Excellent site to understand deployment

Need a step by step tutorial on Sysprep, ImageX or other Windows’ deployment methods?  Me, Myself and IT has excellent step by step tutorials on these different methods.

Getting started using Windows Deployment

Create a Windows PE USB    (Includes Dropbox download)

Capture an image using ImageX

Apply a WIM using ImageX

How to build an UnAttended Answer File

Adding drivers

Preparing and Using Sysprep

Experiments with Sysprep

MDT

OPSWAT Gears – Manage your devices’ security remotely

Have mobile devices, servers and need to monitor these devices remotely?  OPSWAT Gears allows you to monitor your computers remotely – update antivirus software, discover compromised devices, manage threats and more.

MySQL Wworkbench – manage your MySQL installation

If you are a beginner or an expert, MySQL Workbench is a must have if you have installed MySQL.  The community edition allows you to Start/Stop your MySQL instance, write queries, monitor performance and has dozens of other features.

With MySQL, the my.conf file normally found in Linux installs is the my.ini file.  This configuration file can be found under the ProgramData folder (you have to show hidden files in Windows Explorer to see it).   This file can be configured using MySQL Workbench.   If you get an error connecting to it, go to the server instance and navigate to the my.ini file.   This is a common error when reading the configuration file.

WorkBench Status

Other features -

SQL Editor – SQL Code Completion, SQL Code Formatter, SQL Syntax Highlighting, SQL Code Generation, SQL History, SQL Snippets, Server-Stop/Start, Server Status, Performance and more.

WorkBench One

 

 

Commands in Telnet – DD-WRT and Tomato routers

If you have flashed your router with DD-WRT or Tomato you can probably use the following linux commands in the picture below.

Before you get started, you’ll need to enable Telnet client on your Windows computer.  Go to Programs and Features under the Control Panel.   Telnet client is found under add/remove features.

If you want to capture the information to a local Windows computer, during the telnet session, make a folder on your C: drive named telnet.  Then type :

telnet youripaddress -f c:\telnet\capture.txt

Enter your username and password.

Want to see the commands that are available?  Type ls /*bin /*/*bin . – ls will list the commands and used with bin will give the commands found in the different directories that have ‘bin’ in the name.

commands

While there are hundreds of command options for both operating systems, they are primarily Linux.

Here’s a great list – link.  (Not all commands will work)

uname -a gives the Linux version

Linux

 

Want to see a ton of information about your router?  Type sysinfo | more

This will give you information about the system including CPU, memory, network and a ton of other information.

