tag:blogger.com,1999:blog-8029952542190638202024-02-19T03:38:29.726-08:00The Zone ManagerBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comBlogger79125tag:blogger.com,1999:blog-802995254219063820.post-4221365699292059502017-03-14T05:06:00.000-07:002017-03-14T05:06:15.459-07:00End-to-end transaction auditingOne of the more powerful security capabilities that a full stack provider like Oracle could eventually provide that no point solution company can provide is end-to-end transaction auditing. For example, if a user logs into Oracle Enterprise Linux or Solaris,<br />
<br />
Introduction to Oracle Fusion Middleware Audit Framework<br />
http://docs.oracle.com/cd/E23943_01/core.1111/e10043/audintro.htm#CEGBJGFI<br />
<br />
Setting up and using BI Publisher for ECID data<br />
http://docs.oracle.com/cd/E23943_01/core.1111/e10043/audreport.htm#BEHGEBEF<br />
<br />
<br />
https://blogs.oracle.com/sduloutr/entry/using_execution_context_id_ecid<br />
<br />
<h3 class="entry-title" style="background-color: white; color: #555555; font-family: Arial, Verdana, sans-serif; font-size: 20px; font-weight: normal; line-height: 25px; margin: 0px 0px 3px;">
Using execution context ID (ECID)</h3>
<h4 class="entry-meta" style="background-color: white; color: #888888; font-family: Arial, Verdana, sans-serif; font-size: 11px; line-height: 18px; margin: 0px 0px 10px;">
By Sylvain Duloutre on <a href="https://blogs.oracle.com/sduloutr/entry/using_execution_context_id_ecid#" style="color: #888888; text-decoration: none;">Aug 16, 2012</a></h4>
<div class="entry-body" style="background-color: white; color: #555555; font-family: Arial, Verdana, sans-serif; font-size: 12px; line-height: 18px;">
<div style="margin-bottom: 10px; margin-top: 10px;">
Execution context ID (ECID) is a unique identifier to correlate events or requests associated with the same transation across several components.</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
The ECID value for a particular request is generated at the first layer and is passed down to the subsequent layers. The ECID value is logged (and auditable) in each product involved in the transaction. ECID allows an administrator to track the end-to-end flow of a particular request across the product stack.</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
ECID are supported by OUD and can be used to track LDAP requests from the client down to the ultimate LDAP server processing the request (inclusing LDAP access layer/proxy if any).</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
When performing a LDAP operation, a client can pass a ECID using the LDAP control extension 2.16.840.1.113894.1.8.31 . This ECID is logged by OUD. The OUD server generates a ECID in case none is present in the incoming request.</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
ECID are logged in the "Oracle Access Logger". By default, this logger is disabled. To enable it, run the command below:</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
dsconfig <b>set-log-publisher-prop</b> \<br />
<b> --publisher-name Oracle\ Access\ Logger \ </b><br />
<b> --set enabled:true\ </b><br />
--hostname prehnite \<br />
--port <admin port="port">\<br /> --bindDN cn=Directory\ Manager \<br /> --bindPassword ****** \<br /> --no-prompt</admin></div>
<div style="margin-bottom: 10px; margin-top: 10px;">
Here is a sniplet of the Oracle access log:</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
[2012-08-16T16:10:26.770+02:00] [OUD] [TRACE] [OUD-24641559] [PROTOCOL] [host: prehnite] [nwaddr: 10.166.70.62] [tid: 25] [userId: sduloutr]<b> [ecid: 10.166.70.62:37126:1345126226770:39,0] </b>[category: REQ] [conn: -1] [op: 80] [msgID: 81] [dn: o=example] [type: synchronization] MODIFY</div>
<div style="margin-bottom: 10px; margin-top: 10px;">
The administrator can then search the logs using a particular ECID value. Audit logs can be queried for a given ECID through Oracle BI Publisher’s audit reports. For example, if you send an LDAP request to Oracle Virtual Directory front-ending Oracle Unified Directory, an ECID associated with the LDAP request is present in the OVD diagnostic logs and audit logs; similarly, when the query reaches OUD, OUD includes the same ECID in its diagnostic logs and audit reports.<span class="st"></span></div>
<div>
<br /></div>
</div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div class="sect1" style="line-height: 1.2;">
<div class="sect2" style="line-height: 1.2;">
<div style="line-height: 1.2;">
Certain Oracle Collaboration Suite components provide <span class="glossaryterm" style="font-weight: bold; line-height: 1.2;">message correlation</span> information for diagnostic messages. Message correlation information helps those viewing diagnostic messages determine relationships between messages across components. The Execution Context ID (ECID), is a globally unique identifier associated with a thread of execution. The ECID helps you to use log file entries to correlate messages from one application or across application server components. By searching related messages using the message correlation information, multiple messages can be examined and the component that first generates a problem can be identified (this technique is called <span class="glossaryterm" style="font-weight: bold; line-height: 1.2;">first-fault component isolation</span>). Message correlation data can help establish a clear path for a diagnostic message across components, within which errors and related behavior can be understood.</div>
<div style="line-height: 1.2;">
When you view an entry on the Log Entry Details page in the Oracle Collaboration Suite Control Console, if the Execution Context ID field is available, it displays the Execution Context ID as a link. Selecting the <span class="bold" style="font-weight: bold; line-height: 1.2;">Execution Context ID</span> link shows you all the diagnostic messages in the Log Repository with the same execution context ID.</div>
<div style="line-height: 1.2;">
You can use the ECID to track requests as they move through Oracle Application Server.</div>
<div style="line-height: 1.2;">
The ECID takes the following format:</div>
