. You can
download binaries in .RPM format or download the source code and build it
yourself.
6.Create or edit the wine.ini file in your home directory. Make sure it includes
mappings for your Windows drives and that your Notes executable directory is on
the path. I run WINE as root (recommended!) so the file should be placed in
/root/wine.ini.
7.If you are using Windows NT, do not set your Windows NT system directory as the
Windows directory under WINE. WINE does not work well with the Windows NT
versions of system DLLs. Better to use an empty "Windows" directory instead.
8.Start the X Window system and your window manager
9.Start Lotus Notes using WINE. You can start 'notes.exe'. My DOS D: drive
partition is visible to linux as /mnt/windows, so: ./wine
/mnt/windows/Lotus/Notes/notes.exe
Second Address Book
Posted by js ha on 10.May.02 at 04:32 AM using a Web browser
Category: Domino Administrator -- General UseRelease: 5.0.4Platform: Windows NT
you may use 2 apporaches.

1) Using Master Address Book ; See the Admin Help database!

2) - classic/simple concept - you should add parameter 'names=names,newly_created_addr_name' in server's notes.ini.


abgelaufener User ...> mit admin tool neu zertifizieren,
danach ganz wichtig, den adminp new starten (in der console):
tell adminp process all new
AIX - vmstat
-> install:
- It's in the perfagent.tools fileset on your AIX distribution.
- Look for bos.acct on the second installation disk.
-> #vmstat 2 20
> kthr memory page faults cpu
> ----- ----------- ------------------------ ------------ -----------
> r b avm fre re pi po fr sr cy in sy cs us sy id wa
> 0 2 81249 807 0 0 0 0 0 0 431 997 69 0 1 91 8
> 0 2 81249 800 0 1 0 0 0 0 482 2300 148 1 2 41 56
> 0 3 81249 783 0 0 0 0 0 0 507 727 203 0 3 6 91
> 0 2 81249 685 0 0 0 0 0 0 508 2588 102 1 2 68 29
> 0 2 81250 678 0 0 0 0 0 0 447 2393 138 1 1 86 11
> 0 2 81250 677 0 0 0 0 0 0 438 1594 89 0 1 94 4
> 0 2 81299 611 0 0 0 0 0 0 450 2658 129 1 2 88 9
> 0 2 81419 460 0 0 0 0 0 0 467 3099 162 2 3 79 16
>

Hi,
first look response, ( it's a long time I took AIX Perf & Tuning :-)

r = 0 : no jobs running, not so good
b = 2 : 2 jobs waiting I/O, not so good too
avm = 80K : 320 Mb of active Ram for jobs
fre = 800 : free slots ... not many
middle colums = 0 : no paging activity : good: no Ram shortage, no Disk I/O
in,sy,cs : device interrupts, system time, context switch, average load
us = 1 : doing nothing for you
sy = 2 : doing nothing for itself
idle = 90 : wasting CPU cycles
wa = 5-90 : waiting fow slow devices to answer, should be network, since not
paging
-AIX: Installation
Base Install /w Trusted Computing Base
Add following:
*bos.acct 4.3.3.0 {needed for vmstat, iostat, etc.}
*bos.dosutil 4.3.3.0 {needed for dosread/doswrite of floppy disks}
*bos.net.tcp.server 4.3.3.0 {needed for tcpdump and iptrace}
*bos.sysmgmt.trace 4.3.3.0 {needed for trace command}
*bos.adt.syscalls 4.3.3.0 {needed for CP VPN-1/FW-1}

--<man pages: install if really necessary, not recommended>---
*bos.data 4.3.3.0 {needed for man pages}
*bos.txt.tfs 4.3.3.0 {txt formatting, needed for man pages}
System-mrtg:

Workdir: /some/path
Target[home.cpu]: `/usr/bin/awk '/cpu /{print $2+$3; print $2+$3+$4; print "quite some time"; print "home"}'</proc/stat`
Title[home.cpu]: Processor stats at home
PageTop[home.cpu]: <H1>Processor stats</H1>
MaxBytes[home.cpu]: 100
Unscaled[home.cpu]: ymwd
Options[home.cpu]: growright,nopercent
LegendI[home.cpu]: &nbsp;user:
LegendO[home.cpu]: &nbsp;total:
Ylegend[home.cpu]: %
ShortLegend[home.cpu]: %
Legend1[home.cpu]: Time spent in user mode
Legend2[home.cpu]: Time spent in user mode + time spent in system mode
Legend3[home.cpu]: Maximum occurance of time spent in user mode
Legend4[home.cpu]: Maximum occurance of (time spent in user mode + time spent in system mode)

under AIX:
->> vmstat under aix:
Target[home.cpu]: `/usr/bin/vmstat |tail -n 1 |awk '{print 100-$16; print $14}'`

comp.dcom.net-analysis
comp.dcom.net-management
comp.dcom.lans.ethernet
comp.dcom.fax
comp.dcom.servers
comp.dcom.sys.cisco
comp.dcom.vpn
comp.doc.management
comp.groupware.lotus-notes.programmer
comp.groupware.lotus-notes.admin
comp.groupware.lotus-notes.misc
comp.groupware.lotus-notes.apps
comp.os.linux.networking
comp.protocols.snmp
comp.unix.aix
comp.unix.shell
comp.lang.perl.tk
Netview:

der Befehl "ovtopofix -U" bewirkt wunder, bzw. bewirkt dass Netview
alles Symbole neu updated, d.h. => Änderung des Symbols wie in der
Datei /usr/OV/conf/C/oid_to_sym beschrieben ;-))))

sehen, wann symbol changed: ovtopodump -l 4xxxx00011
8260: redbook gg244370
s.47 Superuser Reset
8260 Multiprotocol Intelligent Switching Hub
MRTG - DISKSPACE script

#!/bin/sh
# Get diskspace and inode consumption for MRTG.
# by Jeff Liebermann 04/15/98
#
# usage: script_name Filesystem
# i.e. script_name /dev/root
#
# The format belched by df -v -i
# Mount Dir Filesystem blocks used free %used iused ifree %iused
# / /dev/root 1050000 972132 77868 93% 59872 71384 46%
# /stand /dev/boot 30000 16414 13586 55% 14 3746 1%
# /u /dev/u 600000 252560 347440 43% 4259 70741 6%
# /usr/spool /dev/news 184492 5830 178662 4% 8 23056 1%
#
# Grab last line of df -v -i and remove percent signs
drivel=`df -v -i $1 | tail -1 | tr -d %` # just one Filesystem
# Break apart into fields using IFS seperators
set $drivel
# Print % diskspace used, percent % used, filler, filler.
# The $6 and $9 are the 6th and 9th fields of the df output.
echo "$6\n$9\n0\n0"

-----

# Part of mrtg.cfg
Target[rdf.1]: `dff.sh /dev/root`
Title[rdf.1]: Comix Disk Useage /dev/root
PageTop[rdf.1]: <H1>Comix Disk Useage /dev/root</H1>
Options[rdf.1]: growright, gauge, nopercent
MaxBytes[rdf.1]:100
Unscaled[rdf.1]: dwmy
YLegend[rdf.1]: % Used
ShortLegend[rdf.1]: %
Legend1[rdf.1]: Avg Percent Diskspace Used
Legend2[rdf.1]: Avg Percent Inodes Used
LegendI[rdf.1]: Diskspace
LegendO[rdf.1]: Inodes
MRTG Latency script

> I'm looking for scripts to measure latency in my IP network. Can someone
> help ?

Well, since you didn't specify an operating system, I'll assume
that you're following in my footsteps and doing battle with NT4
as a server. Note that the following requires that you use the
ping.exe supplied with Windoze 95/98 instead of the useless ping
supplies with NT4. See the MRTG stuff somewhere on:
http://www.lns.com
which is from where I stole the script. I also have a somewhat
different version for Linux (RH 7.1) but which I can't get to
as I managed to break SSH and can't grab it.

------------
# MRTGPING.PL
# Plagerized by Jeff Liebermann from original by Tim Pozar.
# 09/14/00 First hack for NT4.

$ipaddr = "NULL";
$ipaddr = $ARGV[0];
$numpings = 3;

if ($ipaddr eq "NULL"){
print "Usage mrtgping.pl [ipaddress]\n";
exit;
}

# Note that "ping95.exe" is the Windoze 95/98 version
# and not the useless ping supplied with NT4.
#
# Windoze ping will return...
# Minimum = 494ms, Maximum = 574ms, Average = 520ms
$result = `ping95 -n $numpings $ipaddr | find /i "average" `;

# Break result apart at the commas.
chop($result);
($Mins,$Maxs,$Avgs) = split(/,/,$result);

# Break each value apart at the = sign.
($Mint,$min) = split(/=/,$Mins);
($Maxt,$max) = split(/=/,$Maxs);
($Avgt,$avg) = split(/=/,$Avgs);

# Remove the "ms" at the end.
$min1 = substr($min,0,-2);
$max1 = substr($max,0,-2);
$avg1 = substr($avg,0,-2);
$min1 =~ s/ //g;
$max1 =~ s/ //g;
$avg1 =~ s/ //g;

# Belch results in 4 lines.
print "$avg1\n";
print "$max1\n";
print "0\n";
print "$ipaddr\n";
------------



If Perl is a bit of a heavy hammer, the following is what
I use on my SCO Unix OSR5 3.2v5.0.5 machines. The use of
the first ping return is intentional as I'm trying to plot
the latency of the Starband satellite flying cache, which
caches everything exept the first packet.

#!/bin/sh
# by Jeff Liebermann 04/15/98
#
# Record ping times.
#
# Results of:
# ping -c 1 -s 1024 bloat
#
# PING bloat (192.168.111.30): 1024 data bytes
# 1032 bytes from bloat (192.168.111.30): icmp_seq=0 ttl=128 time=10 ms
#
# --- bloat ping statistics ---
# 1 packets transmitted, 1 packets received, 0% packet loss
# round-trip min/avg/max = 10/10/10 ms

# Really disgusting way to get rid of extra leading spaces
# by feeding it to a shell variable. Ugly at best.
#
# usage: whatever machine_name_or_ip
# i.e. whatever bloat.comix.santa-cruz.ca.us
#
retch=`ping -c 1 -s 1025 $1 | grep "time"` # extract line with ping time.
set $retch # break apart into fields using IFS seperators
ping=`echo $8 | cut -c 6-` # extract ping time.
echo $ping # ping time=xxx
echo $ping # ping time=xxx
echo "0" # Filler
echo "0" # Filler
#
CPAN & AIX



enter CPAN shell: perl -MCPAN -eshell

use -> wget to grep data

grep ftp data, from website:
wget -r ftp://user:password@hostname


o conf init #-> regenerate CPAN init
http_proxy=http://proxy:80
-> urlist:
http://cpan.noris.de
http://perl.org
reload index #reload index if url has changed ...


cpan> i /TK/ #searches after TK
install modulename


install module in spezial directory:
perl Makefile.PL PREFIX=/home/user/test/lib_v5.8 (lib_v5.8 is directory name - specifiy full directory name)
make
make install

cat /etc/issue
Perl - Activestate

ppm #CPAN pakete installieren
search mail
install Mail-Sender
crontab:
cygrunsrv -I cron -p /usr/sbin/cron -a -D

Cygwin - XServer for Windows ..
http://sources.redhat.com/cygwin/xfree/
-> cygwin installieren -> console starten, install script aus xserver sources starten ...
-> danach: /usr/X11R6/bin in /etc/profile
-> startx
-> Xwindows greppen: XWin -screen 0 800x600 -query 192.168.1.50 -from 192.168.1.10

german keyboard:
-> create .xinitrc: cp /etc/X11/xinit/xinitrc ./.xinitrc
-> setxkbmap de

#background color:
file .xinitrc
xsetroot -solid blue


# start some nice programs
setxkbmap de
twm &
xclock -geometry 50x50-1+1 &
xterm -geometry 80x50+494+51 &
xterm -geometry 80x20+494-0 &
xsetroot -solid blue
exec xterm -geometry 80x66+0+0 -name login

XWin.exe -screen 0 800 600 -fullscreen -depth 32 -refresh 85 -emulate3buttons 100 -nowinkill -unixkill
X-forwarding
SSH-> AIX: /usr/local/etc/sshd_config
-> X11Forwarding yes

start after reboot: -> /etc/rc.tcpip
-> /usr/local/sbin/sshd
FILE SYSTEM AIX

1.) create Logical Volume
smitty->System Storage Management->LVM->Logical Volumes->Add
->choose rootvg->enter name & Number of Logical Partitions (size)
(PP size: use command lsvg rootvg

2.) create Filesystem on Logical Volume
smitty->System Storage Management->File Systems ->Add
-> Journaled File System -> "Add on a Previously Defined Logical Volume!!!"
->choose Logical Volume name defined before
->enter mount point of file system
->mount automatically -> <YES>
go

3.) mount defined filesystem!!
evolution
CISCO

-> see debugging from vty's: terminal monitor

netflow: (http://net.doit.wisc.edu/~plonka/FlowScan/INSTALL.html)
->
First and foremost, to get useful flow information from your Cisco, you'll need to enable flow-switching on the appropriate ingress interfaces using this interface-level configuration statement:

ip route-cache flow

Also, I suggest that you export from your Cisco like this:


ip flow-export version 5 peer-as
ip flow-export destination 10.0.0.1 2055

Of course the IP address and port are determined by your cflowd.conf. To help ensure that flows are exported in a timely fashion, I suggest you also do this if your IOS version supports it:


ip flow-cache timeout active 1

Some IOS versions, e.g. 12.0(9), use this syntax instead:


ip flow-cache active-timeout 1

unless you've specified something such as downward-compatible-config 11.2.