unknown login: root
Password:
Tomato v1.28.0000 MIPSR2-120 K26 Max
========================================================
Welcome to the Linksys E2000 [TomatoUSB]
Uptime: 00:39:53 up 1:54
Load average: 0.16, 0.03, 0.01
Mem usage: 30.8% (used 8.88 of 28.84 MB)
WAN : 192.168.0.3/24 @ C0:C1:C0:xx:xx:xx
LAN : 192.168.1.1/24 @ DHCP: 192.168.1.2 – 192.168.1.51
WL0 : Zeus @ channel: 6 @ C0:C1:C0:xx:xx:xx
========================================================
root@unknown:/tmp/home/root# ls /*bin
/bin:
ash date fgrep ls netstat ping sed udpxy
busybox dd grep mdu nice ping6 sh umount
cat df gunzip mkdir ntpc ps sleep uname
chmod dmesg gzip mknod ntpstep pwd stty usleep
chown eapd kill more ntpsync rm sync vi
cp echo ln mount nvram rmdir tar watch
cstats egrep login mv pidof rstats touch zcat
/sbin:
arp hotplug mtd-erase sched
buttons hotplug2 mtd-unlock service
console ifconfig mtd-write setconsole
ddns-update init ppp_event syslogd
dhcp6c-state insmod radio udevtrigger
dhcpc-event klogd rc udhcpc
dhcpc-release led rcheck vconfig
dhcpc-renew listen reboot wldist
disconnected_pppoe lsmod redial
gpio modprobe rmmod
halt mount-cifs route
root@unknown:/tmp/home/root# sysinfo
Tomato v1.28.0000 MIPSR2-120 K26 Max
Linux version 2.6.22.19 (root@tomato) (gcc version 4.2.4) #37 Sat Jun 7 05:30:28
CEST 2014
NVRAM
1012 entries, 21604 bytes used, 39836 bytes free.
INTERFACES
br0 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:185075 errors:0 dropped:0 overruns:0 frame:0
TX packets:166658 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21559405 (20.5 MiB) TX bytes:160278768 (152.8 MiB)
eth0 Link encap:Ethernet HWaddr C0:C1:C0xx:xx:xx
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:165763 errors:0 dropped:0 overruns:0 frame:0
TX packets:175648 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:161724476 (154.2 MiB) TX bytes:22794209 (21.7 MiB)
Interrupt:4 Base address:0×2000
eth1 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:235085 errors:10 dropped:0 overruns:0 frame:269509
TX packets:234875 errors:72 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:56724666 (54.0 MiB) TX bytes:201731456 (192.3 MiB)
Interrupt:3 Base address:0×1000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:87 errors:0 dropped:0 overruns:0 frame:0
TX packets:87 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:13018 (12.7 KiB) TX bytes:13018 (12.7 KiB)
vlan1 Link encap:Ethernet HWaddr C0:C1:C0:xx:xx:xx
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:7418 errors:0 dropped:0 overruns:0 frame:0
TX packets:16101 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5137752 (4.8 MiB) TX bytes:1536952 (1.4 MiB)
vlan2 Link encap:Ethernet HWaddr C0:C1:C0xx:xx:xx
inet addr:192.168.0.3 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:158047 errors:0 dropped:0 overruns:0 frame:0
TX packets:159142 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:153556156 (146.4 MiB) TX bytes:21209557 (20.2 MiB)
ROUTING TABLE
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 vlan2
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 vlan2
Kernel IPv6 routing table
Destination Next Hop
Flags Metric Ref Use Iface
::1/128 ::
U 0 0 1 lo
ARP TABLE
192.168.0.1 dev vlan2 lladdr 00:09:5b:cd:50:40 REACHABLE
192.168.1.38 dev br0 lladdr 68:5d:43:e7:83:44 REACHABLE
IP TABLES
:filter
Chain INPUT (policy DROP 403 packets, 193K bytes)
pkts bytes target prot opt in out source destination

692 61801 DROP all — * * 0.0.0.0/0 0.0.0.0/0
state INVALID
10214 1655K ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 shlimit tcp — * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:22 state NEW
14 2052 ACCEPT all — lo * 0.0.0.0/0 0.0.0.0/0

6522 793K ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT udp — * * 0.0.0.0/0 0.0.0.0/0
udp spt:67 dpt:68
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

253K 139M all — * * 0.0.0.0/0 0.0.0.0/0
account: network/netmask: 192.168.1.0/255.255.255.0 name: lan
0 0 ACCEPT all — br0 br0 0.0.0.0/0 0.0.0.0/0

59 2360 DROP all — * * 0.0.0.0/0 0.0.0.0/0
state INVALID
9434 453K TCPMSS tcp — * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0×06/0×02 TCPMSS clamp to PMTU
128K 15M monitor all — * vlan2 0.0.0.0/0 0.0.0.0/0

249K 138M ACCEPT all — * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 wanin all — vlan2 * 0.0.0.0/0 0.0.0.0/0

4738 223K wanout all — * vlan2 0.0.0.0/0 0.0.0.0/0

4738 223K ACCEPT all — br0 * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 12586 packets, 5087K bytes)
pkts bytes target prot opt in out source destination

Chain monitor (1 references)
pkts bytes target prot opt in out source destination

0 0 RETURN tcp — * * 0.0.0.0/0 0.0.0.0/0
WEBMON –max_domains 2000 –max_searches 2000
Chain shlimit (1 references)
pkts bytes target prot opt in out source destination

0 0 all — * * 0.0.0.0/0 0.0.0.0/0
recent: SET name: shlimit side: source
0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0
recent: UPDATE seconds: 60 hit_count: 4 name: shlimit side: source
Chain wanin (1 references)
pkts bytes target prot opt in out source destination

Chain wanout (1 references)
pkts bytes target prot opt in out source destination

:nat
Chain PREROUTING (policy ACCEPT 9977 packets, 1113K bytes)
pkts bytes target prot opt in out source destination

