All public logs
From Notes_Wiki
Combined display of all available logs of Notes_Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)- 06:14, 8 September 2023 Saurabh talk contribs created page Paloalto URL filtering (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto URL filtering =Creating desired URL filtering policy= Clone the default URL filtering policy default and configure a URL filtering policy as per organization (Eg block violence sites). The meaning of category eg business is not explained anywhere on the interface and is left up to interpretation. However there is a check URL link. https://urlfiltering.paloalt...")
- 06:10, 8 September 2023 Saurabh talk contribs created page Paloalto troubleshooting options (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options *Paloalto firewall packet capturing *Paltalto firewall Monitor Session Browser *Paltalto firewall Monitor allowed/denied traffic Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options")
- 06:10, 8 September 2023 Saurabh talk contribs created page Paltalto firewall Monitor allowed/denied traffic (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options > Paltalto firewall Monitor allowed/denied traffic Go to Monitor -> Logs -> Traffic. Here we filter for source/destination. Here unlike session monitoring we can see historic (Based on log storage capacity of firewall) sessions and whether they were allowed or denied. Example filter ( addr.dst in 192.168.0.0/24 ) Same as monitor ->...")
- 06:09, 8 September 2023 Saurabh talk contribs created page Paltalto firewall Monitor Session Browser (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options > Paltalto firewall Monitor Session Browser We can monitor for sessions from specific source or to specific destinations to see whether they are even going through firewall. Once we go to Monitor -> Session Browser and configure filters. For filter click on any source / destination etc. listed and change the value. Example filter to s...")
- 06:06, 8 September 2023 Saurabh talk contribs created page Paloalto Policy based forwarding (PBF) (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto Policy based forwarding (PBF) On PBF note that: * We dont need PBF for incoming NAT reply packets. Using ECMP with symmetric return on router is enough. * Dont do PBF with a specific ISP when the same source machine LAN machine is NAT with public IP of other ISP. In that case reply packets try to use a different ISP (As per PBF) and configuration does not works...")
- 06:00, 8 September 2023 Saurabh talk contribs created page Paloalto using ECMP for active/active ISP connectivity (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > aloalto using ECMP for active/active ISP connectivity =Enabling ECMP= If organization has multiple ISPs then: # Enable ECMP in virtual router with symmetric return. We can enable up to 4 equal cost routes via ECMP # After commit check "runtime stats" local routing table of the device (Should be done on device, cant be done via panorama) and validate that we have default r...")
- 05:44, 8 September 2023 Saurabh talk contribs created page Paloalto NAT examples (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto NAT examples =NAT of public IP to private IP on a few ports= To NAT a public IP:port to private IP:port use: # Create WAN to WAN Security rule with destination as NATed public IP with all services and all ports # Create NAT rule from WAN to LAN with source IP as any and destination IP as WAN public IP. After NAT change the destination IP to LAN IP. Here in NAT...")
- 05:41, 8 September 2023 Saurabh talk contribs created page Paloalto Configure firewall for proxy DNS (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto Configure firewall for proxy DNS Palo Alto Networks firewalls can act as DNS servers for local users. By configuring DNS Proxy on the firewall, you can intercept DNS requests from internal clients and forward them to external DNS servers or resolve them locally. =Configure DNS proxy via setup and service route configuration= To check the DNS settings on a Palo A...")
- 05:34, 8 September 2023 Saurabh talk contribs created page Paloalto general notes or best practices (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto general notes or best practices =Add /32 netmask for a single IP= Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail. Home > Enterprise security devices or applications >...")
- 04:43, 8 September 2023 Saurabh talk contribs created page Check cluster health via nagios plugin (Created page with "Home > Suse > SAP setup and maintenance > Check cluster health via nagios plugin We can monitor cluster health using nagios plugin using: '''Not tested in production''' #Create a plugin to be called via nrpe on the cluster host '<tt>/usr/lib64/nagios/plugins/cluster_check.sh</tt>' with: <source type="bash"> #!/bin/bash # Run crm status command and capture output crm_output=$(crm status 2>&1) # Check for error or warning in output, ignoring ca...")