<pre class="oac_no_warn" style="font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;" xml:space="preserve"><span class="italic" style="font-style: italic; line-height: 1.2;">request_id</span>, <span class="italic" style="font-style: italic; line-height: 1.2;">sequence_number</span>
</pre>
<div style="line-height: 1.2;">
The <code style="background: inherit; color: #336699; font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;"><span class="codeinlineitalic" style="font-style: italic; line-height: 1.2;">request_id</span></code> is a unique integer that is associated with each request. The <code style="background: inherit; color: #336699; font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;"><span class="codeinlineitalic" style="font-style: italic; line-height: 1.2;">sequence_number</span></code> represents the hop number of the request, as it passes through Oracle Collaboration Suite (or through the component). For example, OracleAS Web Cache assigns an initial sequence number of 0 to a request (when OracleAS Web Cache handles the request). After that, the sequence number is incremented as the request moves through Oracle Collaboration Suite components.</div>
<div style="line-height: 1.2;">
<a href="http://docs.oracle.com/cd/B15595_01/collab.101/b14476/ch_managing_logs.htm#BABHCFJA" style="background: inherit; color: #996633; line-height: 1.2;">Table 8-1</a> lists the Oracle Collaboration Suite components that provide message correlation information (using an ECID).</div>
<div class="infoboxnote" style="border-bottom-color: gray; border-bottom-style: solid; border-bottom-width: 1pt; border-top-color: gray; border-top-style: solid; border-top-width: 1pt; line-height: 1.2; margin: 4ex 110px; padding: 0.25em;">
<div class="notep1" style="font-weight: bold; line-height: 1.2;">
Note:</div>
Some Oracle Collaboration Suite components do not support generating message correlation data. Other Oracle Collaboration Suite components support generating message correlation data, but by default do not enable this option.</div>
<div class="tblformalwide" style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1243" name="sthref1243" style="line-height: 1.2;"></a><a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="BABHCFJA" name="BABHCFJA" style="line-height: 1.2;"></a><br />
<div class="titleintable" style="font-style: italic; font-weight: bold; line-height: 1.2;">
Table 8-1 Oracle Collaboration Suite Components Supporting Message Correlation</div>
<table border="1" cellpadding="3" cellspacing="0" class="FormalWide" dir="ltr" frame="hsides" rules="groups" style="background-color: white; color: black; font-family: Arial, Helvetica, sans-serif; font-size: small; line-height: 1.25; width: 100%px;" summary="Oracle Application Server components supporting message correlation" title="Oracle Collaboration Suite Components Supporting Message Correlation"><thead style="line-height: 1.2;">
<tr align="left" style="line-height: 1.2;" valign="top"><th align="left" id="r1c1-t18" style="background: inherit; color: #336699; line-height: 1.2; vertical-align: bottom;" valign="bottom">Component</th><th align="left" id="r1c2-t18" style="background: inherit; color: #336699; line-height: 1.2; vertical-align: bottom;" valign="bottom">Message Correlation Configuration Reference</th></tr>
</thead><tbody style="line-height: 1.2;">
<tr align="left" style="line-height: 1.2;" valign="top"><td align="left" headers="r1c1-t18" id="r2c1-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1244" name="sthref1244" style="line-height: 1.2;"></a>DCM</div>
</td><td align="left" headers="r2c1-t18 r1c2-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
DCM supports message correlation.</div>
</td></tr>
<tr align="left" style="line-height: 1.2;" valign="top"><td align="left" headers="r1c1-t18" id="r3c1-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1245" name="sthref1245" style="line-height: 1.2;"></a>OC4J</div>
</td><td align="left" headers="r3c1-t18 r1c2-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
OC4J supports message correlation when ODL logging is enabled and when the property <code style="background: inherit; color: #336699; font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;">oracle.dms.transtrace.ecidenabled</code> is set to the value <code style="background: inherit; color: #336699; font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;">true</code> (by default this is <code style="background: inherit; color: #336699; font-family: 'Courier New', Courier, monospace; font-size: 1em; line-height: 1.2;">false</code>). This property is set on the OC4J command line.</div>
<div style="line-height: 1.2;">
See Also: <a href="http://docs.oracle.com/cd/B15595_01/collab.101/b14476/ch_managing_logs.htm#i1020335" style="background: inherit; color: #996633; line-height: 1.2;">"Configuring Components to Produce ODL Messages and ECIDs"</a></div>
<div style="line-height: 1.2;">
<a class="olinkSRC JIUSR" href="http://tahiti-stage.us.oracle.com/pls/cs101/to_bookid?id=JIUSR" style="background: inherit; color: #996633; line-height: 1.2;"><span class="italic" style="font-style: italic; line-height: 1.2;">Oracle Application Server Containers for J2EE User's Guide</span></a> for details on enabling ODL logging in OC4J</div>
</td></tr>
<tr align="left" style="line-height: 1.2;" valign="top"><td align="left" headers="r1c1-t18" id="r4c1-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1246" name="sthref1246" style="line-height: 1.2;"></a>HTTP Server</div>
</td><td align="left" headers="r4c1-t18 r1c2-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
Oracle HTTP Server supports message correlation.</div>
<div style="line-height: 1.2;">
See Also: <a href="http://docs.oracle.com/cd/B15595_01/collab.101/b14476/ch_managing_logs.htm#i1020335" style="background: inherit; color: #996633; line-height: 1.2;">"Configuring Components to Produce ODL Messages and ECIDs"</a></div>
</td></tr>
<tr align="left" style="line-height: 1.2;" valign="top"><td align="left" headers="r1c1-t18" id="r5c1-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1247" name="sthref1247" style="line-height: 1.2;"></a>Portal</div>
</td><td align="left" headers="r5c1-t18 r1c2-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