403 193K WANPREROUTING all — * * 0.0.0.0/0 192.168.
0.3
0 0 DROP all — vlan2 * 0.0.0.0/0 192.168.1.0/
24
Chain POSTROUTING (policy ACCEPT 10 packets, 1912 bytes)
pkts bytes target prot opt in out source destination

6165 323K MASQUERADE all — * vlan2 0.0.0.0/0 0.0.0.0/0

26 8531 SNAT all — * br0 192.168.1.0/24 192.168.1.0/
24 to:192.168.1.1
Chain OUTPUT (policy ACCEPT 1812 packets, 127K bytes)
pkts bytes target prot opt in out source destination

Chain WANPREROUTING (1 references)
pkts bytes target prot opt in out source destination

0 0 DNAT icmp — * * 0.0.0.0/0 0.0.0.0/0
to:192.168.1.1
:mangle
Chain PREROUTING (policy ACCEPT 273K packets, 142M bytes)
pkts bytes target prot opt in out source destination

128K 124M DSCP all — vlan2 * 0.0.0.0/0 0.0.0.0/0
DSCP set 0×00
Chain INPUT (policy ACCEPT 17877 packets, 2707K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 253K packets, 139M bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 12618 packets, 5092K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 266K packets, 144M bytes)
pkts bytes target prot opt in out source destination