Lastly, in complicated environments, choosing which particular interfaces should have ip route-cache flow enabled is somewhat difficult. For FlowScan, one usually wants it enabled for any interface that is an ingress point for traffic that is from inside to outside or vice-versa. You probably don't want flow-switching enabled for interfaces that carry policy-routed traffic, such as that being redirected transparently to a web cache. Otherwise, FlowScan could count the same traffic twice because of multiple flows being reported for what was essentially the same traffic making multiple passes through a border router. E.g. user-to-webcache, webcache-to-outside world (on behalf of that user).
$i =~ s/^\s+//; #remove leading whitespaces
$i =~ s/\s+$//; #remove ending whitespaces
use Storable qw(store retrieve );
print "write data to disk:";
store(\%typeHash, $file)or die "can't store hash\n";

print "\n\n open datastructure";
$href = retrieve($file);
CISCO

- see Accesslist: show ip interface
- cancel ping: <strg> + <shift> + <6> + <x>
- RMA - return damaged machines
- BUG Toolkit -> see homepage
- proxy arp -> adapter in workstation gets information about new default-gateway
-> you should use HSRP instead!!
- see debug info on vty: terminal monitor
TOP N Port: CAT OS
- show top background
- show top report
- clear top #
-> get with mib: 1.3.6.1.4.1.9.5.1.20.2.1.4
rpm directory: /usr/src/packages/RPMS/s390/freeradius-1.0.0-1.s390.rpm

rpm -hiv --force --nodpes file.rpm #force it ;-)
rpm -q -a #list all install packages ..

rpm -qa -last |Orders the package listing by install time such that the latest
packages are at the top.


rpm -q -p file.rpm #checks given rpm-files, see version number
rpm -q -p -i file.rpm #see information about given rpm-files
rpm -q -p -l file.rpm #listing of all files belonging to this paket
rpm -q -l file.rpm #see files of installed .rpm file
rpm -q --requires file.rpm #->show's packets/libs that are needed
rpm -q --provides file.rpm #->show's packets/libs that will be installed by this paket
rpm -Va #see missing files #verify ..
rpm -qf /usr/bin/smbmount #find out which package owns it
rpm -Fvh openssh*.rpm #Then, install the package using the following command to apply the update:
rpm -ba foobar-1.0.spec #building a rpm file
rpm -bb foobar-1.0.spec #building only binary rpm
- copy files specified in spec file to /usr/src/packages/BUILD
s390: stored under /usr/src/packages/RPMS/s390/
Use the command 'rpm/rpmbuild -ta dante-<version>.tar.gz' to build all rpm files.

rpm --rebuild src.rpm #make binaray rpm => /usr/src/redhat

#force install of package from other architecture
rpm -iv --force --nodeps --ignorearch freeradius-IBM-bluegroup-1-14.s390.rpm

-> build "noarch" rpm
rpm -bb --target=noarch specfile
apt-get -sy upgrade

apt-get clean #Ungenutzte Pakete entfernen
apt-get autoclean #Ungenutzte Pakete entfernen

#problem with apt-get update under ubuntu
-> resolution:
The fix is just to back up sources.list, delete everything in it and run "apt-get update".
After the update replace sources.list with the backup and run "apt-get update" again. You should not get the error then.

-> another resolution:
sudo apt-get update -o Acquire::http::No-Cache=True
or
sudo apt-get update -o Acquire::BrokenProxy=true

RPM update von libraries:
To add the new library to the shared library cache you have to run
ldconfig(8) as root. Additionally every program that is linked with
libmcrypt needs to be restarted. ldd(1) can be used to find out which
libraries are used by a program.

Another way to determine which process uses a shared library that
had been deleted is:
lsof -n 2>/dev/null | grep RPMDELETE | cut -d " " -f 1 | sort | uniq


lsof - list open files
AIX

lslpp -L |fgrep bos.compat #see software listings

Aventail: change conneciton order
-> c:\Program Files\Aventail\Connect
-> SPMOD->Layered Service Providers: Aventail to top!
Crossover cable:

1 <-> 3 short version: TX+ (1) <-> (3) RX+
2 <-> 6 TX- (2) <-> (6) RX-
3 <-> 1 RX+ (3) <-> (1) TX+
4 <-> 4 RX- (6) <-> (2) TX-
5 <-> 5
6 <-> 2
7 <-> 7
8 <-> 8

Regular end:
|1|2|3|4|5|6|7|8|
^ ^ ^ ^

And at the crossover end:
|3|6|1|4|5|2|7|8|
^ ^ ^ ^

Health Check Anleitung Cisco 6509 MSFC Router (IOS based)

1) Password Syntax - den Regeln entsprechend - Password auf line con0 und line vty ...
2) Timeout auf telnet und Console Session (empfohlen - 15 min) - Standard Setting ist 30 min (kein "exec-timeout 0 0")
3) SNMP Community - mindestens 14 Zeichen - den Regeln entsprechend - command "snmp-server community ..."
4) Business Use Notice - banner motd - muß konfiguriert sein - der Company Text muss hier rein
5) syslog muß weggeschrieben werden auf einen Server ("logging <ip_des_servers>"), default logging Level "informational" erklären wir
als ausreichend
6) IP Source Routing disabled - Stmt "no ip source-route" muß in Config sein
7) Access List für Router prüfen - Router soll per telnet nur Management Netzwerk erreichbar sein
a) access-list 1 permit 10.10.10.0 x.x.x.x
b) line vty 0 4
access-class 1 in

Health Check Anleitung Cisco 6509 Switche (CatOS based)
1) Password Syntax - den Regeln entsprechend - ohne TACACS nicht erzwingbar - Password setzen via set password / set enablepass
2) Timeout auf telnet und Console Session - bei CatOS vermutlich nicht konfigurierbar (kein Command in CmdRef gefunden)
3) SNMP Community - mindestens 14 Zeichen - den Regeln entsprechend - read-write-all muß wie read-write gesetzt sein
4) Business Use Notice - set banner motd - muß konfiguriert sein - der company Text sollte hier drin sein
5) syslog muß weggeschrieben werden auf einen Server ("set logging server <ip_des_servers>", "set logging server enable"),
default logging Level "informational" sollte genug sein
IOS:
ntp peer x.x.x.x prefer
ntp peer x.x.x.x


CAT OS:
set ntp timezone cet1
set ntp summertime eet
set ntp summertime enable
set ntp client enable
set ntp server x.x.x.x

export TERM=xterm-color
#vmstat
/usr/bin/vmstat 2 2 |tail -n 1 |awk '{print $3; print 100-$16}'
LDAP

#--> list of actual running requests - very useful!!
ldapsearch -s base -b cn=workers,cn=monitor -D cn=root -w pass objectclass=*

ldap samples:

get account status:
ldapsearch -h 10.10.10.10 -b dc=org,dc=com -D ... -s one -a never 'uid=mysuser' gecos pwdChangedTime pwdAccountLockedTime pwdExpirationWarned

Schema:
read out the schema:
ldapsearch -x -b cn=schema -s base objectclass=*


#synchronize directories
ldapdiff -b dc=org,dc=com -sh localhost -sp 389 -sD cn=root -sw xyz -ch ldap2 -cp 389 -cD cn=root -cw ? -v -a -F
mount -t smbfs -o username=xxxx,password=xxxx //test12/mnt /windows/test12

//servername/team /mnt/team smbfs credentials=/root/.smbpasswd,uid=ldapsupp,gid=ldapsupp,fmask=660,dmask=775,rw 0 0

kernel >2.6

mount -t cifs -o <username>,<password> //<servername>/<sharename> /mnt/point/

mount -t cifs -o credentials=/root/.smbpasswd //10.10.0.13/webbackup /opt/backup_server/
smbclient -U Administrator -L w2ktsv

man -k #man pages keyword
lslpp -w /usr/local/bin/ssh
lslpp -f filesetname
xsetroot -solid blue
kornshell
set -o emacs
<CTRL> + <R> last command
<CTRL> + <R> one more back

or
<r> "last command" #repeat last command
Cisco Tacacs Settings ...

aaa new-model
aaa authentication login default group tacacs+ local
enable password 7 10481C1751161ABC

tacacs-server host 192.168.1.107 key testnetz
netstat -lnp
Linux disk performance

hdparm -v /dev/hdx #check settings
hdparm -t /dev/hdx #find out actual read speed
hdparm -d1 #set DMA mode
hdparm -c1 #set 32BIT Access

#festplatten standby zeit:
hdparm -Sx /dev/hda

beispiel:
hdparm -S60 /dev/sdc

/dev/sdc:
setting standby to 60 (5 minutes)

HKeyLocal Machine\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters.
For Servers edit AutoShareServer with a REG_DWORD Value of 0. For Workstations,
the edit AutoShareWks.
und natürlich mußt du dich shares deaktivieren. ohne den schlüssel in der registry
sind die shares beim nächstenmal wieder aktiv
I just want masquerading! Help!

This is what most people want. If you have a dynamically allocated IP PPP dialup (if
you don't know, you do have one), you simply want to tell your box that all packets
coming from your internal network should be made to look like they are coming from the
PPP dialup box.

# Load the NAT module (this pulls in all the others).
modprobe iptable_nat

# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets going out ppp0 (-o ppp0) which says to
# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

Note that you are not doing any packet filtering here: for that, see the Packet
Filtering HOWTO: `Mixing NAT and Packet Filtering'.


#transparent proxy with squid
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

#anschauen mit: iptables -L -t nat
AIX

-> detect new Hardware on AIX: cfgmgr
-> install latest software from cd-rom: cfgmgr -i /dev/cd0
-> firmware AIX:
lscfg -vp | grep alterable
#This command will produce a system configuration report similar to the following.
-> ROM Level.(non-alterable)...px010921 <== SvP FW level
-> ROM Level.(alterable).......SPX01264 <== System FW level

mysql : GRANT ALL PRIVILEGES ON *.* to user12@192.168.1.99 IDENTIFIED BY 'password'
mysql : GRANT ALL PRIVILEGES ON *.* to syslog@localhost IDENTIFIED BY 'syslog';
GRANT FILE ON *.* TO repl@"%" IDENTIFIED BY 'passwort';


-- creates a user named joey without any privileges --
CREATE USER 'joey'@'%' IDENTIFIED BY 'joey123';

-- gives all privileges to user 'joey' only on the database named 'joeys_db'
GRANT ALL ON joeys_db.* to joey;

-- gives the FILE privilege to joey (must use the global parameter --> *.*)
GRANT FILE ON *.* to joey;

-- show privileges granted to user 'joey'
SHOW GRANTS FOR joey;

-- drop/delete user 'joey'
DROP USER joey;

-- displays all users in the system
USE mysql;
SELECT * FROM USER

mysql dump:
mysqldum p -u web1 --password=xxx usr_web1_1 >MYSQLFILENAME

mysqlrestore
mysql --user=web5 --password=xxx usr_web5_1 <MYSQLFILENAME


mysqlimport -d -u root -p xyz--local actual.csv --fields-terminated-by=';' --lines-terminated-by='\n' --ignore-lines=1
#montly birthdays
select * from actual where substring_index(substring_index(geburtsdatum,'-',2),'-',-1)=11 order by substring_index(geburtsdatum,'-',-1),substring_index(geburtsdatum,'-',1)

#young people
select * from actual where substring_index(geburtsdatum,'-',1)>1989 and substring_index(geburtsdatum,'-',1)<1994 and aktiv = 'TRUE' order by substring_index(geburtsdatum,'-',1), name
sonderzeichen problem, kein ä,ö
iconv -f encoding -t encoding inputfile
iconv -f latin1 -t ISO-8859-1 _actual_updates_date_changed.csv |grep Fr
Auerswald

Für die serielle Schnittstelle müssen folgende Einstellungen in der Systemsteuerung Ihres Windows-Betriebssystems vorgenommen werden:

b) Bits pro Sekunde 9600 Datenbits 8 Parität keine Stopbits 1 Protokoll Xon / Xoff

c) Wenn Sie einen seriellen Drucker direkt an der Anlage verwenden, darf der Rechner nicht parallel zum Drucker angeschlossen sein.

d) Für die Bediensoftware der einzelnen Systeme benötigen Sie unterschiedliche PC-Voraussetzungen. Die entsprechenden Hinweise finden Sie auf der jeweiligen Diskette in der Datei "liesmich.txt".

e) Auf die serielle Schnittstelle darf kein weiterer Gerätetreiber zugreifen. Überprüfen Sie die Einstellungen vorhandener Treiber, z. B. die eines angeschlossenen Modems. Die Maus darf nicht an der seriellen Schnittstelle betrieben werden, an der die Anlage angeschlossen ist.

f) Bei einigen Systemen besteht die Möglichkeit, die Bediensoftware für DOS und Windows zu installieren. Überprüfen Sie den Verbindungsaufbau in diesem Fall mit beiden Betriebssystemen.

g) Unter Windows kann es zu Fehlermeldungen kommen, z. B. "allg. Schutzverletzung". Beheben Sie dieses, indem Sie die auf der CD vorhandene Treiberdatei "ctl3dv2.dll" in Ihr Systemverzeichnis unter Windows kopieren. Sichern Sie in diesem Fall Ihre Originaldatei unter einem anderen Namen.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs

-> start (4) ??
- einloggen als <admin> <lanplex>
- danach innerhalb von 60s power aus und wieder an


oder
login: 3comcso
password: RIP000
cat /etc/hosts | sort -t'.' -n -k1,1 -k2,2 -k3,3 -k4,4
checkpoint FW1

If you tried to install the policy from the management console and failed, log onto the console of 'gateway' and do a:
fw fetch control
If that fails, try the following:
Logon to the console of "gateway"

IMPORTANT: You are about to uninstall the security policy. This will probably stop existing connections through the firewall (depending on whether or not you allow FireWall-1 to control IP Forwarding) and will also expose your firewall to potential attack.

