byobu an enhanced Tmux/Screen utility

Byobu is a Japanese term for decorative, multi-panel screens that serve as folding room dividers. As an open source project, Byobu is an elegant enhancement of the otherwise functional, plain, practical GNU Screen. Byobu includes an enhanced profile and configuration utilities for the GNU screen and TMUX window manager, such as toggle-able system status notifications. Byobu is included by default on Ubuntu based systems due to the author being employed by Canonical and can be installed on other distros from their package managers.

Byobu displays two lines at the bottom of your screen. The upper one is the Caption line, and the lower one is the Hard Status.
byobu-1

Caption line shows your open windows, and highlights the one upon which you are focused, and optionally displays your user name, host name, IP address, and a hint that there is a Menu available if you press F9. The Hard Status line consists of color coded output and symbols with configurable and dynamically updated facts, statistics, and information about the local system. See the Status Notifications section below for more information.

  • F2  Create a new window
  • F3  Move to the previous window
  • F4  Move to the next window
  • F5  Refresh all status notifications
  • F6  Detach from the session and logout
  • Shift-F6  Detach from the session, but do not logout
  • F7  Enter scrollback/search mode
  • F8  Rename the current window
  • F9  Launch the Byobu Configuration Menu
  • F12  GNU Screen’s Escape Key
  • Alt-Pageup  Scroll back through this window’s history
  • Alt-Pagedown  Scroll forward through this window’s history
  • Shift-F2  Split the screen horizontally
  • Ctrl-F2  Split the screen vertically
  • Shift-F3  Move focus to the next split
  • Shift-F4  Move focus to the previous split
  • Shift-F5  Collapse all splits
  • Ctrl-F5  Reconnect any SSH/GPG sockets or agents
  • Shift-F12  Toggle all of Byobu’s keybindings on or off

More info download, doco, screenshots and and install instructions at:
http://byobu.co/
https://help.ubuntu.com/community/Byobu
https://launchpad.net/byobu

SSH logins with keys

Quick and dirty way to do this is to obviously first Install SSH key onto server and then:

On client:

 ssh-keygen -t dsa 

Then get the id_dsa.pub key over to the server or remote machine that only accepts SSH key logins, you can do that with ssh-copy-id or use your preferred method. Using ssh-copy-id you can issue:

 ssh-copy-id -i .ssh/id_dsa.pub username@server1 

That’s it! You should now be able to ssh into the remote server without a password and you can lock it down further by turning off password authentications by changing ‘PasswordAuthentication yes’ in the sshd_config file to ‘PasswordAuthentication no’ – just be CAREFUL doing this as you could stop access for others or lock yourself out.

Or on the server:

 cat id_dsa.pub >> .ssh/authorized_keys 

More reading:

http://ubuntu-tutorials.com/2007/02/05/unattended-ssh-login-public-key-ssh-authorization-ssh-automatic-login/

http://wiki.amahi.org/index.php/Key-based_SSH_Logins_With_Putty

http://www.thegeekstuff.com/2008/11/3-steps-to-perform-ssh-login-without-password-using-ssh-keygen-ssh-copy-id/

 http://olex.openlogic.com/wazi/2011/shh-openssh-secrets-here

 

Xirrus Wi-Fi Inspector

Here is an excellent FREE Wi-Fi tool for looking at wifi networks, it’s like netstumbler on steroids and easier and quicker to use than say Kismet, of course nothing beats hard core Kismet and Airodump etc, but this application has very good built-in tools!

Brief description:

The Xirrus Wi-Fi Inspector is a powerful tool for managing and troubleshooting the Wi-Fi on a Windows XP SP2 or later, Vista, or 7 laptop. Built in tests enable you to characterize the integrity and performance of your Wi-Fi connection. Applications include:

  • Searching for Wi-Fi networks
  • Managing and troubleshooting Wi-Fi connections
  • Verifying Wi-Fi coverage
  • Locating Wi-Fi devices
  • Detecting rogue APs

More info Download, Users Guide and Video Tutorial here:
http://www.xirrus.com/library/wifitools.php

How To Backup ESXi Configuration

VMWare ESXi 4 host server configuration can be backed up to a configuration file using the vSphere CLI which can be downloaded from here: http://www.vmware.com/support/developer/vcli/

The vicfg-cfgbackup.pl script allows you to take a backup of the ESXi Host configuration, components such as networking, storage, IP, DNS and other settings are saved. In a disaster situation we can simply build a new ESXi host and restore the configuration with this script.