IP6 TABLES
:filter
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

:mangle
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

NET STATS
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 :::53 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 :::23 :::* LISTEN
udp 0 0 127.0.0.1:38032 0.0.0.0:*
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 127.0.0.1:38000 0.0.0.0:*
udp 0 0 :::53 :::*
raw 0 0 0.0.0.0:255 0.0.0.0:* 255
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
FILE SYSTEMS
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/root 5056 5056 0 100% /
tmpfs 14764 172 14592 1% /tmp
devfs 14764 0 14764 0% /dev
MOUNTPOINTS
rootfs on / type rootfs (rw)
/dev/root on / type squashfs (ro)
proc on /proc type proc (rw)
tmpfs on /tmp type tmpfs (rw)
devfs on /dev type tmpfs (rw,noatime)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw)
SWAPS
Filename Type Size Used Priority
PARTITIONS
major minor #blocks name
31 0 256 mtdblock0
31 1 7872 mtdblock1
31 2 5091 mtdblock2
31 3 1856 mtdblock3
31 4 64 mtdblock4
ENVIRONMENT
USER=root
HOME=/root
PS1=\u@\h:\w\$
LOGNAME=root
TERM=vt100
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/home/root:/mmc/sbin:/mmc/bin:/mmc/usr/sbin:/
mmc/usr/bin:/opt/sbin:/opt/bin:/opt/usr/sbin:/opt/usr/bin:
SHELL=/bin/sh
PWD=/tmp/home/root
CPU INFO
0.12 0.03 0.01 2/32 3739
system type : Broadcom BCM4716 chip rev 1 pkg 9
processor : 0
cpu model : MIPS 74K V4.0
BogoMIPS : 176.53
cpu MHz : 354
wait instruction : no
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : no
hardware watchpoint : yes
ASEs implemented : mips16 dsp
shadow register sets : 1
VCED exceptions : not available
VCEI exceptions : not available
unaligned_instructions : 4
INTERRUPTS
CPU0
3: 770819 MIPS eth1
4: 298897 MIPS eth0
7: 687164 MIPS timer
8: 13 IRQ2 serial
ERR: 0
MEMORY
total used free shared buffers
Mem: 29532 18664 10868 0 2464
-/+ buffers: 16200 13332
Swap: 0 0 0
MemTotal: 29532 kB
MemFree: 10864 kB
Buffers: 2464 kB
Cached: 7112 kB
SwapCached: 0 kB
Active: 6188 kB
Inactive: 5336 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 1952 kB
Mapped: 1592 kB
Slab: 4228 kB
SReclaimable: 676 kB
SUnreclaim: 3552 kB
PageTables: 284 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 14764 kB
Committed_AS: 5068 kB
VmallocTotal: 786356 kB
VmallocUsed: 2404 kB
VmallocChunk: 782068 kB
WIRELESS VER
5.10 RC147.0
wl0: Mar 4 2010 00:00:47 version 5.10.147.0
US (US/0) UNITED STATES
LOADED MODULES
Module Size Used by Tainted: P
xt_webmon 16320 1
xt_DSCP 992 1
ip6table_mangle 992 0
ip6table_filter 704 0
xt_recent 6800 2
xt_IMQ 736 0
imq 2320 0
nf_nat_pptp 1440 0
nf_conntrack_pptp 3808 1 nf_nat_pptp
nf_nat_proto_gre 1072 1 nf_nat_pptp
nf_conntrack_proto_gre 2464 1 nf_conntrack_pptp
nf_nat_ftp 1568 0
nf_conntrack_ftp 5792 1 nf_nat_ftp
nf_nat_sip 5920 0
nf_conntrack_sip 19008 1 nf_nat_sip
nf_nat_h323 5504 0
nf_conntrack_h323 37120 1 nf_nat_h323
wl 1781264 0
et 49280 0
igs 13680 1 wl
emf 17408 2 wl,igs
PROCESSES
Mem: 18812K used, 10720K free, 0K shrd, 2464K buff, 7112K cached
CPU: 0% usr 0% sys 0% nic 100% idle 0% io 0% irq 0% sirq
Load average: 0.12 0.03 0.01 1/32 3757
PID PPID USER STAT VSZ %VSZ %CPU COMMAND
1609 1 root S 2684 9% 0% httpd
2031 1 root S 1312 4% 0% crond -l 9
1612 1611 root S 1304 4% 0% -sh
3564 434 root S 1304 4% 0% -sh
1610 1 root S 1304 4% 0% udhcpc -i vlan2 -b -s dhcpc-event -H u
nknown -m
314 313 root S 1300 4% 0% /bin/sh
434 1 root S 1296 4% 0% telnetd -p 23
3676 3564 root S 1296 4% 0% {sysinfo} /bin/sh /usr/sbin/sysinfo
3757 3676 root R 1296 4% 0% top -b -n1
2018 1 root S 1292 4% 0% syslogd -L -s 50 -b 1
2020 1 root S 1292 4% 0% klogd
1 0 root S 1260 4% 0% /sbin/init noinitrd
312 1 root S 1244 4% 0% buttons
313 1 root S 1184 4% 0% console
1611 496 root S 1140 4% 0% dropbear -p 22 -a
1295 1 nobody S 1104 4% 0% dnsmasq -c 1500 –log-async
1225 1 root S 1080 4% 0% nas
496 1 root S 1072 4% 0% dropbear -p 22 -a
1242 1 root S 968 3% 0% cstats
1236 1 root S 916 3% 0% rstats
1222 1 root S 900 3% 0% eapd
273 1 root S 616 2% 0% hotplug2 –persistent –no-coldplug
87 2 root SW< 0 0% 0% [mtdblockd]
3 2 root SW< 0 0% 0% [ksoftirqd/0]
5 2 root SW< 0 0% 0% [khelper]
42 2 root SW 0 0% 0% [pdflush]
44 2 root SW< 0 0% 0% [kswapd0]
2 0 root SW< 0 0% 0% [kthreadd]
43 2 root SW 0 0% 0% [pdflush]
4 2 root SW< 0 0% 0% [events/0]
45 2 root SW< 0 0% 0% [aio/0]
18 2 root SW< 0 0% 0% [kblockd/0]
DMESG
Linux version 2.6.22.19 (root@tomato) (gcc version 4.2.4) #37 Sat Jun 7 05:30:28
CEST 2014
CPU revision is: 00019740
Found a 8MB ST compatible serial flash
Determined physical RAM map:
memory: 02000000 @ 00000000 (usable)
On node 0 totalpages: 8192
Normal zone: 64 pages used for memmap
Normal zone: 0 pages reserved
Normal zone: 8128 pages, LIFO batch:0
Built 1 zonelists. Total pages: 8128
Kernel command line: root=/dev/mtdblock2 noinitrd console=ttyS0,115200
Primary instruction cache 32kB, physically tagged, 4-way, linesize 32 bytes.
Primary data cache 32kB, 4-way, linesize 32 bytes.
Synthesized TLB refill handler (20 instructions).