Unload the existing security policy:



fw unload localhost


From "control", load a new security policy:



fw load policy.pf gateway


############################################################

Hochverfügbarkeit VPN 4.1 SP2
-----------------------------

FW1 MM2 Master für Sleepy & Sneezy
MM1 offline
FWSTOP !(beide MM!)

MM2 + Remote Module 204.32.38.1 (Check Point Configurtaion!)

Security Policy

Netzwerkobject VRRP_Multicast
IP 224.0.0.18/32

Service Object VRRP_Protocol
match: ip_p = 112

Gruppe HA_Firewall enthält
sleepy + sneezy

-> in Policy Sneezy ersetzen durch Gruppe HA_Firewall

Rules einfügen:
- HA_Firewall VRRP_Multicast VRRP_Protocol accept
- NTP service erlauben (net_local auf HA_Firewall)
- MASQ / NAT Hide ausschalten


FW1 Voyager / interface
FWM
sleepy: eth-s4p1 10.10.10.1/24
sleepy-sync (hostname eintragen)

sneezy: eth-s4p1 10.10.10.2/24
sneezy-sync (hostname eintragen)

Voyager / NTP

sneezy: NTP on
Local Clock as Master
Peer Sleepy
(-> NTP Server)

sleepy: NTP on
server sneezy

Voyager / Checkpoint Configuration
-> ! IFWD deaktivieren !

-> save


FW1 FWSTOP (beide FWM)

FWM echo "204.32.38.121" >$FWDIR/conf/masters

sneezy
echo "10.10.10.1" >$FWDIR/conf/sync.conf
FW PUTKEY -p abc123 10.10.10.1

sleepy
echo "10.10.10.2" >$FWDIR/conf/sync.conf
FW PUTKEY -p abc123 10.10.10.2

1. sneezy FWSTART

2. sleepy FWSTART



netstat
-> 2 connections established beetween "sneezy-sync" ..

tcpdump -i eth-s4p1
-> see data transfers of synchronisation

$FWDIR/log/fwd.elg #logging messages for syncronisation



Setting up "Monitored Circuit" using voyager
----------------------------------------
Voyager->Router Services->VRRP

Interface eth-s3p1c0:
- Monitored Circuit on
- Create Virtual Router: 204 (must be the same on the two fw!)
- Priority:
- sleepy: 95
- sneezy: 100
- Priority Delta:
- sleepy: 10
- sneezy: 10
- Monitored Interface:
- eth-s5p1c0
- Backup Address:
- sneezy: 204.32.38.254
- authentication: simple -> pw abc123


Interface eth-s5p1c0:
- Monitored Circuit on
- Create Virtual Router: 192 (must be the same on the two fw!)
- Priority:
- sleepy: 95
- sneezy: 100
- Priority Delta:
- sleepy: 10
- sneezy: 10
- Monitored Interface:
- eth-s3p1c0
- Backup Address:
- sneezy: 192.168.10.254
- authentication: simple -> pw abc123

-> master saves first!!

-> default routes on workstations to 204.32.38.254
in der ldap.conf den eintrag DEREF FINDING od. SEARCHING haben

syslog.conf: *.debug /dev/console
smitty alog: Change / Show Characteristics -> Alog TYPE: <console> -> size + filename ...
-> alog -o -f /var/adm/ras/conslog
Eine andere Möglichkeit ist, fetchmail so zu konfigurieren, dass die Mails z.B. direkt an procmail übergeben werden:
poll mail.provider.de protocol POP3 user asterix password adam mda111 "/usr/bin/procmail -d eva"

mail forwarding:
So, if Bob wanted to forward his mail to Mary and Joe, but also keep a copy of it, he could have a .forward that looks like this:
\bob,
mary@socrates.berkeley.edu,
joe@socrates.berkeley.edu

The backslash (" \ ") before Bob's address leaves a copy of the message in Bob's
account as well as forwards a copy of the message to Mary and Joe.

awk

#show systems in upload dir: alpabetically, unique
ls |awk -F '-' '{printf $NF "\n" }' | sort -d -u
WINE-Settings:
- Basic
- Window Mode: Integration of Wine with X: Unmanaged!!
- Advanced
- Lock & Feel: Specialized Wine options: turn on:
- Use X shared memory
- Double-bufferd desktop

copy file MFC42.DLL to $HOME/.wine/fake_windows/windows/system32
VMWARE

IO-Tuning - http://vmfaq.com/entry/25/
/etc/vmware/config
MemTrimRate=0
sched.mem.pshare.enable = "FALSE"
mainMem.useNamedFile = "FALSE"
prefvmx.minVmMemPct = "100"
---------

server 2.0 command-line:
vmrun -T server -h https://192.168.0.5:8333/sdk -u root -p xxx suspend "[standard] /opt/vmware/server.vmx"
vmrun -T server -h https://localhost:8333/sdk -u root -p xyz start "[standard] iga_navigator/Red Hat Enterprise Linux 4.vmx"

#machine hinzufüggen
vmrun -T server -h https://localhost:8333/sdk -u root -p xyz register "[standard] ipcop_mwendig/Other_Linux_2.6.x_kernel.vmx"

https redirect abschalten:
/etc/vmware/hostd/proxy.xml
1. change "httpsWithRedirect" to "httpAndHttps"
2. restart
file-transfer to windows xp:
mount -t smbfs -o username=user,password=xyz //192.168.110.1/temp /tmp/wxp
08/2005:
vmware 4.5.2 suse 9.3 links!!
mit dem vmware patch ging das compilieren plötzlich ;-))

http://www.vmware.com/community/thread.jspa?threadID=13817&;filterOrder=DESC&tstart=0

http://www.linux-club.de/viewtopic.php?t=30855

-------------------------------------------------------
vmware - hangs problem

in vmx:
http://communities.vmware.com/thread/106917
#mwendig, added 20Feb2009, solv hanging problem
mainMem.useNamedFile = "FALSE"
sched.mem.pshare.enable = "FALSE"
MemTrimRate = "0"


Installing VMware Tools from the Command Line with the RPM Installer
http://www.vmware.com/support/ws5/doc/ws_newguest_tools_linux.html

he first steps are performed on the host, within Workstation menus:

1. Power on the virtual machine.

2. After the guest operating system has started, prepare your virtual machine to install VMware Tools.

Choose VM > Install VMware Tools.

The remaining steps take place inside the virtual machine.

3. As root (su -), mount the VMware Tools virtual CD-ROM image, change to a working directory (for example, /tmp), uncompress the installer, then unmount the CD-ROM image.

Note: Some Linux distributions automatically mount CD-ROMs. If your distribution uses automounting, do not use the mount and umount commands below. You still must untar the VMware Tools installer to /tmp.

Some Linux distributions use different device names or organize the /dev directory differently. If your CD-ROM drive is not /dev/cdrom or if the mount point for a CD-ROM is not /mnt/cdrom, you must modify the following commands to reflect the conventions used by your distribution.

mount /dev/cdrom /mnt/cdrom

cd /tmp

Note: If you have a previous installation, delete the previous vmware-distrib directory before installing. The default location of this directory is
/tmp/vmware-tools-distrib.

4. At the command prompt, enter:

rpm -Uhv /mnt/cdrom/VMwareTools-5.0.0-<xxxx>.i386.rpm

umount /dev/cdrom

Where <xxxx> is the build/revision number of the VMware Workstation release.

Note: If you attempt to install an rpm installation over a tar installation or the reverse the installer detects the previous installation and must convert the installer database format before continuing.

5. Configure VMware Tools:

vmware-config-tools.pl

Respond to the questions the installer displays on the screen
change user settings, for a directory:

ls -l |awk '{print "chown -R " $9 " " $9}' >test.sh
cardmgr ident -> see cards detected ..
/etc/pcmcia/config #have to match cardmgr ident ..

so funktionierts auf 770X
=> /etc/sysconfig/pcmcia => PCMCIA_SYSTEM="kernel" auf "external"

IP Routing,

Enabling IP Routing

By default, IP routing is disabled. To enable IP routing, you must allow the computer to
forward IP packets it receives. This requires a change to the Windows 2000 system registry.
When you enable the Routing and Remote Access service for IP routing,
this registry entry is made automatically.

To enable IP routing

1 .From the Start menu, click Run.

2.Type regedt32.exe or regedit.exe, and then click OK.

3.In a registry editor, navigate to
HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\Tcpip \Parameters

4. Select the "IPEnableRouter" entry.

5. To enable IP routing for all network connections installed and used by this computer, assign a value of 1.
To do this in regedit.exe, right-click the entry, and then click Modify.
In regedt32.exe, click on the wanted entry, click on Edit, and then click on the appropriate menu choice.

6.Close the registry editor.

It is required to reboot Windows 2000 for this change to take effect.

I have used this in a configuration, where the Windows 2000 Professional system works
as a router between an Ethernet network and a USB-network.
3com trouble:

/usr/3Com/install/logs/ directory checken ....
df

3Com admin synnet
3Com read synnet
3Com write synnet
3Com monitor monitor
3Com manager manager
3Com security security
3Com_Office_Connect_5x0_ISDN_Routers n/a PASSWORD
3comCellPlex7000 tech tech
3comCoreBuilder7000/6000/3500/2500 debug synnet
3comCoreBuilder7000/6000/3500/2500 tech tech
3comHiPerARCv4.1.x adm <blank>
3ComLANplex2500 debug synnet
3ComLANplex2500 tech tech
3comLinkSwitch2000/2700 tech tech
3comSuperStackIISwitch 2200 debug
3comSuperStackIISwitch 2700 tech
AIX Maintanence ...

oslevel #actual version
oslevel -l 4.3.3. #older filesets ...
oslevel -g #List filesets at levels later than maintenance level
#specified by the <level> parameter
How to Create a Startup Boot Disk for Windows XP

The day will come when some files required to start you computer will become corrupted and you won't be able to boot into Windows XP. This can be a heart-sinking event or just another day in the life of a computer user. How can you make it the latter and not the former? Create a Windows XP boot disk before disaster strikes! The boot disk will allow you to start the computer and boot into Windows XP and allow you to begin your troubleshooting. Just do the following to put together your boot disk:

Put a floppy disk into the floppy drive. Click Start and then click the Run command. Type cmd in the Open text box and click OK.
At the command prompt, type format a: and press [ENTER]. Follow the on screen instructions to format the disk.
Open Windows Explorer and go to the C:\ drive. Copy the NTLDR and the NTDETECT.C O M files to the floppy disk.
Click Start and click the Run command. In the Open text box, type Notepad and press [ENTER]. In Notepad, enter the following information:
[boot loader]
timeout=30
Default= multi(0)disk(0)rdisk(0)partition(1)\windows

[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\windows="Windows XP"

These entries will work if you have a single disk with a single partition.

In Notepad, click File and then click the Save As command. In the File name text box, type "a:\boot.i n i" (you must include the quotes, but not the spaces). Click Save. Then click Notepad.
Test your boot disk. Restart the computer with the boot disk still in the floppy drive. You should be able to boot into Windows XP with no problems.

/etc/sysconfig/network-scripts
edit ifcfg-eth0 ...
db2top -d username
REDHAT Directory Server 4.1 installation



DB2 Installation:


When the LDAP server starts, the LDAP software connects to a local db2 instance (ldapdb2)
with a password authorization. To ensure this password will never expire and bring down the LDAP
service, some special conditions apply to the "ldapdb2" user:

pwdadm -f NOCHECK ldapdb2
chuser login=false ldapdb2
chuser rlogin=false ldapdb2
echo ldapdb2 >> /etc/ftpusers
echo "export DB2LOGINRESTRICTIONS=NONE" >> ~ldapdb2/.profile #DB2 v.8 >= FP5
echo "db2set DB2LOGINRESTRICTIONS=NONE" >> ~ldapdb2/.profile #DB2 v.8 >= FP5


ERROR:
[root@localhost udb72]# ./db2setup
./db2inst: error while loading shared libraries: libstdc++-libc6.1-1.so.2: cannot open shared object file

SOLUTION:
=> create softlink:
[root@localhost udb72]# ln -s /usr/lib/libstdc++-3-libc6.2-2-2.10.0.so /usr/lib/libstdc++-libc6.1-1.so.2

!!!!!

./db2setup works now!!!!




[root@localhost db2]# rpm -hiv db2engn71-7.1.0-40.i386.rpm
error: failed dependencies:
db2rte71 >= 7.1.0-40 is needed by db2engn71-7.1.0-40

[root@localhost db2]# rpm -hiv db2rte71-7.1.0-40.i386.rpm
error: failed dependencies:
db2cliv71 >= 7.1.0-40 is needed by db2rte71-7.1.0-40
db2cucs71 >= 7.1.0-40 is needed by db2rte71-7.1.0-40

[root@localhost db2]# rpm -hiv db2cliv71-7.1.0-40.i386.rpm [ok]
[root@localhost db2]# rpm -hiv db2cucs71-7.1.0-40.i386.rpm [ok]

[root@localhost db2]# rpm -hiv db2rte71-7.1.0-40.i386.rpm
Preparing... ########################################### [100%]
1:db2rte71 ########################################### [100%] [ok]

[root@localhost db2]# rpm -hiv db2engn71-7.1.0-40.i386.rpm
Preparing... ########################################### [100%]
1:db2engn71 ########################################### [100%] [ok]


#[db2 successfully installed]


[root@localhost ldap41_us]# rpm -hiv ldap-serverd-4.1-1.i386.rpm
Preparing... ########################################### [100%]
1:ldap-serverd ########################################### [100%] [ok]


#ldap successfully installed??
[root@localhost ldap41_us]# rpm -qa |grep ldap
ldap-clientd-4.1-1
ldap-serverd-4.1-1
ldap-dmtjavad-4.1-1
f#[ok]


[GSKIT] installation
fehler#

[root@localhost gskit]# rpm -i gsk5bas-5.0-4.58.i386.rpm
error: failed dependencies:
libstdc++.so.2.9 is needed by gsk5bas-5.0-4.58

softlink auf libstdc++.so.2.9

rpm -i gsk5bas-5.0-4.58.i386.rpm --nodeps


LDAP IBM directory server 4.1 & Redhat EAS3 problem

slapd: relocation error: /usr/ldap/lib/libutlsa.so: symbol errno, version GLIBC_2.0 not defined in file libc.so.6 with link time reference

-> solution: export LD_ASSUME_KERNEL=2.2.5

kill LDAP:
kill -9 $(cat /etc/slapd.pid)

kill all ldap instances:
ps -ef |grep slapd | awk '{ system("kill -9 " $2)}'

#ldap check db2 log:
/home/ldapdb2/sqllib/db2dump/db2diag.log
kurzes Howto um die Replication queue zu leeren:
im Prinzip sind es drei Schritte die es zu wiederholen gilt, bis alle Queues
leer sind:

1.)
auf 5.1 Master:
LDAP log file monitoren
tail -f /var/ldap/ibmslapd.log

Suche nach Einträgen, wie:
07/14/2006 01:52:29 PM Error No such object occurred for replica 'CN=host111,IBM-REPLICASERVERID=53892fc0-b6bd-1028-999a-dd86930a4836,IBM-REPLICAGROUP=DEFAULT,dc=org,DC=COM': modify failed for entry 'UID=user1,DC=org,DC=COM' change ID 111111.