Portal supports message correlation. Portal outputs the ECID with error messages in the Portal Repository Diagnostics log file.</div>
<div style="line-height: 1.2;">
See Also: "Diagnosing OracleAS Portal Problems" <a class="olinkSRC POCFG" href="http://tahiti-stage.us.oracle.com/pls/cs101/to_bookid?id=POCFG" style="background: inherit; color: #996633; line-height: 1.2;"></a><span class="italic" style="font-style: italic; line-height: 1.2;">Oracle Application Server Portal Configuration Guide</span>.</div>
</td></tr>
<tr align="left" style="line-height: 1.2;" valign="top"><td align="left" headers="r1c1-t18" id="r6c1-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1248" name="sthref1248" style="line-height: 1.2;"></a>Web Cache</div>
</td><td align="left" headers="r6c1-t18 r1c2-t18" style="line-height: 1.2; vertical-align: top;"><div style="line-height: 1.2;">
Web Cache supports message correlation.</div>
<div style="line-height: 1.2;">
See Also: "Oracle-ECID Request-Header Field" in Chapter 2 of <a class="olinkSRC OWCAG" href="http://tahiti-stage.us.oracle.com/pls/cs101/to_bookid?id=OWCAG" style="background: inherit; color: #996633; line-height: 1.2;"><span class="italic" style="font-style: italic; line-height: 1.2;">Oracle Application Server Web Cache Administrator's Guide</span></a></div>
</td></tr>
</tbody></table>
</div>
</div>
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="i1021646" name="i1021646" style="line-height: 1.2;"></a><br />
<div class="sect2" style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1249" name="sthref1249" style="line-height: 1.2;"></a><br />
<h3 class="sect2" style="background: inherit; color: #336699; font-family: Arial, Helvetica, sans-serif; font-size: 1.1em; line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1250" name="sthref1250" style="line-height: 1.2;"></a><a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="OCSAG175" name="OCSAG175" style="line-height: 1.2;"></a>Diagnosing Component Problems</h3>
<div style="line-height: 1.2;">
When an Oracle Collaboration Suite component has a problem you can isolate and determine the cause of the problem by viewing the diagnostic messages. There are general techniques that can assist you in accomplishing this task. In general, the techniques include the following:</div>
<ul style="line-height: 1.2;">
<li style="line-height: 1.2;"><div style="line-height: 1.2;">
Search for errors, or warnings, related to the problem</div>
</li>
<li style="line-height: 1.2;"><div style="line-height: 1.2;">
Correlate the errors across components</div>
</li>
<li style="line-height: 1.2;"><div style="line-height: 1.2;">
Correlate the errors across a time interval</div>
</li>
<li style="line-height: 1.2;"><div style="line-height: 1.2;">
Perform component based analysis</div>
</li>
</ul>
<div style="line-height: 1.2;">
Using a Log Repository can make searching for the root cause of a problem much easier. A Log Repository consolidates log file data and enables you to easily search, correlate, and view log file data that is generated by multiple Oracle Collaboration Suite components. A Log Repository correlates cross component information by time, and correlates events that occur in a cascading fashion. Once a problem is isolated to a particular component in the repository, then, if needed, the problem can be further analyzed by examining the component-specific diagnostic files.</div>
<div class="infoboxnotealso" style="border-bottom-color: gray; border-bottom-style: solid; border-bottom-width: 1pt; border-top-color: gray; border-top-style: solid; border-top-width: 1pt; line-height: 1.2; margin: 4ex 110px; padding: 0.25em;">
<div class="notep1" style="font-weight: bold; line-height: 1.2;">
See Also:</div>
<a href="http://docs.oracle.com/cd/B15595_01/collab.101/b14476/ch_managing_logs.htm#i1027516" style="background: inherit; color: #996633; line-height: 1.2;">"Using Oracle Collaboration Suite Log Loader"</a></div>
</div>
</div>
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="i1027516" name="i1027516" style="line-height: 1.2;"></a><br />
<div class="sect1" style="line-height: 1.2;">
<a href="https://www.blogger.com/blogger.g?blogID=802995254219063820" id="sthref1251" name="sthref1251" style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: small; line-height: 15px;"></a><span style="background-color: white; font-family: "arial" , "helvetica" , sans-serif; font-size: x-small; line-height: 15px;"></span></div>
<br />
<br />
<br />
<br />Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-2441460285112058362015-07-17T06:45:00.001-07:002017-03-14T05:03:10.621-07:00What's so special about /dev/./urandom?During a customer proof of concept, I discovered that using /dev/./urandom in Linux systems cuts WebLogic startup times by more than half. In my case, I have a workflow involving the installation and setup of several products including WebLogic that work together to form a particular solution set. The automated setup of this particular workflow typically takes about 45 minutes to complete. Simply setting the following Java option, cut the time down to 20 minutes.<br />
<br />
JAVA_OPTIONS=" -Djava.security.egd=file:/dev/./urandom"<br />
<br />
I wasn't content with just simply enjoying the benefits of quicker startup times. I had to know why. <br />
<br />
Here's the short answer:<br />
<blockquote class="tr_bq">
<a href="https://bugs.openjdk.java.net/browse/JDK-6202721" target="_blank">Java Bug 6202721</a> states that java.security.SecureRandom uses /dev/random rather than /dev/urandom even if /dev/urandom is specified because at the time (around 2004) /dev/urandom was not working properly. The bug has never been reversed now that /dev/urandom works quite well. Therefore, you have to fake it out by obscuring the setting by using /dev/./urandom to force the use of SHA1PRNG rather than /dev/random.</blockquote>
<br />
Here's the long answer:<br />
<br />
/dev/random is a random number generator often used to seed cryptography functions for better security. /dev/urandom likewise is a (pseudo) random number generator. Both are good at generating random numbers. The key difference is that /dev/random has a blocking function that waits until entropy reaches a certain level before providing its result. From a practical standpoint, this means that programs using /dev/random will generally take longer to complete than /dev/urandom.<br />