- 04:31, 8 September 2023 Saurabh talk contribs created page Check cluster status via systemd service (Created page with "Home > Suse > SAP setup and maintenance > Check cluster status via systemd service We can check cluster status via a systemd script using: '''Not tested in production''' # Setup outgoing email via postfix on the system so that email can be sent using mail command via CentOS 8.x postfix send email through relay or smarthost with smtp authentication # Create a systemd script '<tt>/etc/systemd/system/cluster_status_check.service</tt>' with: <s...")
- 05:56, 19 July 2023 Saurabh talk contribs created page Rocky 9.x Add UEFI boot option in BIOS (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Add UEFI boot option in BIOS If for some reason UEFI boot option from BIOS for Rocky is removed and you want to add it again use: # Disable secure boot. This may require shimx64 efi image # Add a new option for Rocky pointing to '<tt>EFI/rocky/grubx64.efi</tt>' file under EFI boot partition # Eithe...")
- 10:47, 16 June 2023 Saurabh talk contribs created page Ubuntu 20.04 Zabbix agent installation (Created page with "Home > Ubuntu > Server or Desktop administration > Ubuntu 20.04 Zabbix agent installation To install Zabbix agent in Ubuntu 20.04 machine use: # Install Zabbix repository #:<pre> #:: wget https://repo.zabbix.com/zabbix/6.4/ubuntu/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu20.04_all.deb #:: dpkg -i zabbix-release_6.4-1+ubuntu20.04_all.deb #:: apt update #:</pre> # Install Zabbix agent using: #:<...")
- 08:39, 16 June 2023 Saurabh talk contribs created page Monitor esxi resource utilization via esxtop command (Created page with "Home > VMWare platform > VMWare vSphere or ESXi > Monitor esxi resource utilization via esxtop command esxtop is a command-line tool that provides real-time information about resource usage in your ESXi environment. It can provide you with a wealth of data on CPU, memory, disk, and network usage. Here's a step-by-step guide on how to use esxtop to monitor an ESXi host: # Connect to the ESXi host via SSH #: This assumes SSH to ESXi host is ena...")
- 07:50, 16 June 2023 Saurabh talk contribs created page Cisco ASA firewall (Created page with "Home > Enterprise security devices or applications > Cisco ASA firewall *Cisco ASA firewall basic initialization Home > Enterprise security devices or applications > Cisco ASA firewall")
- 07:50, 16 June 2023 Saurabh talk contribs created page Cisco ASA firewall basic initialization (Created page with "Home > Enterprise security devices or applications > Cisco ASA firewall > Basic initialization Consider requirement as follows to initialize a ASA firewall: * DMZ IP of 192.168.11.1/24 for servers * WAN public IP 1.1.11.213/30 for Internet * LAN IP of 192.168.100.1/24 for LAN users * Additional 192.168.10.0 subnet for LAN accessible via L3 switch 192.168.100.2 * Outgoing internet access for LAN users from...")
- 07:06, 16 June 2023 Saurabh talk contribs created page VMWare Platform Miscellaneous (Created page with "Home > VMWare platform > VMWare Platform Miscellaneous *VMWare Useful Links Home > VMWare platform > VMWare Platform Miscellaneous")
- 07:06, 16 June 2023 Saurabh talk contribs created page VMWare Useful Links (Created page with "Home > VMWare platform > VMWare Platform Miscellaneous > VMWare Useful Links We can use following useful links related to VMWare platform: ; Configuration Maximums : We can find out maximum limit eg no. of datastores, no. of hosts, no. of VLANs, etc. for any particular VMWare product version using https://configmax.esp.vmware.com/home ; Product Interopibility Matrix : We can check whether products will work together or not. Eg Whether a parti...")
- 06:52, 16 June 2023 Saurabh talk contribs created page Proxmox Change disk configuration of VM with snapshots (Created page with "Home > Debian > Proxmox virtual environment > Proxmox Change disk configuration of VM with snapshots In proxmox we can take snapshots of the VM. However, if we want to change existing disks (eg remove one hard-disk) and then add another new hard-disk then there is concern on how will snapshots be effective if a disk is removed / added. Thus, for a example requirement where we need to remove a old disk from a Linux VM and add a new disk with...")