2.)
/root/bin/update2Replica.sh host111 uid=user1
=> Eintrag auf Replica kopieren

3.)
/root/bin/skipReplicaEntry.sh host111 111111
=> Replica problem übergehen .. "change ID löschen" und Replication erneut anstossen
ssh:

$ ssh root@192.168.1.1 -L 3000:10.0.0.1:22
$ ssh -R 3000:localhost:389 root@192.168.1.1
$ ssh -f -N -g #-f: background
#-N: no command to execute ...
#-g: disalbe restriction, permitting any host to connect to localally forwareded ports ..

$ ssh root@localhost -p 3000

login without passwort from <originhost> to <destinationhost>

from <originhost>:
#generate keys
$ ssh-keygen -t dsa -f ~/.ssh/id_dsa -C "comment"
#id_dsa.pub is created ...

#To use the key on other hosts you will be connecting from, copy the ~/.ssh/id_dsa key to the other hosts:
$ scp ~/.ssh/id_dsa you@another-box:.ssh/



$ cat ~/.ssh/id_dsa.pub |ssh root@192.168.1.1 'cat - >> ~/.ssh/authorized_keys2'
or
$ cat ~/.ssh/id_dsa.pub |ssh root@192.168.1.1 'cat - >> ~/.ssh/authorized_keys'
Tracing / debugging

ldtrc on
slapd -h 65535

errors under /tmp/slapd.error ..


db2:

db2 "create db ldapdb2 on /home/ldapdb2 using codeset UTF-8 territory US"



#missing libraries for redhat ...:
compat-libstdc++-6.2-2.9.0.16.i386.rpm
pdksh-5.2.14-13.i386.rpm
ldap-dmtjavad-4.1-1.i386.rpm #for script ldapcfg




environment:

file: ~/.bash_profile# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin
BASH_ENV=$HOME/.bashrc
USERNAME="root"

export USERNAME BASH_ENV PATH

# The following three lines have been added by UDB DB2.
if [ -f /home/ldapdb2/sqllib/db2profile ]; then
. /home/ldapdb2/sqllib/db2profile
fi

db steuerzentrale unter linux:
db2cc


ldapcfg:
ldapcfg -l /home/ldapdb2 -o
ldapcfg -l /home/ldapdb/ -a ldapdb -w passwort -d ldabdb

!!!!
On SuSE 7.0 and Red Hat 7.2 on Linux for S/390 with kernel level 2.4.x, you
must download and install the compat-libstdc++-2.10.0-1.s390.rpm package. This
package contains compatibility Standard C++ libraries that allow older binaries
(created with old versions of compilers) to execute.
Even after this change, the ldapcfg, ldapucfg and ldapxcfg programs fail on
both SuSE 7.0 and Red Hat 7.2 systems. To correct the problem, edit the
/usr/ldap/bin/ldapcfg script to uncomment the following line by removing the
# in the first column of the line:
export LD_PRELOAD=/usr/lib/libstdc++-libc6.2-2.so.3
You must specify the absolute path of the library.

################

db2 setup a database instance manually

important directory for instance commands
/opt/IBM/db2/V8.1/instance

#list instances
./db2ilist

#create an DB2 instance
./db2icrt -a SERVER -p 50000 -s ESE -w 32 -u ldapdb2 ldapdb2

#setup autostart of instances
./db2iauto -on ldapdb2

#startup database
su - ldapdb2
db2start



#db2 registry files .. see instances etc.
/var/db2/global.reg


su - db2inst1 -c db2inst1 //opt/db2inst1/sqllib/adm/db2start


db2 init.d script (für stop / start):

#!/bin/sh
# chkconfig: 35 98 02
# description: Start and Stop IBM's db2 dbms.

# Set the path.
BASE=/opt/ibm/db2
VERSION=V9.1
INSTANCE=/opt/db2inst1
PATH=/sbin:/bin:/usr/bin:/usr/sbin

#Check we have the start and stop programs.
test -x $INSTANCE/sqllib/adm/db2start || exit 0
test -x $INSTANCE/sqllib/adm/db2stop || exit 0
test -x $BASE/$VERSION/bin/db2 || exit 0

case "$1" in
start)
echo -n 'Starting IBMdb2 daemons: '
su - db2inst1 -c $INSTANCE/sqllib/adm/db2start
echo
;;
stop)
# We first try twice to kill all existing applications.
# There really should be none most of the time.
echo 'Stopping IBMdb2 daemons: '
su - db2inst1 -c "$BASE/$VERSION/bin/db2 FORCE APPLICATION ALL"
sleep 2
su - db2inst1 -c "$BASE/$VERSION/bin/db2 FORCE APPLICATION ALL"
sleep 2
su - db2inst1 -c $INSTANCE/sqllib/adm/db2stop
echo
;;
reload|restart)
$0 stop
sleep 3
$0 start
;;
*)
echo "Usage: /etc/rc.d/init.d/IBMdb2 {start|stop|restart|reload}"
exit 1
esac
#-----------------------------------------------------------------------
# Exit successfully.
#-----------------------------------------------------------------------
exit 0


db2 commands:

db2 "connect to report user user1"
db2 select name from sysibm.systables #show systables
db2 select * from COMPINFO



db2 LIST DATABASE DIRECTORY #show tables
db2 list applications for database IBMSECW #show connected processes
db2 force application ( <enter here list of application-ids form previous command separated by commas>)
db2 force application "ALL"

db2 use database name
db2 list tables

db2 get dbm cfg ##get database manager configuration

db2log:
/opt/ldap/db2cli.log

select * from stddat where XEORF = 'X' Fetch First 5 Rows Only
ldapsearch:
ldapsearch -b dc=org,dc=com objectclass=* -h localhost -p 3000
ldapsearch -b dc=org,dc=com objectclass=*
ldapsearch -D cn=root -w ? -b dc=org,dc=com objectclass=*

ldapsearch -x -b dc=org,dc=com -D cn=root -w =? -s one "(uid=*)" "*" pwdlockedtime |more

#check if user is locked
ldapsearch -b dc=org,dc=com -D cn=root -w ? uid=myuser ibm-pwdIndividualPolicyDn pwdFailureTime pwdAccountLockedTime pwdReset pwdChangedTime ibm-pwdGroupPolicyDn

#see pw policy
ldapexop -D cn=root -w ? -op effectpwdpolicy -d uid=myuser,dc=org,dc=com

ldapsearch -D cn=root -w ? -b dc=org,dc=com -h localhost uid=* -s one filter=uid gecos


ldapsearch -D uid=user9,dc=org,dc=com -w test -b dc=org,dc=com uid=*

-D cn=root -w ? -b dc=org,dc=com -h localhost -p 3000 uid=myuser

ldapadd -D cn=root -w ? -h localhost -p 3000 -c -a -f allUsers.ldif
ldapadd -x -D cn=root -w ? -h myhost -p 3000 -c -a -f allUsers.ldif

ldapsearch -x -D cn=root -w ? -b "ou=myorg,dc=org,dc=com" -h localhost -p 3000 uid=myuser


ldapdelete:
cat todelete.dat |awk '{ print "ldapdelete -D cn=root -w ? \"" $2 "\""}' >todelete.sh

add " to line (at begin and end):
cat todelete | sed -e s/^/\"/ | sed -e s/$/\"/

dos2unix
cat file | sed -e 's/$//' > newfile


#Secure Way password attributes ...
ldapsearch -D cn=root -w ? -b dc=org,dc=com "(cn=myuser)" pwdreset pwdchangedtime pwd4out

stunnel -d 127.0.0.1:636 -r ldaphost1:636 -c -C 'DHE-DSS-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-RC4-MD5:EXP-RC4-MD5:EXP-RC4-MD5'

stunnel -D 7 -d localhost:3389 -r ldaphost1:636 -C EXP-RC4-MD5 -c

stunnel ##################################################
To build a new pem, execute the following OpenSSL command:
/usr/bin/openssl req -new -x509 -days 365 -nodes \
-config /usr/share/doc/packages/stunnel/stunnel.cnf \
-out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
#modify
ldapmodify -x -D cn=root -w xxxx
dn: uid=user1,dc=org,dc=com
changetype: modify
replace: objectclass
objectclass: top
objectclass: account
objectclass: eAccount
objectclass: posixAccount
objectclass: shadowAccount
objectclass: ePasswordPolicy


#modify shadow max
ldapsearch -b dc=org,dc=com -s one uid=* shadowmax >shadowmax.ldif

shadowmax.ldif
changetype: modify
replace: shadowmax

uid=user1,dc=org,dc=com
shadowmax=90

uid=user2,dc=org,dc=com
shadowmax=90


ldapmodify -D cn=root -w xyz -f shadowmax.ldif
for i in `ls`; do ls -l $i;done
- serialnumber: summary -> sc
- passwort: security -> pw

Do you ever have the need to exchange .exe or .mdb or other "unsafe" files over email and find that the built-in security within Outlook 2002 (XP) doesn't allow you to open them? You end up getting a warning within the title of your email that says "Outlook blocked access to the following potentially unsafe attachments: test.mdb."

While I don't advocate doing this for the rest of your organization, and I know you won't, being able to take control of your security settings makes it easier for many of us - admins and experienced computer users.

To do this, a tweak to the registry is needed -

Run Regedt32 (or regedit) and go to:

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security

Under that key, add a new value name called Level1Remove with data type REG_SZ. In the string editor, put in the extensions you want NOT to be blocked separated by a semicolon (;). e.g.

mdb;exe;

outlook express: backup

files are in:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{7D93BA21-0B53-4BB1-95CC-5EF3450D47EA}\Microsoft\Outlook Express
ending with .dbx

serial number rs6000 / aix

lscfg -pv sysplanar0
TEC-Events parsen

=> on tec: wtdumprl -o DESC |more
compile c with ldap library:

gcc test.c -lldap !!!!
In use since 1995 and on a variety of accounts.
Out of the box type software and works on discovery of network. Easy to setup and configure.
Platform - NT or Unix (Sun or HP). No AIX.
If the network is large with many elements (ports, switches, routers etc), then best use Unix.
They have used in network of between 5K and 8K elements.
Reports can be setup for SM or technical staff.
Has web i/f.
Can perform network (WAN & LAN), server and application performance management.
Has real-time analysis.
Excellent backup support from reseller.
Have used for SLA reports.
Great success with linking tool to Helpdesk and ease of reporting/tracking/communication problems.
VitalAnalysis - response times.
VitalNet - network components.
VitalEvent - Threshold limits etc.
Many features the same as Concord.
GUI very good and has web i/f. Can be setup with many view for SM, technical, CIO.
Has agents on end stations for end-to-end analysis.
No realtime data - minimum of two hours delay. Lucent don't say it's realtime.
Sample times are minimum of one hour, so it's already averaged - slight disadvantage.
Lucent will send data from end station to server, whereas Concord will poll. Therefore, Concord server has more load.
Support not always quick and responsive.
snmpwalk bintec community interfaces.ifTable.ifEntry.ifAdminStatus.10001.7 i 2

interfaces.ifTable.ifEntry.ifInOctets
interfaces.ifTable.ifEntry.ifLastChange
interfaces.ifTable.ifEntry.ifOperStatus
interfaces.ifTable.ifEntry.ifAdminStatus
interfaces.ifTable.ifEntry.ifInErrors
interfaces.ifTable.ifEntry.ifInUnknownProtos
interfaces.ifTable.ifEntry.ifOutOctets
interfaces.ifTable.ifEntry.ifOutDiscards
interfaces.ifTable.ifEntry.ifOutErrors
#*** CVS Info: *******************************************************\\\
# $Source: $Source$
# $Date: $Date$
# $Revision: $Revision$
# $Name: $Name$
# $State: $State$
# $Log: $Log$
# $Id: $Id$
#********************************************************************/\

###################
#
# CVSINFO
#
# $Revision$
#
# $Id$
#
# $Log$
#
# Version History:
# The version history is controlled by the cvs system. Modifications in this
# file without using the proper cvs procedures will result in a loss of the
# changes !!
##############################################################################


xwd -root |convert - -resize 100x100 test.jpg
-> file is stored under ~/.kde/share/apps/kabc/std.vcf
/etc/sysconfig/displaymanager
- DISPLAYMANAGER="kdm"
- DISPLAYMANAGER_REMOTE_ACCESS="yes"
- DISPLAYMANAGER_STARTS_XSERVER="yes"

/etc/X11/xdm/xdm-config ist "requestPort" auskommentiert!
/etc/X11/xdm/Xaccess #ips erlauben

+ xdm starten!