<br />
With regards to why /dev/urandom vs /dev/./urandom. That is something unique to Java versions 5 and following that resulted from problems with /dev/urandom on Linux systems back in 2004. The easy fix was to force /dev/urandom to use /dev/random. However, it doesn't appear that Java will be updated to let /dev/urandom use /dev/urandom. So, the workaround is to fake Java out by obscuring /dev/urandom to /dev/./urandom which is functionally the same thing but looks different.<br />
<br />
References:<br />
<br />
<ul>
<li><a href="http://stackoverflow.com/questions/137212/how-to-solve-performance-problem-with-java-securerandom">http://stackoverflow.com/questions/137212/how-to-solve-performance-problem-with-java-securerandom</a></li>
<li><a href="https://issues.jenkins-ci.org/browse/JENKINS-20108">https://issues.jenkins-ci.org/browse/JENKINS-20108</a></li>
<li><a href="https://bugs.openjdk.java.net/browse/JDK-6202721">https://bugs.openjdk.java.net/browse/JDK-6202721</a></li>
<li><a href="http://www.2uo.de/myths-about-urandom/">http://www.2uo.de/myths-about-urandom/</a></li>
<li><a href="http://wikipedia.org/wiki//dev/random">http://wikipedia.org/wiki//dev/random</a></li>
<li><a href="http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/">http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/</a></li>
<li><a href="http://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html">http://docs.oracle.com/cd/E13209_01/wlcp/wlss30/configwlss/jvmrand.html</a></li>
<li><a href="https://blogs.oracle.com/LuzMestre/entry/why_does_my_weblogic_server">https://blogs.oracle.com/LuzMestre/entry/why_does_my_weblogic_server</a></li>
</ul>
<br />
Enjoy!<br />
<br />
BradBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-41312003460215655642015-07-13T19:31:00.002-07:002017-03-14T05:03:23.550-07:00Workaround for Firefox 39 SSL restrictions on self signed certificates<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
Being a security nut, I am the first person to say that I appreciate the ever-improving security employed in modern browsers. However, this particular improvement is an inconvenience when you work with self signed certificates every day. So, I've created this page for my own personal reference more than anything else.</div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
<br /></div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
Here is the error message that you see when attempting to browse an SSL (https) web site that was setup using a self-signed certificate:</div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
<br /></div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
"SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) </div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px;">
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem."</div>
<br />
Here's how to revert to the previous behavior of asking if you want to accept the security risk of trusting the certificate:<br />
<br />
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px; white-space: pre-wrap;">
1) In FireFox, enter "about:config" in the URL field and press enter.</div>
<div style="color: #484848; font-family: 'Open Sans', Arial, Helvetica, sans-serif; font-size: 14px; white-space: pre-wrap;">
2) Accept the "This might void your warranty!" warning :)
3) In the search field at the top, enter "security.ssl3.dhe_rsa_aes"
4) Double click each result (128 and 256) to toggle the Value to "false"</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-16412579239001565562015-05-22T07:52:00.001-07:002017-03-14T05:03:34.799-07:00Oracle Unified Directory 11gR2 PS3 Is Out<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3AWSFJLhhK7IdtTB2HaHRo-PMHA03es1u99n52qC4dx7TAABe7B2RumjXJHNWH6w71OzIjmH3gh4fx9e2cmYeqBn4j2SSH9M3apGfz-o3G3kdR2Cu1TE9xOAsBa0NDWKTjIWJDsamfP5v/s1600/Stack-Middleware.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3AWSFJLhhK7IdtTB2HaHRo-PMHA03es1u99n52qC4dx7TAABe7B2RumjXJHNWH6w71OzIjmH3gh4fx9e2cmYeqBn4j2SSH9M3apGfz-o3G3kdR2Cu1TE9xOAsBa0NDWKTjIWJDsamfP5v/s320/Stack-Middleware.png" width="205" /></a>Oracle Unified Directory (OUD) 11g Release 2 Patch Set 3 (11.1.2.3) is now available for download through Oracle's cloud software delivery service (eDelivery) or <a href="http://www.oracle.com/technetwork/middleware/id-mgmt/oid-11gr2-2104316.html" target="_blank">Oracle Technology Network (OTN)</a>.<br />
<br />
I'm really excited to share about the new features being introduced with this new patch set. Before getting to those features though, it is important to note that since Oracle acquired Sun Microsystems back in 2010, the product management and engineering teams have continued quietly working on many strategic long term investments in directory services. Much of what has been revealed thus far has focused on OUD's strategic role in the Middleware portion of the Oracle stack. This includes both ensuring OUD has been pre-qualified to work with Oracle's software portfolio as well as those products being certified to work with OUD. Examples include:<br />
<ul>
<li>Native and pre-qualified support by all of Oracle’s Identity Governance, Access Management, Mobile Security product suites, Fusion Applications and other products within the Oracle Directory Services Plus suite</li>
<li>Native support of Enterprise User Security for centralizing Oracle database authentication and authorization</li>
<li>LDAP virtualization to backend data sources such as AD and LDAPv3 and attribute transformations for centralizing access to multiple data sources</li>
<li>Native real time bi-directional replication with ODSEE 11g</li>
<li>Synchronization between OUD and other data sources such as AD, LDAPv3 and RDBMS</li>
<li>Support for Oracle's Execution Context ID tagging for end-to-end transaction auditing across Oracle products</li>
<li>Comprehensive monitoring through Oracle Enterprise Manager’s monitoring system</li>
<ul>
<li>Monitor for availability and performance</li>
<li>Collect monitoring metrics for capacity planning and comprehensive view of usage</li>
<li>Alert on incidents and metric thresholds</li>