Synthesized TLB load handler fastpath (32 instructions).
Synthesized TLB store handler fastpath (32 instructions).
Synthesized TLB modify handler fastpath (31 instructions).
PID hash table entries: 128 (order: 7, 512 bytes)
CPU: BCM4716 rev 1 pkg 9 at 354 MHz
Using 177.000 MHz high precision timer.
console [ttyS0] enabled
Dentry cache hash table entries: 4096 (order: 2, 16384 bytes)
Inode-cache hash table entries: 2048 (order: 1, 8192 bytes)
Memory: 29416k/32768k available (33k kernel code, 3352k reserved, 2718k data, 11
6k init, 0k highmem)
Calibrating delay loop… 176.53 BogoMIPS (lpj=882688)
Mount-cache hash table entries: 512
NET: Registered protocol family 16
PCI: Using membase 8000000
PCI: Disabled
PCI: Fixing up bus 0
PCI: Fixing up bus 1
NET: Registered protocol family 2
Time: MIPS clocksource has been installed.
IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
TCP established hash table entries: 1024 (order: 1, 8192 bytes)
TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
TCP reno registered
squashfs: version 3.0 (2006/03/15) Phillip Lougher
io scheduler noop registered (default)
HDLC line discipline: version $Revision: 4.8 $, maxframe=4096
N_HDLC line discipline registered.
Serial: 8250/16550 driver $Revision: 1.90 $ 2 ports, IRQ sharing disabled
serial8250: ttyS0 at MMIO 0xb8000300 (irq = 8) is a 16550A
PPP generic driver version 2.4.2
MPPE/MPPC encryption/compression module registered
NET: Registered protocol family 24
PPPoL2TP kernel driver, V0.18.3
PPTP driver version 0.8.5
pflash: found no supported devices
Creating 5 MTD partitions on “sflash”:
0×00000000-0×00040000 : “pmon”
0×00040000-0x007f0000 : “linux”
0×00127400-0×00620000 : “rootfs”
0×00620000-0x007f0000 : “jffs2″
0x007f0000-0×00800000 : “nvram”
u32 classifier
OLD policer on
Netfilter messages via NETLINK v0.30.
nf_conntrack version 0.5.0 (512 buckets, 4096 max)
ip_tables: (C) 2000-2006 Netfilter Core Team
ipt_account 0.1.21 : Piotr Gasidlo <quaker@barbara.eu.org>, http://www.barbara.e
u.org/~quaker/ipt_account/
net/ipv4/netfilter/tomato_ct.c [Jun 7 2014 02:58:57]
NET: Registered protocol family 1
NET: Registered protocol family 10
ip6_tables: (C) 2000-2006 Netfilter Core Team
NET: Registered protocol family 17
802.1Q VLAN Support v1.8 Ben Greear <greearb@candelatech.com>
All bugs added by David S. Miller <davem@redhat.com>
VFS: Mounted root (squashfs filesystem) readonly.
Freeing unused kernel memory: 116k freed
Warning: unable to open an initial console.
emf: module license ‘Proprietary’ taints kernel.
PCI: Setting latency timer of device 0000:00:02.0 to 64
eth0: Broadcom BCM47XX 10/100/1000 Mbps Ethernet Controller 5.10.147.0
PCI: Setting latency timer of device 0000:00:01.0 to 64
eth1: Broadcom BCM4328 802.11 Wireless Controller 5.10.147.0
Algorithmics/MIPS FPU Emulator v1.5
vlan1: add 33:33:00:00:00:01 mcast address to master interface
vlan1: add 01:00:5e:00:00:01 mcast address to master interface
vlan1: dev_set_allmulti(master, 1)
vlan1: dev_set_promiscuity(master, 1)
device eth0 entered promiscuous mode
device vlan1 entered promiscuous mode
device eth1 entered promiscuous mode
br0: port 2(eth1) entering forwarding state
br0: port 1(vlan1) entering forwarding state
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: add 01:00:5e:00:00:01 mcast address to master interface
IMQ starting with 2 devices…
IMQ driver loaded successfully.
Hooking IMQ after NAT on PREROUTING.
Hooking IMQ before NAT on POSTROUTING.
vlan2: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan2: del 01:00:5e:00:00:01 mcast address from master interface
vlan2: del 33:33:00:00:00:01 mcast address from vlan interface
vlan2: del 33:33:00:00:00:01 mcast address from master interface
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 01:00:5e:00:00:01 mcast address to master interface
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: del 33:33:00:00:00:01 mcast address from vlan interface
vlan2: del 33:33:00:00:00:01 mcast address from master interface
vlan2: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan2: del 01:00:5e:00:00:01 mcast address from master interface
br0: port 2(eth1) entering disabled state
br0: port 1(vlan1) entering disabled state
vlan1: del 01:00:5e:00:00:01 mcast address from vlan interface
vlan1: del 01:00:5e:00:00:01 mcast address from master interface
vlan1: del 33:33:00:00:00:01 mcast address from vlan interface
vlan1: del 33:33:00:00:00:01 mcast address from master interface
device vlan1 left promiscuous mode
br0: port 1(vlan1) entering disabled state
device eth1 left promiscuous mode
br0: port 2(eth1) entering disabled state
vlan1: add 33:33:00:00:00:01 mcast address to master interface
vlan1: add 01:00:5e:00:00:01 mcast address to master interface
device eth1 entered promiscuous mode
br0: port 2(eth1) entering forwarding state
br0: port 1(vlan1) entering forwarding state
vlan2: Setting MAC address to c0 c1 c0 xx:xx:xx.
vlan2: add 33:33:00:00:00:01 mcast address to master interface
vlan2: add 01:00:5e:00:00:01 mcast address to master interface