/etc/opt/kde3/share/config #interesting config files


# XDMCP access control file in the usual XDM-Xaccess format.
# Default is /opt/kde3/share/config/kdm/Xaccess
ping -l 1460 -f ip-address #don't fragment
xcopy /S /E /H g: e:\my_files
t-online:

Der username besteht aus Anschlußkennung+T-Online-Nr.+Mitbenutzernummer
dns: 194.25.2.129

Aufbau des Benutzernamens für dsl: AnschlußkennungTeilnehmernummerMitbenutzerkennung@t-online.de
linux-backup

tar -tvf /dev/st0

tar -cvf /dev/st0 /home/mwendig/

mt -f /dev/st0 erase #delete tape

mt -f /dev/st0 rewind #rewind tape

mt -f /dev/st0 tell #Find out what block you are at with mt command:

mt -f /dev/st0 offline #unload the tape

mt -f /dev/st0 status #Display status information about the tape unit:

auth-file:
edit -> danach postmap <datei> #neue db datei erstellen

Stellen Sie sicher, dass folgende Einträge in /etc/postfix/main.cf existieren, bzw. fügen Sie diese hinzu:
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd


Achten Sie auf die korrekte Schreibweise: 'smtp' ist nicht das Selbe wie 'smtpd'!

Legen Sie nun die Datei /etc/postfix/saslpasswd mit folgendem Inhalt an:
destination.host.de username:password

destination.host.de wird in der Regel der Relayhost sein, den Sie verwenden. Sie weisen Postfix hiermit an alle Mails, die über den angegebenen Host transportiert werden, nach Möglichkeit per SMTP-AUTH auszuliefern. Etwaige anders definierte Transportwege werden wie bisher behandelt.


Generieren Sie abschließend die neue Map und lesen Sie die Konfiguration neu ein:
postmap /etc/postfix/saslpasswd
rcpostfix reload

#postfix delete mail in queue
postsuper -d ID
see id with: sendmail -bp
rsync -av /src /dest
rsync -uav /src dest #update modus
rsync -uvzcae ssh /home/myuser/log_analysis user@lnxuar04:/home/myuser/log_analysis

/usr/bin/rsync -uvzca -e 'ssh -i /home/myuser/.ssh/id_rsa' -rtpvz --stats --sa
loganalysis

cat run_loganalysis.sh
#!/bin/sh
filename=`date | awk '{print $6"_"$3"_"$2"_logAnalysis.log"}'`
#echo $filename
/usr/local/bin/log_analysis -f /opt/conf/mw_log_analysis.conf -o /opt/web/log_analysis/$filename -m user\@mail.de
chmod 755 /opt/web/log_analysis/$filename
3ware sata raid
tw_cli #command line on linux
/c0 show all
/c0 Driver Version = 2.26.02.008
/c0 Model = 9550SXU-4LP
/c0 Available Memory = 112MB
/c0 Firmware Version = FE9X 3.04.01.011
/c0 Bios Version = BE9X 3.04.00.002
/c0 Boot Loader Version = BL9X 3.02.00.001
/c0 Serial Number = L320909A6450913
/c0 PCB Version = Rev 032
/c0 PCHIP Version = 1.60
/c0 ACHIP Version = 1.90
ps ax |grep D
PID TTY STAT TIME COMMAND
5438 ? Ss 0:00 smbd -D
5441 ? Ss 0:01 nmbd -D
5503 ? S 0:00 smbd -D
32141 pts/2 S+ 0:00 grep D
mdadm --query --detail /dev/md0
#!/usr/bin/perl
###############################################################################
#
# check-hugo-daily-export.pl
#
###############################################################################
use strict;

print "starting\n";

my $mailto='hugo1@gmail.com,hugo2@gmail.com';

my $default_fage=60*25; #fileage in minutes

my %files2check=(); # filename | fileage in minutes
$files2check{'/var/customers/webs/xyz/export/google_rss_feed_daily.xml'}= $default_fage;
$files2check{'/var/customers/webs/xyz/export/google_rss_feed_daily.error'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/google_rss_feed_daily.xml'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/google_rss_feed_daily.error'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/preisroboter.txt'}= $default_fage;

my $date =`date`;
chomp($date);
my $now = time(); # get current time
my $failed=0;
my $failedstr='';

print "---------------------------------------------------------\n";
print "date: $date - starting\n";
foreach my $fname( keys %files2check) {
print "checking file: $fname\n";
my @stats = stat($fname);
my $fage = int (($now-$stats[9]) / 60 ); #get fage minutes
#print "fage=$fage\n";

if ( $fage > $files2check{$fname} ){
$failedstr.="file $fname is too old ($fage min)\n";
$failed++;
}else{
print "file $fname was generated recently ($fage min) - everything is ok\n";
}

}

if ($failed > 0){
print "$failedstr\n";
system("echo \"$failedstr\" \| mailx -s \"Server Alarm - daily export not updated!\" $mailto ");
print "email was send to $mailto!!\n";
}else{
print "everything is fine\n";
}
Solution:
remove "--chuid man" from file


example:
before:
start-stop-daemon --start --pidfile /dev/null --startas /usr/bin/mandb --oknodo --chuid man --iosched idle -- --no-purge --quiet

after:
start-stop-daemon --start --pidfile /dev/null --startas /usr/bin/mandb --oknodo --iosched idle -- --no-purge --quiet
>>to check if something was executed run:
[root@myhost ~]# systemctl status rc-local.service
rc-local.service - /etc/rc.d/rc.local Compatibility
Loaded: loaded (/usr/lib/systemd/system/rc-local.service; static; vendor preset: disabled)
Active: inactive (dead)


>>enabled service and set execute permissions
[root@myhost ~]# systemctl enable rc-local.service
[root@myhost ~]# chmod +x /etc/rc.d/rc.local

#after reboot
[root@myhost ~]# systemctl status rc-local.service
? rc-local.service - /etc/rc.d/rc.local Compatibility
Loaded: loaded (/usr/lib/systemd/system/rc-local.service; static; vendor preset: disabled)
Active: active (exited) since Mo 2017-01-09 16:32:30 CET; 26min ago
Process: 881 ExecStart=/etc/rc.d/rc.local start (code=exited, status=0/SUCCESS)

Jan 09 16:32:30 myhost systemd[1]: Starting /etc/rc.d/rc.local Compatibility...
Jan 09 16:32:30 myhost systemd[1]: Started /etc/rc.d/rc.local Compatibility.
if there are more authentication sources defined in a vpn configuration the user is always authenticated against the default authentication source which is normaly the local Firebox-database.

There is the possiblity to specify the authentication source that should be used, be defining the source in front of the user, separated with a \:

radius\username #for radius as authentication source

-------------------
see more on the watchguard website: http://www.watchguard.com/help/docs/wsm/xtm_11/en-us/content/en-us/mvpn/ssl/mvpn_ssl_client-install_c.html
Use a non-default authentication server

In the User name text box, type <authentication server>\<user name>.

Examples:

If RADIUS is the non-default server: radius\j_smith
If the Active Directory server ad1_example.com is the non-default server: ad1_example.com\j_smith
If Firebox-DB is the non-default authentication server: Firebox-DB\j_smith
if you have the $ dollar sign in a string and want to process it further in some cases you need to escape the dollar sign:

$pwd =~ s/\$/\\\$/g;

Bash script:

cat squidLogReadable.sh
#!/bin/bash
tail -f /var/log/squid/access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e'

-----

if you want to get the logs in color, ccze could be interesting:

ccze - A robust, modular log coloriser

on debian:
apt-get install ccze

tail -f /var/log/squid/access.loc | ccze -CA

bash script, that uploads a file to ftp server and gives back the success or failed status:

#!/bin/bash
cname=FTPuploadTest
host=192.168.1.1
user=user1
pass=pass1

echo "<<<check_mk>>>";
echo "Version: v1";
echo "<<<local>>>";
/usr/bin/ncftpput -u $user -p $pass $host . /home/test/test.cfg 1>/dev/null 2>&1
if [ $? -eq 0 ]
then
echo "0 $cname - FTP upload test to $host successful";
else
echo "2 $cname - FTP upload test to $host failed";
fi
perl - get year-month-day string

my($day, $month, $year)=(localtime)[3,4,5];
my $ymd = sprintf "%.4d-%.2d-%.2d", $year+1900, $month+1, $day;

output example: 2017-01-24
origin:
http://hawk.cis.vutbr.cz/~tpoder/GN3/HPCookBook/upload-hp

copy:
#!/usr/bin/perl

use Expect;
use IO::Tty;

$MORE = "-- MORE --, next page: Space, next line: Enter, quit: Control-C";
$EOF = "-- End of configuration file --";

# $DEBUG = 1;

($hostname,$username,$password) = @ARGV;

if ( ! length ($hostname) ) {
printf ("usage: upload-hp hostname [login [passwd]]\n");
exit;
}

$username = length ($username) ? $usernane : "admin";
$password = length ($password) ? $password : "admin";

$| = 0;
$ENV{'TERM'} = "xterm";

#&show_config (); exit;
open (config, "-|") || &show_config ();
#open (config, "smaz.mne");

# Konfigurace prepinace:

$begin = $end = 0;
$name = "unknown";
$image = "unknown";

while (<config>) {
# print if $DEBUG;
s/[\n\r]//g;
$begin = 1 if /^Startup configuration:/;
last if $begin;
}

$_ = <config>;

while (<config>) {
s/[\r\n]//g;
s/\33\[[0-9]+\;[0-9]+[a-zA-Z]//g;
s/\33\[[0-9][A-Z]//g;
# s/\33\[\?[0-9]+[a-zA-Z]//g;
s/\33E//g;
printf ("LINE: \"%s\"\n", $_) if $DEBUG;
s/$MORE//;
$end = 1 if /^Press any key when done.../;
$end = 1 if /$EOF/;
printf ("BYLO END %d!!!\n", $end) if $DEBUG;
last if $end;
if ( length == 0 ) {
$n++;
$end = 1 if $n > 1;
last if $end;
} else {
$n = 0;
}
if ( length == 80 ) {
$last = $_;
} else {
$oline = $last . $_;
$last = "";
# preskoceni pravedil acces listu 20000 az 30000
if (! ($oline =~ / + (\d+) (deny|permit) ip [\d\.]{7,15} [\d\.]{7,15} [\d\.]{7,15} [\d\.]{7,15}/ && $1 > 20000 && $1 < 50000)) {

printf ("%s\n", $oline);
}
}
}

printf ("; End of configuration file for %s\n", $hostname) if $begin and $end;
while (<config>) {
print if $DEBUG;
}

sub show_config () {
$exp = new Expect;

# $exp->raw_pty(1);
# $exp->log_stdout(10);

$exp->spawn("ssh $username\@$hostname") or die "Cannot spawn $command: $!\n";
$exp->expect(30, [ qr/login:/i, sub { $exp->send ("$username\n"); exp_continue; } ],
[ qr/name:/i, sub { $exp->send ("$username\n"); exp_continue; } ],
[ qr/password:/i, sub { $exp->send ("$password\n"); exp_continue; } ],
[ qr/to continue/i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/\> /i, sub { $exp->send("enable\n"); exp_continue; } ],
[ qr/# /i, sub { $ok = 1; } ]);

if ( $ok ) {
# $exp->send ("print \"show config\"\n");
$exp->send ("terminal length 1000\n");
$exp->expect ( 3, [ qr/# /i, sub { $exp->send("show config\n"); } ] );
$exp->expect (20, [ qr/Press any key when done.../i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/$MORE/i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/# /i, sub { printf ("%s\n", $EOF); $exp->send("\n logout\n"); } ] );

$exp->expect ( 5, [ qr/log out \[y\/n\]\?/i, sub { $exp->send ("y"); exp_continue; } ],
[ qr/configuration \[y\/n\/\^C\]?/i, sub { $exp->send ("n"); exp_continue; } ],
[ qr/connection closed/i, sub { $ok = 2; } ]);
}
$exp->soft_close();
exit;
}


http://nullhaus.com/2013/08/hp-port-troubles-part-1-monitoring/

turn on: fault-finder all action warn sensitivity high

to find port errors and more ..
HP ProCurve Switch Stack Firmware Update

1. save the config. (write memory)
2. save current software to secondary (copy flash flash secondary)
3. upload the new software to primary - it doesn't matter which way:
- via menu
- via web
- via tftp: copy tftp flash <ip-address> <remote-os-file> [<primary | secondary>]
3.1: verify image using "show flash"
4. reboot the stack (boot system flash primary)

Things to know:
- A "reboot" or "reload" (and the corresponding MIB) would cause only the commander to get rebooted.
A "boot system" would boot the entire stack
- uploading software to the commander will cause all members to have that software loaded as well
You can specify the default flash to boot from on the next boot by entering the
boot set-default flash command:
HP Switch(config)# boot set-default flash secondary

Booting from the default flash
Syntax: boot[system[flash | <primary | secondary> ]] [config FILENAME]
- system:Boots the switch. You can specify the flash image to boot from. When using
redundant management, boots both the active and standby management modules.

#reload command
This command boots the switch from the currently active flash image and
startup-config file. Because reload bypasses some subsystem self-tests, the switch
boots faster than if you use a boot command.