<li>Correlate events</li>
<li>Run pre-defined commands remotely to stop, start or restart services</li>
<li>Rollup metrics into abstracted levels like data centers</li>
<li>Use corrective actions to streamline incident management</li>
<li>Provide Service Level Agreement (SLA) reporting against Service Level Objectives</li>
</ul>
</ul>
Of course OUD has continued to be infused with technical improvements as well. Some examples include:<br />
<ul>
<li>Radically simplified replication configuration compared to all previous generation's of Sun's directory services.</li>
<li>Dramatically improved replication performance and scalability</li>
<li>Extremely simple elastic expansion and contraction of a OUD replication topology for any architecture whether in the enterprise or in the cloud</li>
<li>Improved overall performance and scalability</li>
<li>Easy to use service configuration through the Oracle Directory Services Manager</li>
<li>Greatly simplified tuning through dstune</li>
<li>Attribute encryption</li>
<li>Entry compaction</li>
<li>New plugin API for writing your own custom plugins</li>
</ul>
But all of that improvement is not why your reading this post. No, its about the improvements introduced by OUD 11g Release 2 Patch Set 3 (11.1.2.3). As I said before, this patch set like previous releases reveals just some of the ongoing investments that Oracle continues to make in Oracle's directory services portfolio. With that, here are some of the new features introduced with this patch set:<br />
<br />
<b>Enhanced Security</b><br />
<ul>
<li>Attribute masking in audit log</li>
<li>Password expiration virtual attribute</li>
<li>Password policies with ability to select 3 out of 4 character sets</li>
<li>Added certificate management commands, support for HSM integration</li>
<li>Enhancement to Linux crypt algorithm</li>
</ul>
<b>Simplified Deployments</b><br />
<ul>
<li>Bi-directional replication with Sun DSEE 6.3</li>
<li>OUD key metrics added to ODSM like ODSCC console</li>
<li>Non-intrusive and password filter methods of password synchronization with Active Directory</li>
<li>Out of the box optimization with auto-adaptive JVM tuning</li>
</ul>
<b>New Virtualization Use Cases</b><br />
<ul>
<li>Join configuration added to ODSM</li>
<li>RDBMS workflow element added to command line</li>
<li>Plug-in for storing data source password updates</li>
<li>Hide entry by filter workflow element</li>
<li>GetRidOfDuplicate filter workflow element</li>
<li>MemberOf virtual attribute</li>
<li>New previous-last-login-time attribute</li>
</ul>
<b>Scalability and Performance</b><br />
<ul>
<li>Support for very large static groups up to millions of members</li>
<li>Reduce memory footprint with selective attribute caching and attribute tokenization</li>
</ul>
Download OUD 11g R2 PS3 today from <a href="https://edelivery.oracle.com/" target="_blank">eDelivery</a> or <a href="http://www.oracle.com/technetwork/middleware/id-mgmt/oid-11gr2-2104316.html" target="_blank">OTN</a> and try it out for yourself. The documentation set for OUD 11g R2 PS3 is available <a href="http://docs.oracle.com/cd/E52734_01/oud/index.html" target="_blank">here</a>. The full updated identity management documentation set is available <a href="http://www.oracle.com/technetwork/middleware/id-mgmt/documentation/index.html" target="_blank">here</a>.<br />
<div>
<br /></div>
<div>
Enjoy!</div>
<div>
<br /></div>
<div>
Brad</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-54035923094139033402015-01-27T10:08:00.001-08:002017-03-14T05:04:22.717-07:00PAMLDAP: Provisioning UNIX Accounts In ADLeveraging Active Directory (AD) user and group data to provide UNIX authentication and authorization is common these days through authentication frameworks such as PAM LDAP, SSSD, ... etc.<br />
<br />
A frequent related topic asked by customers is how to provision and update UNIX (posixAccount schema) attributes such as uid, uidNumber, and gidNumber of the AD users and groups through existing AD tools.<br />
<br />
Microsoft offers management of the required UNIX attributes through the "Network Information Service" component of the Identity Management for Unix Role Service.<br />
<br />
This blog post walks you through how to enable UNIX user and group provisioning in Microsoft Server 2008R2.<br />
<br />
1. The first step is to add the Role Service.<br />
a. Click Start --> Administrative Tools --> Server Manager<br />
b. Right click on Server Manager --> Roles --> Active Directory Domain Services and select Add Role Services<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVfxiaEpPyUf8y5ZnrskcYm0xR462LHtL0DP6Re6rAQ-HGSU7Cvrf9bWGNy905846z9Ox2dNMAQKFYe_QH3yDJQwL0t6cPgQc77fldJ-yp6OHFo12dtSemky68hoPkx2oDchbKMjNReOaM/s1600/AD-UNIX_Provisioning_1b.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVfxiaEpPyUf8y5ZnrskcYm0xR462LHtL0DP6Re6rAQ-HGSU7Cvrf9bWGNy905846z9Ox2dNMAQKFYe_QH3yDJQwL0t6cPgQc77fldJ-yp6OHFo12dtSemky68hoPkx2oDchbKMjNReOaM/s1600/AD-UNIX_Provisioning_1b.png" /></a></div>
<br />
c. Select "Server for Network Information Services"<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2VZ85pvlmmpXgOX6vkGhY10aoyqBtlwdTMn-qT2ivOeCdMc9_-iyNjq3-THWMDatFPUDBxTHyt4afeO9ii-9P9OVn4LEDDTyDA6w3bkPzczHhYqdDhjh_199Rg2I14Yt63pWP6nATkgys/s1600/AD-UNIX_Provisioning_1c.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="236" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2VZ85pvlmmpXgOX6vkGhY10aoyqBtlwdTMn-qT2ivOeCdMc9_-iyNjq3-THWMDatFPUDBxTHyt4afeO9ii-9P9OVn4LEDDTyDA6w3bkPzczHhYqdDhjh_199Rg2I14Yt63pWP6nATkgys/s1600/AD-UNIX_Provisioning_1c.png" width="320" /></a></div>
<br />
d. Complete the the wizard workflow through restarting the server<br />
<br />
2. Index the UNIX attributes to ensure optimal AD performance when using UNIX attributes.<br />