- 08:53, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Package management (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management *Rocky 9.x Erlang installation Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management")
- 08:53, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Erlang installation (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management > Erlang installation At the time of this writing erlang package was not available as part of Rocky 9.x repos listed below: ; appstream : Rocky Linux 9 - AppStream ; baseos : Rocky Linux 9 - BaseOS ; epel : Extra Packages for Enterprise Linux 9 - x86_64 ; e...")
- 08:13, 15 June 2023 Saurabh talk contribs created page Paloalto give static management IP to new firewall (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto give static management IP to new firewall After deploying a new virtual or physical palo-alto firewall use following on console to assign management IP: # Login with admin/admin #: Note that it may not work immediately. You may have to wait 5-10 minutes for it to work # During first login firewall will force to change default admin password # Then use below to as...")
- 07:57, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Upgrade Rocky 8.x to Rocky 9.x (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Upgrade Rocky 8.x to Rocky 9.x To upgrade from Rocky 8 to Rocky 9 use: # Ensure sufficient free space in / before proceeding # Go to URL https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/ # Note package names for rocky-release, rocky-repos and rocky-gpg-keys. Eg at time of t...")
- 07:55, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Upgrade from CentOS Stream to Rocky (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Upgrade from CentOS Stream to Rocky The below steps would work both on CentOS Stream 8 and CentOS Stream 9, to convert them to Rocky 8.x or Rocky 9.x appropriately. # Ensure sufficient free space in / before proceeding # Update to latest packages in CentOS Stream using: #:<pre> #:: dnf updat...")
- 07:22, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Information tools (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools *Rocky 9.x atop '''There is older information on other tools at Information tools''' Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools")
- 07:22, 15 June 2023 Saurabh talk contribs created page Rocky 9.x atop (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools > atop =About atop= Atop is a more comprehensive monitoring tool. It looks at CPU, RAM, hdd, etc. all parameters while monitoring. This can be useful if combination of various parameters need to be monitored using same tool. To start atop use: <pre> atop </pre> =Using atop for system activity recording similar to sar= Atop can...")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Syslog servers (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers *Rocky 9.x rsyslog server Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x rsyslog server (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server *Rocky 9.x Setup rsyslog server for accepting remote device logs '''There are older articles on rsyslog at:''' Rsyslog configuration Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Setup rsyslog server for accepting remote device logs (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server > Setup rsyslog server for accepting remote device logs To setup a new rsyslog server on Rocky 9.x use: # Install rsyslog package via: #:<pre> #:: dnf -y install rsyslog #:</pre> # Disable SELinux (setenforce 0, edit /etc/sysconfig/selinux) # Di...")
- 06:58, 15 June 2023 Saurabh talk contribs created page Sophos Connect to passive firewall when two firewall are in active/passive HA (Created page with "Home > Enterprise security devices or applications > Sophos Firewall or IPS > Sophos Connect to passive firewall when two firewall are in active/passive HA When two firewalls are in active/passive HA, if we connect to LAN/WAN IPs over https or ssh, we get connected only to active firewall. If we want to check something specific about passive firewall then we can ssh to passive firewall from active firewall. Thus, first we need to SSH to activ...")
- 11:52, 14 June 2023 Saurabh talk contribs created page Enable IPv6 and IGMP snooping on VLAN 3939 required for VxRail (Created page with "Home > VMWare platform > VxRail > Enable IPv6 and IGMP snooping on VLAN 3939 required for VxRail VxRail by default requires VLAN 3939 for nodes to discover each other. Ideally on this VLAN we should enable IGMP snooping and IPv6. The same can be done for a few switch makes as follows: =Dell switch= <pre> config t ip igmp snooping enable ipv6 mld snooping enable exit show ipv6 mld snooping interface vlan 3939 </pre> =Aruba or HP...")
- 13:39, 11 June 2023 Saurabh talk contribs created page Panorama NAT examples (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Panorama NAT examples =NAT from public IP to private IP via panorama only for a specific destination= When packets are coming from a specific WAN IP (Src-pub-IP1) and going to a specific WAN public IP (dst-pub-IP2) and need to be translated to a LANIP (dst-priv-IP3) for a specific service on port (service-port1) then we need to do following configuration in panorama: ==Pol...")