#schedule a reload:
- To schedule a reload in 15 minutes: HP Switch# reload after 15
- To schedule a reload in 3 hours: HP Switch# reload after 03:00
- To schedule a reload for the same day at 12:05: HP Switch# reload at 12:05
- To schedule a reload for some future date: HP Switch# reload at 12:05 01/01/2008
https://avm.de/service/fritzbox/fritzbox-7490/wissensdatenbank/publication/show/1339_FRITZ-Box-fuer-Betrieb-am-IP-basierten-Telekom-Anschluss-einrichten/

Telefonie einrichten:

Telefonie einrichten
Rufnummern einrichten

Tragen Sie alle Rufnummern des IP-basierten Anschlusses als Internetrufnummern in der FRITZ!Box ein:
- Klicken Sie in der Benutzeroberfläche der FRITZ!Box auf "Telefonie".
- Klicken Sie im Menü "Telefonie" auf "Eigene Rufnummern".
- Klicken Sie auf die Schaltfläche "Neue Rufnummer".
- Aktivieren Sie die Option "Internetrufnummer einrichten" und klicken Sie auf "Weiter".
- Wählen Sie in der Ausklappliste Telekom aus.
- Tragen Sie die Internetrufnummer (Telefonnummer) in die entsprechenden Eingabefelder ein.
- Wenn Sie den Telekomdienst "My Login" nachträglich deaktiviert haben, deaktivieren Sie die Option "Standardeinstellung für die Anmeldung verwenden" und tragen Sie im Feld "E-Mail-Adresse" Ihre E-Mail-Adresse, z. B. ihr-name@t-online.de und im Feld "Passwort" Ihr Web-Passwort ein.
- Klicken Sie auf "Weiter" und folgen Sie den Anweisungen des Assistenten.

Herkömmliches Festnetz deaktivieren
Deaktivieren Sie in der FRITZ!Box die Unterstützung für herkömmliche Festnetzanschlüsse (ISDN und analog):
- Klicken Sie in der Benutzeroberfläche der FRITZ!Box auf "Telefonie".
- Klicken Sie im Menü "Telefonie" auf "Eigene Rufnummern".
- Klicken Sie auf die Registerkarte "Anschlusseinstellungen".
- Deaktivieren Sie die Einstellung "Festnetz aktiv".
- Klicken Sie zum Speichern der Einstellungen auf "Übernehmen".

Telefoniegeräte einrichten und Rufnummern zuweisen
- Klicken Sie in der Benutzeroberfläche der FRITZ!Box auf "Telefonie".
- Klicken Sie im Menü "Telefonie" auf "Telefoniegeräte".
- Klicken Sie bei dem betreffenden Telefoniegerät auf die Schaltfläche (Bearbeiten).
- Wählen Sie in der Ausklappliste "Ausgehende Anrufe" die Rufnummer aus, über die das Telefoniegerät ausgehende Gespräche herstellen soll.
- Legen Sie fest, auf welche Rufnummern das Telefoniegerät bei ankommenden Rufen reagieren soll. Sie können maximal zehn Rufnummern (inklusive der Rufnummer für ausgehende Gespräche) auswählen.
- Klicken Sie zum Speichern der Einstellungen auf "OK".


------------------------------------------------------------------------------------
Hinweis - SIP infos - Manuelle SIP Einstellungen
Internetrufnummer: Ihre Telefonnummer
eMail-Adresse bzw. Benutzername: bei All-IP und My Login auf auto hier einfach "anonymous@t-online.de" eintragen und kein passwort
Passwort (Webkennwort) bzw. Kennwort: Ihr Passwort (ausser bei benutzer anonymous@t-online.de)
Registrar: tel.t-online.de
Proxy-Server: tel.t-online.de
STUN-Server: stun.t-online.de
Fritz.box adress that always works: <http://169.254.1.1/>;
/* every odd row should be grey*/
tr:nth-child(odd) { background-color: #dddddd; }

/*some width and color for the columns*/
td:nth-child(1) { width:340px; padding:2px;font-weight:bold; color: #6f0006;}
td.nth-child(2) { width:auto; padding:2px;}
td.nth-child(3) { width:auto; padding:2px;}


#important: use CSS styled conted as rendering engine
#put the following to the Setup of the template to the site where the typo3 table is located:
tt_content.table{
20.innerStdWrap.parseFunc =< lib.parseFunc
20.innerStdWrap.htmlSpecialChars >
}


#see also:#http://stackoverflow.com/questions/35014615/how-can-i-enable-html-rendering-for-typo3-7-tables
IPSec tunnel: use key length of 32

tools:
- http://www.kurtm.net/wpa-pskgen/
if outlook is not starting:
- start using command: "outlook.exe /safe" in safe mode
- check the addon's and disable them

Afterwards it worked in my case ;-)
watchguard DNS forwarder

ssh wachtguard-ip -p 4118
check actual config: show ip dns

>> in configure mode:
enable:
WG(config)#ip dns forwarding enable

disable:
WG(config)#no ip dns forwarding enable
Problem: files cannot be uploaded

Solution: set parameters in .htaccess
php_value max_execution_time 1000
php_value max_input_time 1000
php_value post_max_size 100M
php_value upload_max_filesize 100M

(siehe also: https://wiki.typo3.org/How_to_upload_big_files )
on windows, use dhcploc.exe
>> https://gallery.technet.microsoft.com/DHCPLOC-Utility-34262d82


-----------------------------

on linux, you can use:

1.)
perl script https://sourceforge.net/projects/roguedetect/files/roguedetect/0.3/
(march 2017 >> problems getting it running on centos 7 >> error (tap) Can't get interface IP address at /usr/lib64/perl5/Net/RawIP.pm line 223.


2.) nmap script
https://nmap.org/nsedoc/scripts/broadcast-dhcp-discover.html



check a mailserver with nice little windows tool: http://znil.net/index.php?title=ZnilTools:Telnet_SMTP_Test_Tool
http://kb.parallels.com/de/115007

use Parallels Transporter Agent ...
http://www.cnwr.com/automating-veeam-with-powershell/

The powershell script:

# VM names separated by commas
$VMNames = VM1, VM1

# vCenter name/IP
$HostName = 10.30.10.140

# Directory that VM backups should go to
$Directory = \\10.30.10.85\Veeam

# Desired compression level, following compression level from Veeam (Optional)
$CompressionLevel = 4

# Quiesce VM when taking snapshot (Optional; VMware Tools are required; Possible values: $True/$False)
$EnableQuiescence = $True

# Protect resulting backup with encryption key (Optional; $True/$False)
$EnableEncryption = $False

# Encryption Key (Optional; path to a secure string, C:\SecureString.txt
$EncryptionKey =

# Retention settings (Optional; By default, VeeamZIP files are not removed and kept in the specified location for an indefinite period of time.
# Possible values: Never , Tonight, TomorrowNight, In3days, In1Week, In2Weeks, In1Month)
$Retention = In3days

# Email Settings

# Enable notification (Optional)
$EnableNotification = $True

# Email SMTP server
$SMTPServer = smtp.smtp.com

# Email FROM
$EmailFrom = sender@cnwr.com

# Email TO
$EmailTo = recipient@cnwr.com

# Email subject
$EmailSubject = Veeam Backup Job
# Email formatting

$style = <style>BODY{font-family: Arial; font-size: 10pt;}
$style = $style + TABLE{border: 1px solid black; border-collapse: collapse;}
$style = $style + TH{border: 1px solid black; background: #54b948; padding: 5px; }
$style = $style + TD{border: 1px solid black; padding: 5px; }
$style = $style + </style>

##################################################################
# End User Defined Variables
##################################################################

#################### DO NOT MODIFY PAST THIS LINE ################
Asnp VeeamPSSnapin

$Server = Get-VBRServer -name $HostName
$mbody = @()

foreach ($VMName in $VMNames)
{
$VM = Find-VBRViEntity -Name $VMName -Server $Server
$ZIPSession = Start-VBRZip -Entity $VM -Folder $Directory -Compression $CompressionLevel -DisableQuiesce:(!$EnableQuiescence) -AutoDelete $Retention

If ($EnableNotification)
{
$TaskSessions = $ZIPSession.GetTaskSessions()
$FailedSessions = $TaskSessions | where {$_.status -eq EWarning -or $_.Status -eq EFailed}

if ($FailedSessions -ne $Null)
{
$mbody = $mbody + ($ZIPSession | Select-Object @{n=Name;e={($_.name).Substring(0, $_.name.LastIndexOf(())}} ,@{n=Start Time;e={$_.CreationTime}},@{n=End Time;e={$_.EndTime}},Result,@{n=Details;e={$FailedSessions.Title}})
}

Else
{
$mbody = $mbody + ($ZIPSession | Select-Object @{n=Name;e={($_.name).Substring(0, $_.name.LastIndexOf(())}} ,@{n=Start Time;e={$_.CreationTime}},@{n=End Time;e={$_.EndTime}},Result,@{n=Details;e={($TaskSessions | sort creationtime -Descending | select -first 1).Title}})
}

}
}
If ($EnableNotification)
{
$Message = New-Object System.Net.Mail.MailMessage $EmailFrom, $EmailTo
$Message.Subject = $EmailSubject
$Message.IsBodyHTML = $True
$message.Body = $mbody | ConvertTo-Html -head $style | Out-String
$SMTP = New-Object Net.Mail.SmtpClient($SMTPServer)
$SMTP.Send($Message)
}
Chloë

CHLOË

keyboard with keypad:
ë = ALT + 137
Ë = ALT + 211

on mac os / apple:
>> press <alt> and u >> after that enter a small e or a big e
How to reset?

Reset button
The Reset button is accessible via a hole on the bottom of the MSM410 as identified below.
Insert a paper clip under the cable and into the reset button hole at the precise angle shown.
Press and quickly release the button to reset the MSM410. To reset the MSM410 to factory
defaults, press the button until the status lights blink three times, then release

After reset:
https://192.168.1.1/ user admin/admin

See also: https://www.manualslib.com/manual/857144/Hp-Procurve-Msm410.html?page=2#manual
http://ncalculators.com/digital-computation/ip-address-hex-decimal-binary.htm


AIX gives out some messages in hex syntax .. http://www-01.ibm.com/support/docview.wss?uid=isg3T1024801

for example:
Note: errpt displays DUPLICATE IP ADDRESS in hex.
e.g. 0D54 8009 in hex is 13.84.128.9 in decimal.
https://technet.microsoft.com/de-de/sysinternals/bb897553.aspx

psexec \\targethost -u "domain\username" -p "password" -h cmd /c "\\fileserver\directory\check_mk_agent.msi" /quiet /norestart
#!/usr/bin/perl
###################################################################
#
# turnLightsOnbeforeSunset.pl
#
# uses module: install Astro::Sunrise
#
# get Latitude and Longitude from
# http://www.latlong.net/
# 72555, de:
# - latitude: 48.534733
# - longitude: 9.295337
#
# run as cron:
# 1,31 16,17,18,19,20,21,22,23,0 * * * /root/bin/turnLightsOnbeforeSunset.pl >>/var/log/turnLightsOnbeforeSunset.log 2>&1
#
#
###################################################################

use Astro::Sunrise;
use strict;

my $minbefore = 35;
my $cmd_on = '/root/bin/steckdose1on.sh';
my $cmd_off = '/root/bin/steckdose1off.sh';
my $date = `date`;
chomp($date);

my $sunset = sun_set(9.295337,48.534733); #long, lat
$sunset =~ s/://g;

my @curtime = localtime();
my $curtime = join '', @curtime[2,1];
my $curhour = $curtime[2];

print "$date sunset=$sunset, curtime=$curtime, curhour=$curhour\n";

if (( $curtime + $minbefore) > $sunset){
print "$date turn on the light\n";
system($cmd_on);
}
if ($curhour < 1){
print "$date turn off the light\n";
system($cmd_off);
}
in the user-view just enter a: screen-length disable
in most cases it is better not to use flowcontrol, see also this discussion:

https://community.hpe.com/t5/Switches-Hubs-and-Modems/When-to-use-Flow-Control/td-p/4337588
this commands where used cleaning up an ubuntu 16 version, removing xwindow related packeages

- remove x11 and components belonging to x11: apt-get purge libx11.* libqt.*
- sudo apt-get autoremove # Uninstall unneeded Packages
- sudo apt-get autoclean # Delete packages no longer installe
#####################################################
#
# checkDomainAdmins.pl
#
# check_mk local check that uses net use command to validate number of users found in group
#
# needs perl .. recommendation is: http://strawberryperl.com/
#
# tested on a windows 2012 server
#
# (c) by m.wendig v2017-08
#
#####################################################
use Data::Dumper;
use strict;

my %group2check;
$group2check{'Domänen-Admins'}=28;
#$group2check{'other-group'}=20;
#print Dumper(%group2check);

foreach my $group ( keys %group2check ){
my $startline=0;
my $usercount=0;
my $userline='';
my $numberOfUsers=$group2check{$group};

#print "checking group: $group\n";

#choose the right character set because of german special character
open(IN,"chcp 1252 & net group /dom $group 2>nul |");
while(<IN>){
chomp($_);
my $line =$_;
$line =~ s/^\s*//;
$line =~ s/\s*$//;
next if $line eq "";
next if $line =~ /^Der Befehl wurde erfolgreich/;
next if $line =~ /^The command completed successfully/;
if ($startline){
#print "$line\n";
my @larr = split /\s\s*/,$line;

#print Dumper(@larr);
foreach my $elem (@larr){
$usercount++;
$userline.="$elem,";
}
}

$startline = 1 if $line =~ /^-------------------------------------------------/;
}
close(IN);

$group =~ s/ä/ae/g;
if ($numberOfUsers == $usercount){
print "0 group_$group member=$usercount number of found users: $usercount, names $userline\n";
}else{
print "2 group_$group member=$usercount number of found users: $usercount, error number should be $numberOfUsers!! $userline\n";
}
}
>> just use mount --bind

example: show up directory /var/log/apache2 under user home /home/loguser

1.) create directory /home/loguser/show_apache2_log_dir
2.) mount the directory by using command:
mount --bind /var/log/apache2 /home/loguser/show_apache2_log_dir

>> to have the directory mounted after system reboot put the mount command to startup file >> /etc/rc.local
sample in vhost:


#needs apache module proxy_http

ProxyPreserveHost On
ProxyRequests off
ProxyPass /abfallkalender/ http://46.4.28.200:5000/abfallkalender/
ProxyPassReverse /abfallkalender http://46.4.28.200:5000/abfallkalender/
search for "windows 10 media creation tool"

>> you can download the iso image or create a bootable usb stick:
https://www.microsoft.com/de-de/software-download/windows10
when using rsnapshot there are a lot of hardlinks, to sync them you can use this command:

rsync -P -H --delete -uav /opt/hdds4c/ /tmp/hdds4cnew/

#faster approach
use option -c, --checksum skip based on checksum, not mod-time & size

rsync -P -H --delete -c --progress -uav /opt/hdds4c/ /tmp/hdds4cnew/

hint from this page: http://www.cryptobadger.com/2017/08/recent-ubuntu-patch-causing-issues-amd-17-x-drivers/

>>>>>>>>>>
1. Power down the rig and disconnect the risers to the GPUs.
2. Boot up the rig, login, and manually delete the old or suspect AMD GPU drivers, by issuing the command amdgpu-pro-uninstall
3. sudo apt update; sudo apt upgrade; sudo apt autoremove for the full Ubuntu cleanse This will also bring you up to 16.04.3, if youre not there already.
4. Reboot
5. Login and install using the ./amdgpu-pro-install -compute command from the uncompressed AMD GPU driver file you want to use. (Im on amdgpu-pro 17.30-465504.)
6. Power down and reconnect the risers to the GPUs.
7. Power up and hopefully your miner_launcher.sh will have you mining in no time.

