Certified in Cyber Security Full Practice Test #1

February 5, 2023 admin Leave a comment

Created on February 05, 2023 By

admin

Certified in Cyber Security FULL practice test #1

1 / 2

When would be a time we should update our Business Continuity Plan (BCP) and its sub plans outside of our annual cycle?

We wouldn’t every 12 months is fine.

We had a disaster and we had a lot of gaps in our plans.

When we patch our Windows servers.

When we add a new server.

2 / 2

When we are talking about data remanence, what does that refer to?

Data left over after normal removal and deletion.

Files saved locally and not on a remote storage device.

All the data on our systems.

Data we are actively using and therefore can’t encrypt.

Your score is

The average score is 83%

Uncategorized

Math Quiz

January 30, 2023 admin Leave a comment

0 votes, 0 avg

Created on January 30, 2023

Mathematic Quiz

Math quiz helps us to increase our knowledge

1 / 3

5*40

300

100

200

2 / 3

10+20

3 / 3

150/3

100

Your score is

Please rate this quiz

Uncategorized

Recreating missing virtual disk (VMDK) Descriptor File Vmware

July 12, 2022 Prashant Kumar Leave a comment

Recreating missing virtual disk (VMDK) Descriptor File

Problem-

You just noticed that virtual machine’s VMDK files are missing and lost somehow. The reason, not able to start VM and when you try to add existing HDD – existing VMDK and -flat. VMDK files are not available to attach with Virtual Machine too.

Solution –

We need to recreate missing VMDK files, to add VMDK files and start Virtual Machine.

Login to ESXI PS with Putty. Make sure, SSH service is enabled and running for the PS.
Switch to the directory where your virtual machine is located.

cd /vmfs/volumes/<<datastore>>/VM-Directory

cd /vmfs/volumes/5d406ca3-62654bd0-75fd-e4434b75ed38/APP-U1-63-25

3. Run below command to identify and record the exact size of the existing flat vmdk file for the VM.

ls -ltr *

-rw——- 1 root root 16106127360 Jun 21 12:20 APP-U1-63-25-flat.vmdk

-rw——- 1 root root 214748364800 Jun 21 10:49 APP-U1-63-25_1-flat.vmdk

4. Run the vmkfstools to create new virtual disk, i.e VMDK (Descriptor File)

vmkfstools -c 16106127360 -d thin -a lsilogic APP-U1-63-25-OS.vmdk

vmkfstools -c 214748364800 -d thin -a lsilogic APP-U1-63-25-DATA.vmdk

5. As mentioned, there are 2 new files created: APP-U1-63-25-OS.vmdk and APP-U1-63-25-DATA.vmdk are created as a result.

ls -ltr

–rw——- 1 root root 16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——- 1 root root 214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

-rw——- 1 root root 546 Jun 21 21:05 APP-U1-63-25-OS.vmdk

-rw——- 1 root root 550 Jun 21 21:05 APP-U1-63-25-DATA.vmdk

-rw——- 1 root root 214748364800 Jun 22 05:08 APP-U1-63-25_1-flat.vmdk

-rw——- 1 root root 16106127360 Jun 22 05:08 APP-U1-63-25-flat.vmdk

6. We need to Rename APP-U1-63-25-OS.vmdk and APP-U1-63-25-DATA.vmdk to the name that is needed to match the orphaned -flat file.

mv APP-U1-63-25-OS.vmdk APP-U1-63-25.vmdk

mv APP-U1-63-25-DATA.vmdk APP-U1-63-25_1.vmdk

7. Now, it is final stage where editing descriptor file (APP-U1-63-25.vmdk and APP-U1-63-25_1.vmdk)

find the line with RW ####### and change the name of the -flat to match the orphaned -flat file you have. So, I changed to APP-U1-63-25-flat.vmdk and APP-U1-63-25_1-flat.vmdk respectively for both disks, as you can see in the image below.

vi APP-U1-63-25.vmdk

vi APP-U1-63-25_1.vmdk

8. You can now delete the below files created earlier. These are not required anymore.

–rw——- 1 root root 16106127360 Jun 21 19:21 APP-U1-63-25-OS-flat.vmdk

-rw——- 1 root root 214748364800 Jun 21 19:21 APP-U1-63-25-DATA-flat.vmdk

9. Attach the respective VMDK files to the virtual machine as earlier.

10. Now, All set and good to power on the virtual machine.

Uncategorized

USING CURL TO TROUBLESHOOT

July 28, 2020 admin Leave a comment

To use curl to test basic network connectivity, you need to know several things:

The remote server name or IP address.
The protocol for the service to be tested (HTTP, FTP, SMTP, etc.)
The port number for the network application you want to test.