- 07:22, 11 June 2023 Saurabh talk contribs created page Managing windows services using sc command (Created page with "Home > Windows > Windows Desktop Tools or Utilities > Managing windows services using sc command Normally we can go to Services option in control panel (or under computer management) to look at status of various services and start/stop them. However there is also option to start/stop service via commandline. =Finding name of service= Look at servicename in properties of service when opened using services under control panel =Start service fr...")
- 07:14, 11 June 2023 Saurabh talk contribs created page CentOS 8.x Unattended nomachine (Created page with "Home > CentOS > CentOS 8.x > CentOS 8.x remote access > nomachine > Unattended nomachine In case of machine which is only booted but no graphical user login has been done yet, nomachine remote may not work. In such cases if nomachine is leading to blank screen then try: # Edit '<tt>/usr/NX/etc/server.cfg</tt>' and set: #:<pre> #:: CreateDisplay 1 #:: DisplayOwner "saurabh" #:</pre>...")
- 07:08, 11 June 2023 Saurabh talk contribs created page Rocky 8.x New laptop OS configuration (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 8.x > System Administration > Rocky 8.x New laptop OS configuration =OS installation= # Prepare bootable Rocky Linux 8 USB using: #:<pre> #:: dd if=Rocky-8.7-x86_64-dvd1.iso of=/dev/sdd #:: sync #:</pre> #::'''Assumes umount /dev/sdd* is done and that /dev/sdd does not has any critical data''' before itself. #: This can also be done using Rufus in Windows by using dd...")
- 05:41, 11 June 2023 Saurabh talk contribs created page VCenter 6.7 or 7 certificate expiry leading to 503 service not available error (Created page with "Home > VMWare platform > VMWare vCenter > vCenter 6.7 or 7 certificate expiry leading to 503 service not available error If vCenter internal certificates expire we may get 503 service unavailable error or other errors as shown at VMWare KB https://kb.vmware.com/s/article/76719 To solve this use: # You can validate whether you have this issue or not via steps explained at https://kb.vmware.com/s/article/79248 ## Downlooad checksts script from...")
- 05:05, 11 June 2023 Saurabh talk contribs created page Rocky 9.x System Administration (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration *Rocky 9.x New machine configuration Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration")
- 05:05, 11 June 2023 Saurabh talk contribs created page Rocky 9.x New machine configuration (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > New machine configuration *Rocky 9.x Configure new laptop for personal use Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > New machine configuration")
- 05:05, 11 June 2023 Saurabh talk contribs created page Rocky 9.x Configure new laptop for personal use (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > New machine configuration > Configure new laptop for personal use =OS installation= # Prepare bootable Rocky Linux 9 USB using: #:<pre> #:: dd if=Rocky-9.0-x86_64-dvd.iso of=/dev/sdd #:: sync #:</pre> #::'''Assumes umount /dev/sdd* is done and that /d...")
- 11:26, 31 May 2023 Saurabh talk contribs created page Comparing MDM with DLP with End-point security (Created page with "Home > Security tips > Comparing MDM with DLP with End-point security Endpoint Security, Data Leak Prevention (DLP), and Mobile Device Management (MDM) are three distinct but complementary technologies that address different aspects of security in an organization. Here's a comparison of these three and their typical use cases: =Endpoint Security= This focuses on securing endpoints, or end-user devices like desktops, laptops, and mobile devices. En...")
- 11:06, 31 May 2023 Saurabh talk contribs created page Generate new CSR by referring existing details from current certificate including private key (Created page with "Home > Security tips > Generate new CSR by referring existing details from current certificate including private key This internally refers Openssl. '''This is not fully tested.''' To generate a new CSR from existing certificate and key, then sign it and then import it use: # On existing server with certificate and key, open mmc -> Certificate # Export existing certificate with key in pfx format. #: Need to give a password while exporting...")