This seems like a bother because it is. The AMD drivers are not that Ubuntu friendly. And the claymore software seems to take lots of low-level actions to enhance speed, perhaps at the expense of stability. But this ritual seems to be the most reliable way of keeping clean.

Always assume your mining rig could self-destruct at any time. Dont keep any files only there if you would need them to rebuild. And keep notes on how to rebuild so you dont have to repeat all the blind alleys you encountered on the first journey.

Good luck and happy mining!
use this shortcuts to make screenshots under apple / ios:

Cmd-Shift-3 : screen of complete screen

Cmd-Shift-4 : screenshot of a choosen rectangle

Cmd-Shift-4 : screenshot of choosen windows, select using space key

>> the screenshot is afterwards on the desktop as png picture
ls /sys/class/net/
>> shows which nics are there, e.g:
br0 lo p5p1
>> p5p1 .. nothing was shown when running kernel 4.4.0-93

lspci -nnk |grep iA3 net
>> shows the ethernet device and which driver is loaded
>> here was no driver loaded

>> when starting a later kernel, you see the module and the driver is loaded
kernel: 4.4.0-96 contains module modnifo r8169
>> /lib/modules/4.4.0-96-generic/kernel/drivers/net/ethernet/realtek/r8169.ko

>> solution: upgraded just to 4.4.0-97 ;-))
(1)
when executing: /opt/amdgpu-pro/bin/clinfo
you get:
terminate called after throwing an instance of 'cl::Error'
what(): clGetPlatformIDs
Abgebrochen (Speicherabzug geschrieben)

(2) using command dmesg you see:
4.909396] [drm:amdgpu_init [amdgpu]] *ERROR* VGACON disables amdgpu kernel modesetting.


GRUB Boot: linux /boot/vmlinuz-4-4.0.97 -generic root=UUID=... ro nomodeset text

>> we need to remove the nomodeset and text from the boot parameters,
after that clinfo was running fine

to configure permantent in file: /etc/default/grub
#GRUB_CMDLINE_LINUX_DEFAULT="text"
GRUB_CMDLINE_LINUX_DEFAULT=""
#GRUB_CMDLINE_LINUX="nomodeset"
GRUB_CMDLINE_LINUX=""

>> after modification auf this file you need to run "update-grub"
on windows use the <shift> key and <right mouse key>
C:\Windows\System32\LogFiles\Firewall

Windows-Firewall mit erweiterter Sicherheit >> Protokollierung >> hier anschalten
#wake on lan inuc (works with latest inter bios + driver under windows 10)
inuc1: etherwake -i br0 94:c6:91:14:62:03
inuc2: etherwake -i br0 94:C6:91:14:68:2c


#shutdown windows 10 remotly

idea: user samba-comman package on linux and then command "net rpc shutdown"

settings on windonws 10 to get it running:
problem 1: Connection failed: NT_STATUS_IO_TIMEOUT
solution : open windows fireall port 445 for linux machine

problem 2: Could not initialise pipe winreg. Error was NT_STATUS_OBJECT_NAME_NOT_FOUND
sc config RemoteRegistry start=auto
sc start RemoteRegistry

(2) problem: you get error: WERR_CALL_NOT_IMPLEMENTED on linux
solution: registry editor
>> HKLM/Software/Microsoft/Windows/CurrentVersion/Policies/System
>> create DWORD with vale LocalAccountTokenFilterPolicy >> set value to 1



execute shutdown on linux
net rpc shutdown -f -t0 -S inuc1 -U user%password
net rpc shutdown -f -t0 -S inuc2 -U user%password

solution: setting app armor to complain instead of enforcing it for tcpdump:

aa-complain /usr/sbin/tcpdump

#https://automatetheboringstuff.com/chapter18/
#pip install pyscreenshot
#pip install pyautogui
#
#if you have all screenshots just print them to a pdf printer, like explained here:
#https://www.howtogeek.com/248462/how-to-combine-images-into-one-pdf-file-in-windows/

import pyautogui
import pyscreenshot as ImageGrab
import time


if __name__ == '__main__':

pyautogui.PAUSE = 1
pyautogui.FAILSAFE = True

x=1860
y=530

#hochformat
x=1053
y=955


pyautogui.moveTo(x, y, duration=0.25)

for i in range(1125):
pyautogui.click(x, y, duration=0.25)
#time.sleep(1)
#im=ImageGrab.grab(bbox=(994,90,1708,1000)) # X1,Y1,X2,Y
#hochformat
im=ImageGrab.grab(bbox=(60,305,1026,1600)) # X1,Y1,X2,Y
#time.sleep(1)
im.save('img/screenshot_'+str(i)+'.png')

## Windows server (tested on 2012R2)
w32tm /config /reliable:yes
reg add
HKLM\system\currentcontrolset\services\w32time\timeproviders\ntpserver /v enabled /t REG_DWORD /d 1 /f net stop w32time net start w32time
Files under: C:\Windows\SoftwareDistribution\

https://social.technet.microsoft.com/Forums/ie/en-US/d1816c14-f953-4068-b3f0-e49558fe0845/datastoreedb-file?forum=winserverfiles

For a complete cleaning (clearing also the whole update history):
1.net stop wuauserv
2.delete all files inside the C:\Windows\SoftwareDistribution\Download directory
3.delete the DataStore.edb into C:\Windows\SoftwareDistribution\DataStore
4.net start wuauserv
>> solution: set mtu size of interface to a smaller value



C:\WINDOWS\system32>netsh interface ipv4 show subinterface

MTU Medienerkennungsstatus Bytes eingehend Bytes ausgehend Schnittstelle
------ --------------- --------- --------- -------------
1500 1 329087247 46687094 WLAN
1500 5 0 0 LAN-Verbindung* 2
4294967295 1 0 270372 Loopback Pseudo-Interface 1
1404 1 266411 76107 Hamachi


set mtu to 1280
>>>>> netsh interface ipv4 set subinterface Hamachi mtu=1280

>> to have the setting after reboot do a "store=persistent":
netsh interface ipv4 set subinterface $AdapterName mtu=1280 store=persistent


ps: see also: https://aktuelles.computer-fuechse.com/294/unitymedia-vpn-probleme-ipv4-ipv6-geloest.htm
screen - environment emulator

start a process that should run in a own screen process:
- screen -dmS <myscreensessionname> tail -f /var/log/messages

see which screen instances are running:
- screen -list

resume a detached screen session:
- screen -r <myscreensessionname>

detach session when session is active:
- <strg> + <a> + <d>
for example you want to run two instances, one installed normaly the other install as a portable firefox

>> the problem is that both instances are using the same profile by default!!

solution:

- open a firefox >> about:profiles
- create a new profile, called it for example "portable"
- no create a "shurtcut" for the portable firefox binary and add a >> -no-remote -P "portable"

- for example: C:\tools\FirefoxPortable\FirefoxPortable.exe -no-remote -P "portable"
sample

#create port group
mirroring-group 5 local

#select port that you want to be monitored >> for example 1/0/1
mirroring-group 4 mirroring-port GigabitEthernet 1/0/1 both

#define monitor port, where you are plugged in notebook / wireshark, e.g. 1/0/24
mirroring-group 4 monitor-port GigabitEthernet 1/0/24

Transceiver info

display transceiver diagnosis interface Ten-GigabitEthernet 1/0/49
Ten-GigabitEthernet1/0/49 transceiver diagnostic information:
Current diagnostic parameters:
Temp.(°C) Voltage(V) Bias(mA) RX power(dBm) TX power(dBm)
46 3.39 45.34 -0.99 -2.53
Alarm thresholds:
Temp.(°C) Voltage(V) Bias(mA) RX power(dBm) TX power(dBm)
High 73 3.80 88.00 3.50 3.50
Low -3 2.80 1.00 -8.00 -9.50


mibs:

hh3cTransceiver

VendorName
.1.3.6.1.4.1.25506.2.70.1.1.1.4 Name/OID: hh3cTransceiverVendorName.49; Value (OctetString): HPE

Distance
.1.3.6.1.4.1.25506.2.70.1.1.1.7 Name/OID: hh3cTransceiverTransferDistance.49; Value (Integer): 220 >> 220m

Cur TX power (dBm)
.1.3.6.1.4.1.25506.2.70.1.1.1.9 Name/OID: hh3cTransceiverCurTXPower.49; Value (Integer): -252
Indicating the current transmitted power.The unit is in hundredths of dBM. >> -2.52dBm

Cur RX power (dBm)
.1.3.6.1.4.1.25506.2.70.1.1.1.12 Name/OID: hh3cTransceiverCurRXPower.49; Value (Integer): -99
Indicating the current received power. The unit is in hundredths of dBM. >> -0.99dBm

Cur Temp °C
.1.3.6.1.4.1.25506.2.70.1.1.1.15 Name/OID: hh3cTransceiverTemperature.49; Value (Integer): 46
Indicating the current temperature. The unit is Celsius centigrade. >> 45C

Cur Voltage (V)
.1.3.6.1.4.1.25506.2.70.1.1.1.16 Name/OID: hh3cTransceiverVoltage.49; Value (Integer): 339
Indicating the current voltage. The unit is in hundredths of V >> 3.39V

Cur Bias (mA)
.1.3.6.1.4.1.25506.2.70.1.1.1.17 Name/OID: hh3cTransceiverBiasCurrent.49; Value (Integer): 4534
Indicating the current bias electric current. The unit is in hundredths of mA >> 45.34mA

Alarm Temp High
.1.3.6.1.4.1.25506.2.70.1.1.1.18 Name/OID: hh3cTransceiverTempHiAlarm.49; Value (Integer): 73000 >> 73°C
Transceiver temperature high alarm threshold limit in thousandths of degrees Celsius.
As an example:49120 is 49.120 degrees Celsius.

Alarm Temp Low
.1.3.6.1.4.1.25506.2.70.1.1.1.19 Name/OID: hh3cTransceiverTempLoAlarm.49; Value (Integer): -3000 >> -3°C

Alarm Voltage High
.1.3.6.1.4.1.25506.2.70.1.1.1.22 Name/OID: hh3cTransceiverVccHiAlarm.49; Value (Integer): 37952 >> 3.80V
Transceiver VCC high alarm threshold limit in hundreds of microvolts.
As an example:32928 is 3.2928 volts. Returns zero if not supported on the transceiver.

Alarm Voltage Low
.1.3.6.1.4.1.25506.2.70.1.1.1.23 Name/OID: hh3cTransceiverVccLoAlarm.49; Value (Integer): 28048 >> 2.80V

Alarm Bias High
.1.3.6.1.4.1.25506.2.70.1.1.1.26 Name/OID: hh3cTransceiverBiasHiAlarm.49; Value (Integer): 88000 >> 88.00mA
Transceiver bias high alarm threshold limit in microamps

Alarm Bias Low
.1.3.6.1.4.1.25506.2.70.1.1.1.27 Name/OID: hh3cTransceiverBiasLoAlarm.50; Value (Integer): 1000 >> 1.00mA

!!dBm = 10 * log ( Leistung / 1mw)
Alarm TX power dBM high
.1.3.6.1.4.1.25506.2.70.1.1.1.30 Name/OID: hh3cTransceiverPwrOutHiAlarm.49; Value (Integer): 22387
Transceiver transmit power high alarm threshold limit in tenths of microwatts.
As an example:10000 is 1 milliwatt.

Alarm TX power dBM low
.1.3.6.1.4.1.25506.2.70.1.1.1.31 Name/OID: hh3cTransceiverPwrOutLoAlarm.49; Value (Integer): 1122

Alarm RX power dBM high
.1.3.6.1.4.1.25506.2.70.1.1.1.34 Name/OID: hh3cTransceiverRcvPwrHiAlarm.49; Value (Integer): 22387

Alarm RX power dBM low
.1.3.6.1.4.1.25506.2.70.1.1.1.35 Name/OID: hh3cTransceiverRcvPwrLoAlarm.49; Value (Integer): 1585

TransceiverErrors
.1.3.6.1.4.1.25506.2.70.1.1.1.38 OctetString List with Errors
Bitmask indicating transceiver errors.
Transceiver information I/O error(0)
Transceiver information checksum error(1)
Transceiver type and port configuration mismatch(2)
Transceiver type not supported by port hardware(3)
WIS local fault(4)
Receive optical power fault(5)
PMA/PMD receiver local fault(6)
PCS receive local fault(7)
PHY XS receive local fault(8)
Laser bias current fault(9)
Laser temperature fault(10)
Laser output power fault(11)
TX fault(12)
PMA/PMD transmitter local fault(13)
PCS transmit local fault(14)
PHY XS Transmit Local Fault(15)
RX loss of signal(16)
Unused(17-31)
##################################################################
#
# auf IRF xx
#
##################################################################

DHCP Pool ist configuriert / vorbereitet:
dhcp server ip-pool vlan99
network 10.99.99 mask 255.255.255.0
address range 10.99.99.10 10.99.99.11
gateway-list 10.99.99.1

##################################################################
# aktivieren (vorher am besten schauen ob pool adressen frei sind)
##################################################################

interface Vlan-interface33
ip address 10.99.99.1 255.255.255.0

folgenden Befehl absetzten:
dhcp server apply ip-pool vlan99


DHCP Clients anschauen:
disp dhcp server ip-in-use
IP address Client identifier/ Lease expiration Type
Hardware address
10.99.99.10 ...