To open a connection to a remote server, open a terminal window on your computer, and then type curl protocol://IP/host:port, where protocol is the communication protocol to be used IP/host represents the IP address or hostname of the server, and port represents the TCP port number. Port is optional when the standard port for a given protocol is used.

C:\>curl http://asgaur.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://asgaur.com/wp/">here</a>.</p>
</body></html>

Use curl to try and connect via SMTP protocol

C:\>curl smtp://asgaur.com
C:\>curl smtp://asgaur.com:2525 (2525 custom port if any)
214-Commands supported:
214 AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP

To test an FTP server, use curl to connect via ftp protocol or to port 21.

C:\>curl ftp://asgaur.com
C:\>curl asgaur.com:21
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 18 of 50 allowed.
220-Local time is now 10:04. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.

SSH uses encrypted connections. However, you can still use curl to verify that the service is running on a server.

C:\>curl asgaur.com:22
SSH-2.0-OpenSSH_XX

Linux

passwd: Authentication token manipulation error | RHEL 6

July 28, 2020 Prashant Kumar Leave a comment

Problem described as below-

Getting passwd: Authentication token manipulation error on RHEL6 Machine.

[root@ip-linuxbox~]# passwd user1
Changing password for user user1.
New password:
Retype new password:
passwd: Authentication token manipulation error

[root@ip-linuxbox~]# passwd -u user1 [Tried to unlock the account password.]
Unlocking password for user user1.
passwd: Libuser error at line: 179 – error creating `/etc/passwd+’: Permission denied.
passwd: Error (password not set?) [Getting Permission denied error hence passwd is not getting changed/updated. Hence, we need to restore the permission on passwd.]

[root@ip-linuxbox~]# chage -l user1
Last password change : Apr 03, 2019
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Solution-

[root@ip-linuxbox~]# rpm –setperms passwd [Restore permission on passwd file.]

[root@ip-linuxbox~]# which passwd | xargs chmod u+s [Setting required permission on passwd file.]

[root@ip-linuxbox ~]# restorecon /etc/* [ if SELinux context is properly set for, it will fix the same.]

[root@ip-linuxbox~]# passwd user1
Changing password for user user1.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

[root@ip-linuxbox~]# chage -l user1
Last password change : Jul 28, 2020
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Uncategorized

AQI Delhi

November 11, 2018 admin Leave a comment

[barChart width=”500px” stacked=”1″
legend=”{ position: ‘top’, maxLines: 2 }”
vaxis=”{title: ‘in $000’, titleTextStyle: {color: ‘blue’}}”
haxis=”{title: ‘Year’, titleTextStyle: {color: ‘blue’}}”]
[‘Year’, ‘Sales’, ‘Expenses’],
[‘2004’, 1000, 400],
[‘2005’, 1170, 460],
[‘2006’, 660, 1120],
[‘2007’, 1030, 540]
[/barChart]

[gvn_schart_2 id=”1″ width=”500″ height=”400″]

Aix, HP-UX, Linux, Solaris

File System shows 100% occupied but du tells different and still has Unused Spaces.

November 10, 2018 Prashant Kumar 1 Comment

We have faced an issue as below mentioned – found /oracle mount-point showing 100% as Used. But getting different size values for folders under /oracle mount-point, when we executed du -gs .

bash-4.4# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 4.00 1.39 66% 20686 6% /
/dev/hd2 4.00 1.02 75% 45679 16% /usr
/dev/hd9var 2.00 1.01 50% 16318 7% /var
/dev/hd3 2.00 1.83 9% 407 1% /tmp
/dev/hd1 1.00 0.16 85% 6124 12% /home
/dev/hd11admin 0.25 0.25 1% 5 1% /admin
/proc – – – – – /proc
/dev/hd10opt 0.50 0.07 87% 12979 44% /opt
/dev/livedump 0.25 0.25 1% 4 1% /var/adm/ras/livedump
/dev/fslv00 198.00 0.01 100% 440205 16% /oracle

bash-4.4# cd /oracle/
bash-4.4# du -gs *
0.00 AutoDeployment
5.45 Oracle
0.03 Patch
7.54 data01
11.67 fmw_12.1.3.0.0_wls
0.01 jboss
0.20 jdk
0.00 lost+found
0.92 wls1221

You may notice 100 % utilization for /oracle mount-point on the “df -g” output , but with “du -gs ” We found the files did not occupy the entire space.