 

Cannot update Windows 7 with Service Pack

Windows 7 SP1 is a necessary critical update that should be applied when reinstalling or updating Windows.  You may run into errors when applying this service pack.  During the update, the update may stall or revert changes.  What should you do?

Be Patient – The installation failure or reverting changes may take up to an hour or more.

  • Boot into Safe Mode with networking (Reboot hit F8 several times and select Safe Mode)
    • Be patient this can take an hour or more during the reverting process
    • Once in Safe Mode with networking, disable all antivirus software – Look for other antivirus software programs that may have been installed at an earlier date and remove these (You may have to use removal tools from the vendor).  Also look for any old installations of other anti-virus software or malware tools under c:\program files\any old anti-virus software.  Remove these with Programs and Features (Add/Remove Software) if possible.
  • Rename the SoftwareDistribution folder under C:\Windows\SoftwareDistribution to C:\Windows\SoftwareDistributionold
  • Delete any files under C:\Windows\Temp and C:\Temp
  • Download Tweaking from here
    • Select all repairs and reboot (This may take 20 minutes to 1 hour)
  • Download the System Update Readiness Tool from here
    • Run this Tool
  • Download Windows 7 SP1 (Full Download) from here 

Why Tweaking All-in-one?
Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Repair Hosts File
Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
Repair CD/DVD Missing/Not Working
and more…

Capture

77 Windows tips

Technet has a list of 77 Windows tips, don’t close the tips out too soon, you’ll find things you may not know how to do.   Although most of these are old if you have discovered Windows 7, many people still don’t know about many of these tips.

Know what Robocopy is?  How about a search connector?  perfmon /report or permon /rel?   Link

Windows Hotfix Rollup with 90 updates for Windows 7 and Server 2008

The Microsoft Update may show that your computer is up-to-date but you may be able to improve system stability and performance with these 90 updates for Windows 7 and Server 2008 with a hotfix that was released earlier in 2013.  

This enterprise hotfix fix WebDAV, DFSN client, Folder Redirection, Offline Files and Folders, SMB client, Redirected Drive Buffering Subsystem, Multiple UNC Provider, SMB Service, TCP protocol components (Network Performance), processing of Group Policies, Group Policy preferences, helps to reduce network load and domain load, WMI and more.

Information on the hotfix is here - (http://support.microsoft.com/kb/2775511/en-us)

Where do you get the hotfix?  The hotfix can be downloaded here.  You MUST use Internet Explorer to apply the hotfix.  The hotfix from the Windows Update Catalog requires you to install components to download the files of your choice.

Microsoft Update Catalog

 

Install

 

Available updates

 

Progress

 

After downloading the update, you will need to double click the installation file and after the hotfix is applied, you must restart your computer.

How reliable is your Windows 7 computer?

You can use these command line tools to take a quick short-cut to your reliability monitor and other performance tools.

perfmon /rel  

Lets you review your computer’s reliability and problem history.

perfmon /report

Collects performance data for 60 seconds and then generates and displays a system diagnostics report.

My laptop shows the network card (LAN) as being disabled.  (Thus showing a fail – I use wireless)  This report gives stats across your OS and hardware.

perfmon /res  This opens your resource monitor and allows you to see comprehensive data about your system.