Example commands:

BACKUP:

 E:Program Files (x86)VMwareVMware vSphere CLIbin>vicfg-cfgbackup.pl -save -server 10.10.100.24 -username root -password ******** svm001.bak 

RESTORE:

 E:Program Files (x86)VMwareVMware vSphere CLIbin>vicfg-cfgbackup.pl -load -server 10.10.100.24 -username root -password ******** svm001.bak 

You can also do this with the vMA appliance http://www.vmware.com/support/developer/vima/

vSphere Inventory Snapshot

InventorySnapshot allows a user to “snapshot” a given vCenter inventory configuration and then reproduce it. The “inventory” includes the Datacenter folders, datacenters, clusters, resource pools, vApps, hierarchy, roles and permissions, configuration settings, and custom fields. In other words, if you have an inventory with a given set of hosts and VMs organized into a group of clusters, we can faithfully reproduce this environment, including the cluster settings and custom roles you may have defined. As a simple example, suppose you have an inventory with one datacenter (DC A), one cluster (Cluster A), and two hosts (Host A and Host B). At a high level, our fling emits a PowerCLI script that, when executed, does the following:

  1. Creates Datacenter “DC A.”
  2. Creates cluster “Cluster A.”
  3. Adds host “Host A” to “Cluster A.”
  4. Adds host “Host B” to “Cluster A.”

Notice that this can be helpful for a variety of reasons. For example, suppose you’ve spent a lot of time creating a development vCenter environment, and now you wish to deploy it in production. Using our fling, you can snapshot your “dev” environment and then run it against the “production” vCenter server, saving you the task of laboriously adding each host, creating the proper clusters and resource pools, etc

More info and Download: http://labs.vmware.com/flings/inventorysnapshot

Article by David Davis: http://www.virtualizationadmin.com/articles-tutorials/vmware-esx-and-vsphere-articles/general/using-the-new-free-inventory-snapshot-vsphere-vmware-labs.html

 

 

countryipblocks.net

Country IP Blocks was created as a resource to protect servers, systems and websites from spam, malware, cross-site scripting, website hijacking, hacking, cracking and other malicious activities. When properly implemented, using our network data in your security scripts, firewalls, Access Control Lists or .htaccess files will dramatically improve your I.T. security.

The Country IP Database
Our database contains up to the minute network information on nearly 250 countries worldwide. We provide the data free of charge in CIDR and Netmask format.

We Update Our Database Daily
Our Country IP Database was designed with two goals in mind: Accuracy and availability. The database is derived directly from the Registry sources and is updated as often as the Regional Registries provide new or altered network allocations. This means we update our entire Country IP Database at least daily or more often as required.

More info and download addresses from http://www.countryipblocks.net

Also look at generating IPtables blocklists with a automated web based script at http://blacklist.linuxadmin.org

 

 

 

 

Bulk import Country IPs for blocking with Windows Server

If you want to block IP addresses by Country on a Windows Server then you can do so with these scripts and utilites, the WS2008R2 VBScript works very well and is a little easier to setup thanks to the new WS2008R2 firewall. For WS2003 you can use the IISIP utility which essentially does the same, however due to the firewall limitations in 2003 this uses IIS to deny and you have to create and edit some XML files, fairly easy really.

These would be suited for a server running IIS in a DMZ or something similar and it would obviously be better to do this at the firewall level, however in many cases this may not be available if you server is hosted or the hardware based firewall does not have this sort of functionality.

Bulk import IPs for blocking in WS2008R2 Firewall:
http://blog.whitesites.com/Bulk-import-IPs-into-your-Windows-Server-2008-R2-Firewall__634324176371718750_blog.htm

Download VB Script from whitesites: http://blog.whitesites.com/blogs/files/WhiteSites-Batch-IP-Firewall-Script_634465934264843750.zip

IISIP for Windows Server 2003:
http://www.hdgreetings.com/other/Block-IP-IIS/