It may be because of open files in the file-system. These open files hold space on the file-system to complete there execution, once the write operation is completed.

To overcome, from this issue, We need to follow below two steps:-

We need to find all such processes still running but using deleted files, in result – /oracle mount-point is showing 100% as Used.

bash-4.4# fuser -dV /oracle/
/oracle/:
inode=670047 size=5242722 fd=389 5570776
inode=1165305 size=20278 fd=1 8061106
inode=1165313 size=182335565824 fd=1 8716486
inode=1165305 size=20278 fd=1 9044152
inode=1165313 size=182335565824 fd=1 9371672
inode=1165305 size=20278 fd=1 11141354
inode=669981 size=5514335 fd=1 13041898

2. We have to kill all such processes as found in above command.

bash-4.4# kill -9 5570776
bash-4.4# kill -9 8061106
bash-4.4# kill -9 8716486
bash-4.4# kill -9 9044152
bash-4.4# kill -9 9371672
bash-4.4# kill -9 11141354
bash-4.4# kill -9 13041898

bash-4.4# fuser -dV /oracle/
/oracle/:

Aix, AWS, Cloud, General, HP-UX, Linux, Security, Shell Script, Solaris

How to Find Server Public IP Address in Linux Terminal

August 8, 2018 admin Leave a comment

root@test:/var/log/nginx# wget -qO – icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx# wget -qO- http://ipecho.net/plain | xargs echo
www.xxx.yyy.zzz
root@test:/var/log/nginx# wget -qO – icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx# curl icanhazip.com
www.xxx.yyy.zzz
root@test:/var/log/nginx#

Aix, General, HP-UX, Linux, Shell Script, Solaris, Tru64 UNIX

sed to play with data or parsing your text

August 7, 2018 Himanshu Midha Leave a comment

To select all the lines starting from STARTING_PATTERN up to blank line ^$ and then delete those lines.

# sed ‘/STARTING_PATTERN/,/^$/d’ filename

To edit files in place, use -i option.

# sed -i ‘/STARTING_PATTER/,/^$/d’ filename

Insert multiple lines into a file after specified pattern.

# sed ‘/cdef/r add.txt’ input.txt
# sed ‘/cdef/r add.txt’ input.txt

input.txt: abcd accd cdef line web	add.txt: line1 line2 line3 line4
Output : abcd accd cdef line1 line2 line3 line4 line web

If you want to apply the changes in input.txt file. Then, use -i with sed.

# sed -i ‘/cdef/r add.txt’ input.txt

If you want to use a regex as an expression you have to use the -E tag with sed.