a. Register the Schema Management Snap-In by clicking Start --> Type regsvr32 schmmgmt --> Press Enter --> Click OK<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-BeUh_Ahvk5l_RxrRzjEfA48C8VZTB895vgTpAHMGJGo_Kk3xoyf3kN9ot9GGIf9Ex3slg08qzocQGKkHM7U7dinhgFd0yb5uNAoeUC_u6kmP2zymplsFwyETYzZFpKgKNP7KT7Xah8js/s1600/AD-UNIX_Provisioning_2acmd.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-BeUh_Ahvk5l_RxrRzjEfA48C8VZTB895vgTpAHMGJGo_Kk3xoyf3kN9ot9GGIf9Ex3slg08qzocQGKkHM7U7dinhgFd0yb5uNAoeUC_u6kmP2zymplsFwyETYzZFpKgKNP7KT7Xah8js/s1600/AD-UNIX_Provisioning_2acmd.png" width="270" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2w0nDr67jYr-tPNL6dO46EJ17zXSeCejmakMfwPz4PWfffhTXZAeEmGWkIw9vGiMRkPzmJKRp9VyD1X3qOgsUeo-WKeS9GHN5fEtD9vzjLW9Attsyes3bGiWpLsSHAAYbXyM3NxGwNlp/s1600/AD-UNIX_Provisioning_2a.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP2w0nDr67jYr-tPNL6dO46EJ17zXSeCejmakMfwPz4PWfffhTXZAeEmGWkIw9vGiMRkPzmJKRp9VyD1X3qOgsUeo-WKeS9GHN5fEtD9vzjLW9Attsyes3bGiWpLsSHAAYbXyM3NxGwNlp/s1600/AD-UNIX_Provisioning_2a.png" /></a></div>
<br />
b. Add AD Schema snap-in by clicking Start --> Type mmc /a --> Press Enter<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijXo6j7qBxkdOS9h1UCso1wOB8yTIuH41fIr9BlnucWuoOJxMD_-bVV2UzPCmJkF1n1ZvheWmhlQBLwXx3nbnhFfAHXYQRtl0euhUnHus4SHLYeHw8pX0adN8gxo93P7psQ2sxOePgUp9U/s1600/AD-UNIX_Provisioning_2bcmd.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijXo6j7qBxkdOS9h1UCso1wOB8yTIuH41fIr9BlnucWuoOJxMD_-bVV2UzPCmJkF1n1ZvheWmhlQBLwXx3nbnhFfAHXYQRtl0euhUnHus4SHLYeHw8pX0adN8gxo93P7psQ2sxOePgUp9U/s1600/AD-UNIX_Provisioning_2bcmd.png" width="272" /></a></div>
<br />
<br />
c. Click File --> Click Add/Remove snap-in...<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH8ASsixWAJWFiIzlt_rg01if8nrq0ljeSTzcoXeyHOiDwP817IkP17KR3NqqMFdEFdBj_8yBQBxR3J0OkFBophMgCLXY0zxPpHfT5vt3yt6qbYXNo4vgeqwjxIOZZz4rv8P7grQwCMy3v/s1600/AD-UNIX_Provisioning_2c.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH8ASsixWAJWFiIzlt_rg01if8nrq0ljeSTzcoXeyHOiDwP817IkP17KR3NqqMFdEFdBj_8yBQBxR3J0OkFBophMgCLXY0zxPpHfT5vt3yt6qbYXNo4vgeqwjxIOZZz4rv8P7grQwCMy3v/s1600/AD-UNIX_Provisioning_2c.png" /></a></div>
<br />
<br />
d. Click Active Directory Schema --> Click Add --> Click OK<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3OLqyKNOad5UrECAq2JjP9I9hXz3wfdJvJYCeUc0sTsJtks7P5SHGRb9VSBD-ai8MoibmU80XQDBb_IpBwYvdM4mSmqk3AlBkNSmBNaA5YeQ0MfTWwHGDHf5EBYr2okb3i3DWzpxKUrat/s1600/AD-UNIX_Provisioning_2d.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="120" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3OLqyKNOad5UrECAq2JjP9I9hXz3wfdJvJYCeUc0sTsJtks7P5SHGRb9VSBD-ai8MoibmU80XQDBb_IpBwYvdM4mSmqk3AlBkNSmBNaA5YeQ0MfTWwHGDHf5EBYr2okb3i3DWzpxKUrat/s1600/AD-UNIX_Provisioning_2d.png" width="320" /></a></div>
<br />
<br />
e. Click on Attributes --> Scroll down to gidNumber --> Right Click on uid --> Click Properties --> Check the "Index this attribute" checkbox --> Click OK<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVsIYBBSPrmSxnId8SXVcp4l_AJ1xQJV3sJa7m4iG34cd-pshmyKDQM2JmhZcetc0m-Zwq0ZEUIvtTrAQOQk7jK0ZG3UZN5ARyEGWkt3aedkAuoUpgZyzYgHlQf7ySrJi51FGkU_JlQK2i/s1600/AD-UNIX_Provisioning_2e.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVsIYBBSPrmSxnId8SXVcp4l_AJ1xQJV3sJa7m4iG34cd-pshmyKDQM2JmhZcetc0m-Zwq0ZEUIvtTrAQOQk7jK0ZG3UZN5ARyEGWkt3aedkAuoUpgZyzYgHlQf7ySrJi51FGkU_JlQK2i/s1600/AD-UNIX_Provisioning_2e.png" width="288" /></a></div>
<br />
<br />
f. Repeat the previous step for uidNumber and gidNumber<br />
g. Close and save changes to Console1<br />
<br />
3. Provision UNIX users and groups or update existing ones<br />
<b>UNIX Groups:</b><br />
a. Click Start --> Type User --> Click Active Directory Users and Computers<br />
b. Select an existing group or add a new one<br />
c. Click on UNIX Attributes tab<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggsRt7jthncXJW6j9Ogtrf9zc4SOVAkXoWyTDy2nJlPw2EjDw08ztoYZjdbfb24cF2XnGuk_9qE9IKMwbcqsGfju_mkqTt7IIO9K_a0mFXnqORfMPtkSIJ10xUnibu6QlVMM0G4TLnsz4j/s1600/AD-UNIX_Provisioning_3cg.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggsRt7jthncXJW6j9Ogtrf9zc4SOVAkXoWyTDy2nJlPw2EjDw08ztoYZjdbfb24cF2XnGuk_9qE9IKMwbcqsGfju_mkqTt7IIO9K_a0mFXnqORfMPtkSIJ10xUnibu6QlVMM0G4TLnsz4j/s1600/AD-UNIX_Provisioning_3cg.png" width="320" /></a></div>
<br />
d. Select NIS Domain (example in my case)<br />
e. If appropriate, update Group ID (GID)<br />
f. Click OK<br />
g. Repeat a-f for all UNIX groups<br />
<br />
<b>UNIX Users:</b><br />
a. Click Start --> Type User --> Click Active Directory Users and Computers<br />
b. Select an existing user or add a new one<br />
c. Click on UNIX Attributes tab<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPr5e9FZPPGwZ9b4sb0ASrgi4wwP-w3SRlZGrx1fslPflLWeNmwPo4yawm5ujDTN4KriIa6dY4ax5Rq9LO6N_pfQ9R8fqC_2HXQKYOHWxKMk6r0G4TX034esZqjWXf-TSROx5u74KA5mu/s1600/AD-UNIX_Provisioning_3cu.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPr5e9FZPPGwZ9b4sb0ASrgi4wwP-w3SRlZGrx1fslPflLWeNmwPo4yawm5ujDTN4KriIa6dY4ax5Rq9LO6N_pfQ9R8fqC_2HXQKYOHWxKMk6r0G4TX034esZqjWXf-TSROx5u74KA5mu/s1600/AD-UNIX_Provisioning_3cu.png" width="320" /></a></div>
<br />
d. Select NIS Domain (example in my case)<br />
e. If appropriate, update User ID (UID), Login Shell, ...<br />
f. Select Primary group<br />
g. Click OK<br />
<div>
h. Repeat a-g for all UNIX users</div>
<div>
<br /></div>
That's it. Enjoy!<br />
<br />
BradBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-72403916317645101602014-04-07T13:12:00.001-07:002017-03-14T05:04:36.672-07:00Adding Thunderbolt Bridged Network to VMWare Fusion 6Thunderbolt Bridged Network is a very fast and high volume network fabric. I like to use this for syncing data between two Mac computers. During high volume sync's, I typically get between 300-500MB/s. <br />
<br />
Another favorite thing to do is enable multiple Virtual Machines's (VM's) to communicate over the Thunderbolt network fabric. However, this isn't yet supported out of the box with VMWare Fusion yet. Fortunately, that never stopped a persistent geek from finding a way to make it work.<br />
<br />
Thanks to <strong style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; white-space: nowrap;"><a class="jiveTT-hover-user jive-username-link" data-avatarid="-1" data-externalid="" data-presence="null" data-userid="736271" data-username="MaZePallas" href="https://communities.vmware.com/people/MaZePallas" id="jive-7362714196274355236967" style="border: 0px none; color: #3399cc; font-family: inherit; font-size: 1.1em; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: 0px; padding: 0px 3px 0px 0px; text-decoration: none; vertical-align: baseline;">MaZePallas</a></strong>for <a href="https://communities.vmware.com/message/2360431#2360431" target="_blank">their solution</a>. I borrowed from their work to come up with the following solution for my environment and needs.<br />