- 06:40, 24 May 2023 Saurabh talk contribs created page Ubuntu HPC Create new user (Created page with "Home > Ubuntu > HPC setup with openpbs and openmpi > Create new user Once HPC setup is done properly, to create any new user (eg user3) please use below steps: #Create user using: #:<pre> #:: useradd -m -d /export/home/user3 -s /bin/bash user3 #:: passwd user3 #:</pre> #Create SSH key and configure them as authorized using: #:<pre> #:: su - user3 #:: ssh-keygen #:: cat ~/.ss...")
- 05:01, 22 May 2023 Saurabh talk contribs created page Executing powershell script on Windows machine (Created page with "Home > Windows > Windows Desktop Tools or Utilities > Executing powershell script on Windows machine =Normal execution of powershell script= To execute powershell script in Windows use: * Right click on powershell script and use "Run with powershell" option OR * Open a powershell Window. Run powershell script with full / relative path. Eg "cd C:\Users\Example\Downloads & .\Script1.ps" =Changing powershell Execution Policy= However, executio...")
- 10:51, 19 May 2023 Saurabh talk contribs created page Rocky 8.x GIMP (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 8.x > Desktop tools or applications > GIMP =GIMP shortcuts= We can use following shortcuts in GIMP: ; p paintbrush (Tools -> Paint Tools -> Paint Brush) : We can click to paint using selected brush. : Brush selection - Windows -> Dockable Dialogs -> Tool options : Drawing Line - If we click at a point and then go to other point. On other po...")
- 10:18, 19 May 2023 Saurabh talk contribs created page Windows 10 Enable very long file paths (Created page with "Home > Windows > Windows 10 > Enable very long file paths To enable very long paths in Windows use: # Open registry using '<tt>regedit.exe</tt>' ## Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem ## Edit (or create new if required) LongPathsEnabled as 32-bit D-Word value ## Set the value for LongPathsEnabled to 1. # In case of domain environments also open Group Policy Editor '<tt>gped...")
- 07:34, 17 May 2023 Saurabh talk contribs created page Simple while loop with count in shell script (Created page with "Home > Shell scripting > Useful bash shell scripts > Simple while loop with count in shell script If we need to execute something specific no. of times, we can use while loop with count such as: <pre> q=0; while q -lt 3 ; do ((q++)); echo $q; done </pre> Here update value of limit from 3 to the desired number of loop executions. Also instead of echo $q; put the command to be executed again and again. For example to generate 10 random pa...")
- 07:30, 17 May 2023 Saurabh talk contribs created page Remotely change Windows password (Created page with "Home > Windows > Windows Desktop Tools or Utilities > Remotely change Windows password Normally for safety change password option comes after we press 'Ctrl+Alt+Del'. This cannot be done remotely as the sequence would get consumed by local system, instead of it being transmitted to remote machine over remote desktop. In such cases to change password use: # Create a new shortcut with target value of: #:<pre> #:: explorer.exe shell:::{2559a1f2-...")
- 07:17, 17 May 2023 Saurabh talk contribs created page Paloalto firewall captive portal (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Captive Portal For captive portal via AD we need to add a LDAP server, create group mapping, create authentication profile and optionally create authentication sequence as explained at Paloalto firewall AD integration. Here for captive portal select appropriate AD Group eg "Captive Portal Users" instead of VPN related group as explain...")
- 06:51, 17 May 2023 Saurabh talk contribs created page Paloalto firewall AD integration (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > AD integration To integrate palo-alto firewall with AD use following steps: # Finding base DN of AD and also DN of authenticating service user ## Login into system connected to AD and open "Active Directory Users and Computers". ## Enable View -> "Advanced Features". Without this we cannot see LDAP attributed such as DN required for integr...")
- 05:45, 17 May 2023 Saurabh talk contribs created page Microsoft Exchange smart host or Send connector settings (Created page with "Home > Windows > Microsoft Exchange Server > Smart host or Send connector settings It might be required to send outgoing emails to a particular domain (or all outgoing emails) via a SMTP Gateway / Smart host or Send connector. To configure the same (or view existing configuration) use: # Login into exchange admin center via Web UI # Go to "Mail Flow" -> "Send connectors" # Here we can ei...")