# sed -E ‘/RegexPattern/r add.txt’ input.txt

Linux

Usefull Linux Commands for SAN LUN allocation in RHEL

June 20, 2016 admin Leave a comment

ls -l /dev/disk/by-* | grep lun-31
ls -l /dev/disk/by-* | grep lun-33
ls -l /dev/disk/by-* | grep lun-20
ls -l /dev/disk/by-* | grep lun-10
cat /sys/class/fc_transport/*/node_name
grep 50060160bee045be /sys/class/fc_transport/*/node_name
lsscsi
./inq.LinuxAMD64 -clariion
multipath -ll
df -h
cat /etc/fstsb
cat /etc/fstab
multipath -ll | grep mpathg
ls -ltr /data*
ls -ls /data*
ls -ld /data*
df -h
mount/dev/mapper/mpathg /data10
mount /dev/mapper/mpathg /data10
df -h
cd /data10
ls -ltr
du -hs regcss
rm -rf regcss
df -h
ls -ltr
vi /etc/fstab
cat /etc/fstsb
cat /etc/fstab
cd
mount /data10
umount /data10
mount /data10
df -h
multipath -ll | grep mpathk
multipath -ll | grep mpathl
ls -l /dev/disk/by-* | grep lun-33
echo “0 5 33” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 4 33” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-33
ls -l /dev/disk/by-* | grep lun-31
cat /sys/class/fc_transport/*/node_name
echo “0 5 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
cd /proc/scsi
ls
cd scsi
cd sg
ls
cd device
cd devices
cat devices
grep 0x50060160bee045be /sys/class/fc_transport/*/node_name
echo “0 0 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 1 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 3 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 3 33” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 1 33” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-33
grep 0x5006016b08605821 /sys/class/fc_transport/*/node_name
cat /sys/class/fc_transport/*/node_name
grep 0x5006016088605821 /sys/class/fc_transport/*/node_name
echo “0 2 33” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 4 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 2 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
grep 0x50060160bea0597f /sys/class/fc_transport/*/node_name
echo “0 3 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
echo “0 5 33” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-33
ls -l /dev/disk/by-* | grep lun-34
echo “0 5 34” > /sys/class/scsi_host/host1/scan
ls -l /dev/disk/by-* | grep lun-34
echo “0 2 34” > /sys/class/scsi_host/host2/scan
echo “0 2 34” > /sys/class/scsi_host/host1/scan
echo “0 4 34” > /sys/class/scsi_host/host1/scan
echo “0 4 34” > /sys/class/scsi_host/host2/scan
ls -l /dev/disk/by-* | grep lun-34
cd
mkdir /data11
mkdir /data12
multipath ll
multipath -ll
df -h | grep mpathp
history | grep ext4
mkfs.ext4 -L DATA11 -m 0 -b 2048 /dev/mapper/mpathp
df -h | grep mpathq
mkfs.ext4 -L DATA12 -m 0 -b 2048 /dev/mapper/mpathq
df -h
mkdir /data11
mkdir /data12
mount /dev/mapper/mpathp /data11
mount /dev/mapper/mpathp /data12
umount /data12
umount /data11
mount /dev/mapper/mpathp /data11
mount /dev/mapper/mpathq /data12
df -h
umount /data12
vi /etc/fstsb
vi /etc/fstab
df -h
umount /data11
mount all
mount -all
df -h
cat /etc/fstab
df -h
ls -ld /data*
chown -R orarh11g:dba /data11 /data12
ls -ld /data*
df -h
rm -rf /data12
cat /proc/scsi/scsi | egrep -i ‘Host:’ | wc -l
ls /sys/class/fc_host
df -h
cat /etc/fstsb
cat /etc/fstab
vi /etc/fstab
df -h
mount all
mount -all
mkdir /data12
mount -all
df -h
chown -R orarh11g:dba /data12
df -h
cat /sys/class/scsi_host/host*/device/fc_host/host*/node_name
for i in 0 1 2 3 4 5; do cat host$i/device/fc_host/host$i/port_name; done
for i in 0 1 2 3 4 5 6 7 8 9 10; do cat host$i/device/fc_host/host$i/port_name; done
cd /sys/class/scsi_host/
for i in 0 1 2 3 4 5 6 7 8 9 10; do cat host$i/device/fc_host/host$i/port_name; done
ls /sys/class/fc_host
fdisk -l |egrep ‘^Disk’ |egrep -v ‘dm-‘
multipath -ll
lspci | grep Fibre
lspci -v -s 05:00.0
ls -l /sys/class/scsi_host
ind /sys/class/pci_bus/0000\:05/device/0000\:05\:00.0/host*/rport-*/target*/*/state | awk -F’/’ ‘{print $11}’ | sort
find /sys/class/pci_bus/0000\:05/device/0000\:05\:00.0/host*/rport-*/target*/*/state | awk -F’/’ ‘{print $11}’ | sort
find /sys/class/pci_bus/0000\:05/device/0000\:05\:00.1/host*/rport-*/target*/*/state | awk -F’/’ ‘{print $11}’ | sort
cat /proc/scsi/scsi | grep scsi2
cat /proc/scsi/scsi | grep scsi1
find /sys/class/pci_bus/0000\:05/device/0000\:05\:00.0/host*/rport-*/target*/*/block/*/stat | awk -F’/’ ‘{print $11,$13}’
find /sys/class/pci_bus/0000\:05/device/0000\:05\:00.1/host*/rport-*/target*/*/block/*/stat | awk -F’/’ ‘{print $11,$13}’
udevadm info –query=path –name /dev/sdad
df -h
udevadm info –query=path –name /dev/mapper/mpathq
udevadm info –query=path –name /devices/virtual/block/dm-13
for port in /sys/class/fc_host/host[0-9]/port_name; { echo -n “$port : “; cat $port; }
history
CAILDB-63 scsi_host]#