<br />
<br />
1. Create a private bridged network using static IP addresses between the two Mac's over the Thunderbolt cable. In my case, they network is 192.168.3.0/24 where one host was on 192.168.3.2 and the other was on 192.168.3.3.<br />
<br />
<div>
2. Next, use MaZePallas's recommendation to add a VMWare virtual network (vmnet2) to the VMWare configuration. I used the following sequence of commands for this purpose:<br />
<div>
<br /></div>
<div>
<pre style="background-color: whitesmoke; border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; border-top-left-radius: 4px; border-top-right-radius: 4px; border: 1px solid rgb(204, 204, 204); box-sizing: border-box; margin-bottom: 10px; overflow: auto; padding: 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 0px; border-top-right-radius: 0px; box-sizing: border-box; padding: 0px;"><span style="color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">sudo /bin/bash
# cd /Applications/VMware\ Fusion.app/Contents/Library
# ./vmnet-cfgcli vnetcfgadd VNET_2_DHCP no
# </span><span style="background-color: transparent; color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">./</span><span style="background-color: transparent; color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">vmnet-cfgcli vnetcfgadd </span><span style="background-color: transparent; color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">VNET_2_HOSTONLY_SUBNET 192.168.3.0</span><span style="color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">
</span><span style="background-color: transparent;"><span style="color: #333333; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small;"><span style="line-height: 14px; white-space: pre-wrap;"># </span></span></span><span style="background-color: transparent; color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">./</span><span style="background-color: transparent; color: #333333; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 14px; white-space: pre-wrap;">vmnet-cfgcli vnetcfgadd VNET_2_HOSTONLY_NETMASK 255.255.255.0</span><span style="background-color: transparent;"><span style="color: #333333; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small;"><span style="line-height: 14px; white-space: pre-wrap;">
</span></span></span><span style="color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;"># ./</span><span style="background-color: transparent; color: #333333; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 14px; white-space: pre-wrap;">vmnet-cfgcli vnetcfgadd </span><span style="color: #333333; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small;"><span style="line-height: 14px; white-space: pre-wrap;">VNET_2_VIRTUAL_ADAPTER yes</span></span><span style="color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;">
</span><span style="color: inherit; font-family: "menlo" , "monaco" , "consolas" , "courier new" , monospace; font-size: xx-small; line-height: 1.42857143; white-space: pre-wrap;"># ./vmnet-cli --configure
# ./vmnet-cli --stop
# ./vmnet-cli --start
</span></code></pre>
</div>
<div>
3. Manually add vmnet2 to your vmx configuration file:</div>
<div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
vi <your_vm>.vmwarevm/<your_vm_name>.vmx:</your_vm_name></your_vm></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
...</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
ethernet1.present = "TRUE"</div>
<div style="background-color: white; border: 0px none; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #666666; font-family: , "arial" , sans-serif;"><span style="font-size: 14px; line-height: 18px;">ethernet1.connectionType = "custom"</span></span></div>
<div style="background-color: white; border: 0px none; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #666666; font-family: , "arial" , sans-serif;"><span style="font-size: 14px; line-height: 18px;">ethernet1.virtualDev = "e1000"</span></span></div>
<div style="background-color: white; border: 0px none; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #666666; font-family: , "arial" , sans-serif;"><span style="font-size: 14px; line-height: 18px;">ethernet1.wakeOnPcktRcv = "FALSE"</span></span></div>
<div style="background-color: white; border: 0px none; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #666666; font-family: , "arial" , sans-serif;"><span style="font-size: 14px; line-height: 18px;">ethernet1.addressType = "generated"</span></span></div>
<div style="background-color: white; border: 0px none; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="color: #666666; font-family: , "arial" , sans-serif;"><span style="font-size: 14px; line-height: 18px;">ethernet1.vnet = "vmnet2"</span></span></div>
<div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
ethernet1.addressType = "static"</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
ethernet1.linkStatePropagation.enable = "FALSE"</div>
</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
ethernet1.wakeOnPcktRcv = "FALSE"</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
</div>
<div>
<div>
4. Apply the following patch to VMWare's services.sh script:<span style="background-color: white; color: #666666; font-family: , "arial" , sans-serif; font-size: 14px; line-height: 18px;"> </span></div>
</div>
<div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border: 0px none; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; line-height: 1.5em; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">--- /Applications/VMware Fusion.app/Contents/Library/services.sh_</span></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border: 0px none; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; line-height: 1.5em; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">+++ /Applications/VMware Fusion.app/Contents/Library/services.sh</span></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border: 0px none; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; line-height: 1.5em; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">@@ -661,6 +661,10 @@</span></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border: 0px none; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; line-height: 1.5em; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> if retString=`"$LIBDIR/vmnet-cli" --start`; then</span></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