##################################################################
#deaktivieren
##################################################################
interface Vlan-interface99
undo dhcp server apply ip-pool



in firefox: about:config

security.ssl.enable_ocsp_stapling;true >> set to "false" and try again

see also:
https://blog.pki.dfn.de/2015/03/mehr-privacy-fuer-den-nutzer-ocsp-stapling/
https://www.computerbase.de/forum/showthread.php?t=1683403
In browser you see the message:
Exception printing is disabled by default for security reasons.

Error log record number xxxxxxxx

>> check the folder "var/report" for a error log file
FAN
hh3cdevMFanStatusTable
OID of this table is: 1.3.6.1.4.1.25506.8.35.9.1.1
Name Access PDS Description
hh3cDevMFanNum
(1.3.6.1.4.1.25506.8.35.9.1.1.1.1) read-only No
This object is used to identify
uniquely fans in device or fabric.
Need confirm by products
hh3cDevMFanStatus
(1.3.6.1.4.1.25506.8.35.9.1.1.1.2) read-only No Need confirm by products

POWER
hh3cdevMPowerStatusTable
OID of this table is: 1.3.6.1.4.1.25506.8.35.9.1.2
Name Access PDS Description
hh3cDevMPowerNum
(1.3.6.1.4.1.25506.8.35.9.1.2.1.1) read-only No
This object is used to identify
uniquely powers in device or
fabric.
Need confirm by products
hh3cDevMPowerStatus
(1.3.6.1.4.1.25506.8.35.9.1.2.1.2) read-only No Need confirm by products

the model 305 for example just offers a special console connection:

There are 4 pins, if you look at the pins seen with the thinner tab at bottom:
PIN 1 - To GND on converter
PIN 2 - To RX on converter
PIN 3 - To TX on converter
PIN 4 - not connected
esxcfg-vswitch -l #show vswitch config
esxcfg-vmknic -l #list vmkerne interfaces - their ip and mac
esxcfg-nics -l #list physical interfaces
esxcli network nic stats get -n vmnic5 #see interface statistic
snmptable -v2c -c public 192.168.2.1 IF-MIB::ifTable

>> shows interfaces in table format
#!/usr/bin/perl

my $wg = '192.168.1.1';
my $community = 'public';

my $date = `date`;
chomp($date);

my $OID_sysUpTime = '1.3.6.1.2.1.1.3.0';
my $OID_sysName = '1.3.6.1.2.1.1.5.0';

open(IN,"snmpget -v 2c -c $community $wg $OID_sysUpTime |");
while(<IN>){ if ($_ =~ /= (.*)$/){ print "$date $1\n"; } }
close(IN);

open(IN,"snmpget -v 2c -c $community $wg $OID_sysName |");
while(<IN>){ if ($_ =~ /= (.*)$/){ print "$date $1\n"; } }
close(IN);
problem snmp service is not starting anymore

1) could be a bug / know problem
>> https://forum.qnapclub.de/thread/47395-snmp-will-nicht-mehr/
>> bug in version 4.3.4.0513 Build 20180315

2) see the error / the problem / troubleshooting
>> by running snmpd start command manual:

/usr/local/bin/snmpd -c /etc/config/snmpd.conf -p 161 -f -L o
error on subcontainer 'ia_addr' insert (-1)
Cannot find module (NAS-MIB): At line 0 in (none)
Cannot find module (IP-MIB): At line 0 in (none)
Cannot find module (IF-MIB): At line 0 in (none)
Cannot find module (TCP-MIB): At line 0 in (none)
Cannot find module (UDP-MIB): At line 0 in (none)
Cannot find module (HOST-RESOURCES-MIB): At line 0 in (none)
Cannot find module (SNMPv2-MIB): At line 0 in (none)
Cannot find module (SNMPv2-SMI): At line 0 in (none)
Cannot find module (NOTIFICATION-LOG-MIB): At line 0 in (none)
Cannot find module (DISMAN-EVENT-MIB): At line 0 in (none)
Cannot find module (DISMAN-SCHEDULE-MIB): At line 0 in (none)
Cannot find module (SNMP-TARGET-MIB): At line 0 in (none)
Cannot find module (NET-SNMP-AGENT-MIB): At line 0 in (none)
Cannot find module (HOST-RESOURCES-TYPES): At line 0 in (none)
Cannot find module (SNMP-MPD-MIB): At line 0 in (none)
Cannot find module (SNMP-USER-BASED-SM-MIB): At line 0 in (none)
Cannot find module (SNMP-FRAMEWORK-MIB): At line 0 in (none)
Cannot find module (SNMP-VIEW-BASED-ACM-MIB): At line 0 in (none)
Cannot find module (SNMP-COMMUNITY-MIB): At line 0 in (none)
Cannot find module (IPV6-ICMP-MIB): At line 0 in (none)
Cannot find module (IPV6-MIB): At line 0 in (none)
Cannot find module (IPV6-TCP-MIB): At line 0 in (none)
Cannot find module (IPV6-UDP-MIB): At line 0 in (none)
Cannot find module (IP-FORWARD-MIB): At line 0 in (none)
Cannot find module (SNMP-NOTIFICATION-MIB): At line 0 in (none)
Cannot find module (SNMPv2-TM): At line 0 in (none)
Cannot find module (NET-SNMP-VACM-MIB): At line 0 in (none)
Error opening specified endpoint "udp6:[::ffff:127.0.0.1]:161"
Server Exiting with code 1
problem: message log shows denial of service

https://servereye.freshdesk.com/support/solutions/articles/14000079910-qnap-nas-meldet-dos-attacke-durch-den-sensor
setcfg SNMP EnableDetectDDoS FALSE
# /etc/init.d/snmp restart

---
see the parameters on qnap system / console
>> file: /etc/config/uLinux.conf
>> section:
[SNMP]
Server Enable = TRUE
Service Enable = TRUE
Listen Port = 161
Trap Community = elbpublic
Event Mask 1 = 0
Trap Host 1 =
Event Mask 2 = 0
Trap Host 2 =
Event Mask 3 = 0
Trap Host 3 =
Version = 1
Auth Type = 0
Auth Protocol = 0
Priv Protocol = 0
User = test
Auth Key =
Priv Key =
https://humdi.net/vnstat/

vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won't actually be sniffing any traffic and also ensures light use of system resources.
>> solution

stop the automatic scheduled cleaning job

http://tipps4you.de/tipp-62-win7.html
# HTML5 Speedtest

> by Federico Dossena
> Version 4.5.5, April 25, 2018
> [https://github.com/adolfintel/speedtest/](https://github.com/adolfintel/speedtest/)

>> optimize things, when running this under ubuntu:
https://github.com/adolfintel/speedtest/issues/50

-----------------------------------------------------
########### Google Opt-Out
########### https://die-netzialisten.de/wordpress/google-analytics-um-einen-optout-link-ergaenzen/
########### in typo3 template
page.headerData.60 = TEXT
page.headerData.60.value (
<script type="text/javascript">// <![CDATA[
// Set to the same value as the web property used on the site
var gaProperty = 'UA-XXXX-Y';

// Disable tracking if the opt-out cookie exists.
var disableStr = 'ga-disable-' + gaProperty;
if (document.cookie.indexOf(disableStr + '=true') > -1) {
window[disableStr] = true;
}

// Opt-out function
function gaOptout() {
document.cookie = disableStr + '=true; expires=Thu, 31 Dec 2099 23:59:59 UTC; path=/';
window[disableStr] = true;
}
</script>
)


###########
## in datenschutzerklärung
<a onclick="alert('Google Analytics wurde deaktiviert');"
href="javascript:gaOptout()">Google Analytics deaktivieren</a>
- mwdemesrv01.no-ip.info.de
- mwwefdffjmlrbc684d.myfritz.net.de


snmpwalk -v3 -l authPriv -u user1 -a SHA -A "pwd1" -x AES -X "pwd1" 192.168.1.1

=======================================================================================================================================

pethPsePortAdminEnable
.1.3.6.1.2.1.105.1.1.1.3

#Ausgabe PoE Admin Status aller Ports
snmpbulkwalk -v3 -l authPriv -u user1 -a SHA -A "pwd1" -x AES -X "pwd1" 192.168.1.1 .1.3.6.1.2.1.105.1.1.1.3

possible values are:

1 (enable PoE on Port)
2 (disable PoE on Port)

#Enable PoE an Port 1
snmpset -v3 -l authPriv -u user1 -a SHA -A "pwd1" -x AES -X "pwd1" 192.168.1.1 SNMPv2-SMI::mib-2.105.1.1.1.3.1.1 i 1

#Disable PoE an Port 1
snmpset -v3 -l authPriv -u user1 -a SHA -A "pwd1" -x AES -X "pwd1" 192.168.1.1 SNMPv2-SMI::mib-2.105.1.1.1.3.1.1 i 2

=======================================================================================================================================

pethPsePortDetectionStatus
.1.3.6.1.2.1.105.1.1.1.6

snmpget -v3 -l authPriv -u user1 -a SHA -A "pwd1" -x AES -X "pwd1" 192.168.1.1 .1.3.6.1.2.1.105.1.1.1.6.1.1

possible values are:

1 (disabled)
2 (searching)
3 (delivering power)
4 (fault)
5 (testing)
6 (other fault)
DFS = Dynamic Frequency Selection

Europäische Richtlinie die besagt das im 5-GHz Band Wetter oder Militärradar vorrang haben. Der Access Point prüft regelmässig
ob eine Quelle aktiv ist .. solch ein Test kann bis 10 Minuten dauern, in dieser Zeit geht das WLAN nicht / hat einschränkungen.

Für Deutschland betrifft das die Kanäle 52 bis 64 + 100 bis 140

>> Massnahme:
folgende 5-GHz Kanäle nutzen: 36,40,44 + 48
when trying to connect to an old ssh server .. the message


comes: no matching cipher found. Their offer: des,3des-cbc

Solution:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc <ip>
#!/usr/bin/perl
###############################################################################
#
# cleanUpPostfixQueue.pl
#
# (c) s4c 2018-08
#
###############################################################################
$now=` date "+%H:%M:%S"`;
chomp($now);
$now_s = getSeconds($now);
#print "now: $now, $now_s\n";

open(IN, "/usr/sbin/sendmail -bp |");
$counter=0;
$deleted=0;
while(<IN>){
$line=$_;
chomp($line);
#print "$line\n";

#match line:
#3A3E16DC39CD 5474 Fri Aug 24 09:34:34 MAILER-DAEMON
$format = '%a %b %d %H:%M:%S %Y';
if ($line=~/^([\d|\w]*)\s*(\d*).*(\d\d:\d\d:\d\d)\s*MAILER-DAEMON$/ ){
$counter++;
$id=$1;
$size=$2;
$date=$3;
$date_s = getSeconds($date);
$diff = $now_s - $date_s;

print "id=$id, size=$size, date=$date. diff=$diff.";

if ($diff > 3600){
print "deleting id $id.";
system("/usr/sbin/postsuper -d $id >dev/null");
$deleted++;
};
print "\n";
}
}
close(IN);

print "total: $counter, deleted: $deleted\n";

sub getSeconds($){
$ret=-1;
if ($_[0]=~/(\d\d):(\d\d):(\d\d)$/){
$ret = $3 + ($2*60) + ($1 * 60 * 60);
}
return $ret;
}
#!/bin/bash
# findDoSVisotor
#
# useful if CPU is very high .. find out the visitor, which causes the most
# network activity
#
netstat -lanp |grep ":443" | awk {' print $5'} | cut -d: -f 1 |sort |uniq -c | sort -nk 1


###########################


#!/bin/bash
# blockIPaddress.sh
#
# block IP address to access 443
#
if [ -z "$1" ]
then
echo "usage: blockIPaddress.sh <IP>"
exit
fi

iptables -A INPUT -p tcp --dport 443 -i eth0 -s $1 -j DROP
using wmi:

C:\> wmic /node:<TARGET-System> softwarefeature list brief /format:htable > soft.htm

while true; do cat /proc/cpuinfo |grep -i mhz; sleep 2; done
Security Search

https://www.shodan.io/
-------------------------
- procurve remote mirror
-------------------------
https://community.hpe.com/hpeb/attachments/hpeb/switching-a-series-forum/3662/1/Port%20mirroring.pdf

on destination switch / switch where analyzer is connected:
mirror endpoint ip < src-ip > < src-udp-port > < dst-ip > < port-# >
no mirror endpoint ip < src-ip > < src-udp-port > < dst-ip >

example: -destination switch is 192.168.2.250 > monitor port 24
-source switch is 192.168.2.233
mirror endpoint ip 192.168.2.233 7922 192.168.2.250 port 24

show monitor


on source switch / switch with traffic of interest:
Syntax: [no] mirror < 1 - 4 > [name < name-str >] remote ip < src-ip >< src-udp-port > < dst-ip >

example:
mirror 1 remote ip 192.168.2.233 7922 192.168.2.250

#add interface to monitor
interface 10 monitor all both mirror 1

computer2know :: thank you for your visit :: have a nice day :: © 2018