MySQL Upgrade in Windows

Dawn and I faced a MySQL Upgrade for our Moodle LMS site and delayed as long as we could.   Unlike traditional upgrades of Microsoft SQL, we couldn’t simply click a setup file and the upgrade would replace files and services  as needed.

Here’s the easiest process we found to upgrade MySQL

  1. Stop the existing MySQL service in Services
  2. Make sure you have a backup  of you MySQL database
  3. Open a command prompt (as administrator)
  4. change to the MySQL directory and type mysqld –remove  (to remove the service under services) you can also remove it by using the SC Delete MySQL command.
    1. In the Service manager you should see that the service is removed.
  5. Uninstall MySQL under the Programs and Features menu
  6. Delete all folders under programdata and program files that are related to MySQL
  7. Reboot
  8. Make sure the latest .NET Framework is installed
  9. Download and run the MySQL Community package  Link
  10. Perform a new install
  11. Use the Server type:  Server  (Production deployments)
  12. Make sure your data directories are specified during the installation
  13. Use the same root password you had on the old installation
  14. Add  admin users as necessary
  15. Restore your files if necessary (backups) with MySQL Workbench Link
  16. Complete the install
  17. Make sure the service is running

Note: Always make a backup before trying to update the database.

 

SQLPanel

IP and Domain information in Chrome

Want to find information about a website or find information on an IP address you found in your security logs?  Use Chrome’s add on IP Address and Domain information to find information you need to track or block an IP address.

tcpip

 

(above – utility added to Chrome.

This add-on allows information on IPv4 addresses, IPv6 addresses, ISP

tcpiputils

Security Onion- IDS, NSM, and log management

What if you want an IDS system that monitors malicious activities and provides you with logs (Network Security Monitoring) and graphs to help protect your network?  And what if you want an easy setup that provides you with information that will help you – something with a GUI interface?   Security Onion can provide you with the defacto IDS system – Snort, Squert and a ton of other tools to help you.  While there are options, Security Onion offers the choice of Snort (http://snort.org/) or Suricata (http://suricata-ids.org/).

The setup below shows a test system using VMWare with 2 processors and 2 Gb of RAM if you want to try it out.   While the bare minimum is suggested to be 3 Gb, a production environment should have 8- 128 Gb of RAM, a ton of hard drive space for logs and two network cards.  One network card for management and one to sniff.

Security Onion’s ISO can be downloaded from SourceForge.   While there is a ton of how-tos on the internet about Security Onion, there is a great deal of information on there blog located here.

Here’s a simple setup I did at home to try out Security Onion.  Using VMware’s Player (non-commercial use).  If you plan on trying Security Onion or deploying it in a production environment, you should use the commercial version or have a system that supports the minimum requirements.

menuinstallliveLive Runninginstalling rullinstalling driveinstalling drive erase  Installing files after time keyboard finished

 

Once you restart, you’ll need to run setup again to enter an email address for squert and setup a password. Once this is done, you can open the shortcuts on the desktop or use your host computer to login. Once this is complete, login to Snorby’s url.

While snort is running, Snorby will present a dashboard.  You may be surprised to see no threats once you login.  You can expedite this process by running NMap (Zenmap against the virtual machine) if you want to see threats.

What is Snorby? “ Snorby is a web application interface to view, search and classify Snort and Suricata alerts and generate various types of reports, such as most active IDS signatures, most active sensors, and top source and destination IP addresses.”  more information.
2 snorby

Once you run NMap, click on More Options in the right corner and update the Cache

2a cache update

Give Security Onion just a few seconds and refresh the screen.  You’ll see the events logged.  This will visually show you not only how  many threats were ‘ seen’ on the network but will categorize and graph them.

3 snorby 3 severity

Clicking on the events will show each event and give you the option to categorize unknown threats or to reclassify threats.
4 nmap to test

Logging in to Squert allows you to see threats along with maps and information from threats.

5 squert

Squert map

ELSA – allows you to query and look for information.

6 Elsa

What does NMap show when Security Onion is scanned?

7 is it logging

 

 

 

Introduction to Security Onion

Security Onion Blog

 

The dangers of using outdated software


 Outdated software contains security flaws which cybercriminals can use as avenues to infiltrate the corporate network.

The dangers of using outdated software.