echo "Started network services"</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig vmnet2 down</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig vmnet2 inet delete</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig bridge0 addm vmnet2</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig vmnet2 up</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
else</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
logger -s -t "VMware Fusion 1398658" \</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
"Error: Unable to start the network services. Error: $retString [$?]"</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
@@ -682,6 +686,9 @@</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; height: 8pt; line-height: 18px; margin: 2px; min-height: 8pt; outline: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
--stop)</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
"$LIBDIR/vmware-usbarbitrator" --kill || true</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig vmnet2 down</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig bridge0 deletem vmnet2</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
+ ifconfig vmnet2 up</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
"$LIBDIR/vmnet-cli" --stop</div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; height: 8pt; line-height: 18px; margin: 2px; min-height: 8pt; outline: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div style="background-color: white; border: 0px none; color: #666666; font-family: proxima-nova, Arial, sans-serif; font-size: 14px; line-height: 18px; margin: 2px; outline: 0px; padding: 0px; vertical-align: baseline;">
vmware_stop_pidfile /var/run/vmnet-bridge.pid</div>
</div>
<div>
<br /></div>
<div>
5. Shutdown and restart the Mac because VMWare doesn't seem to recognize the network fully otherwise.</div>
<div>
6. Add a second network adapter to each of the Virtual Machines (VMs) that uses the vmnet2 custom and private network.<br />
<br />
7. Once the VM virtual hardware has been updated, then just configure the IP address of the new adapter within the guest operating system. In my case, I reserved 192.168.3.5-20 for the VMs. Note that if you copied a VM from one host to the other that you change the MAC address(es) of the VM on the other host before starting it up. Otherwise, you end up with network collisions for the same MAC address.<br />
<br />
Hope that helps!<br />
<br />
Brad</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-16575339746349625052014-01-31T09:17:00.000-08:002017-03-14T05:04:46.982-07:00Mapping Ports To Processes...<h2>
Mapping Ports To Processes</h2>
One forensic task that I do so infrequently that I have to look it up each time is determine what process is listening on a port. Therefore, I am finally capturing my favorite methods in this blog post.<br />
<h2>
<span style="font-size: large;">Linux Options</span></h2>
For Linux, the following netstat command is the most succinct method:<br />
<br />
# netstat -tulpn<br />
<span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Active Internet connections (only servers)</span><br />
<span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name </span><br />
<span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">tcp 0 0 0.0.0.0:4000 0.0.0.0:* LISTEN 12668/thnuclnt </span><br />
<br />
Alternatively, you can also use lsof if it is installed on your OS:<br />
<br />
# fuser 4000/tcp<br />
4000/tcp: 12668<br />
<br />
To learn more about the process id (pid), look in the proc table with:<br />
# ls -al /proc/12668/exe<br />
lrwxrwxrwx 1 oracle oracle 0 Jan 30 18:47 /proc/12668/exe -> /usr/lib/vmware/bin/appLoader<br />
<h2>
Solaris Options</h2>
For Solaris, 10 and beyond you can use pfiles with:<br />
<br />
# pfiles `ptree | awk '{print $1}'` | egrep '^[0-9]|port:'<br />
<br />
To list all port to pid mappings on a system:<br />
<br />
for p in `ls /proc`;do a='';P=$(pfiles $p|grep 'port: '|sed -e "s/^.*port: //g");for pt in $P;do if [ "$pt" -<br />
gt 0 ];then a=$(pargs $p|grep -v argv);echo "Port $pt --> Pid $a";fi;done;done<br />
<br />
To find all processes associated with a specific port:<br />
<br />
# port=22;for p in `ls /proc`;do a='';P=$(pfiles $p|grep 'port: '|sed -e "s/^.*port: //g");for pt in $P;do if<br />
[ "$pt" -eq $port ];then a=$(pargs $p|grep -v argv);echo "Port $pt --> Pid $a";fi;done;done<br />
Port 22 --> Pid 2049: /usr/lib/ssh/sshd<br />
Port 22 --> Pid 2129: /usr/lib/ssh/sshd<br />
Port 22 --> Pid 217: /usr/local/sbin/sshd -f /usr/local/etc/sshd_config -R<br />
Port 22 --> Pid 223: /usr/local/sbin/sshd -f /usr/local/etc/sshd_config -R<br />
Port 22 --> Pid 2698: /usr/local/sbin/sshd -f /usr/local/etc/sshd_config<br />
Port 22 --> Pid 2698: /usr/local/sbin/sshd -f /usr/local/etc/sshd_config<br />
Port 22 --> Pid 419: /usr/lib/ssh/sshd<br />
Port 22 --> Pid 461: /usr/lib/ssh/sshd<br />
Port 22 --> Pid 462: /usr/lib/ssh/sshd<br />
pfiles: cannot examine 9499: no such process<br />
<div>
<br /></div>
If available you can use lsof. For example:<br />
<br />
# lsof -f TCP:port<br />
<br />
or<br />
<br />
# lsof -i:portnumber<br />
<br />
Great References:<br />
* http://www.cyberciti.biz/faq/what-process-has-open-linux-port/<br />
* http://stackoverflow.com/questions/91169/what-process-is-listening-on-a-certain-port-on-solarisBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-48665326160373699262012-07-20T08:53:00.000-07:002017-03-14T05:06:41.391-07:00Web, REST, SOAP, LDAP, oh my!<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0o5XRyYRQgCQ3qc1PVzZCgcoEKSPK1Tp3Hf37u0LxWhO3bQQEaWgAWq6EDJk5VEGFu9qOSbksYa70w_OOb7FCjtOx21T0vE-m3Lm11Te_yXfPndOVgP5st9zbcWTgx45mpzKt4RJBJ4OR/s1600/R2.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0o5XRyYRQgCQ3qc1PVzZCgcoEKSPK1Tp3Hf37u0LxWhO3bQQEaWgAWq6EDJk5VEGFu9qOSbksYa70w_OOb7FCjtOx21T0vE-m3Lm11Te_yXfPndOVgP5st9zbcWTgx45mpzKt4RJBJ4OR/s1600/R2.png" /></a></div>
This week, I was in Santa Clara for a preview of Oracle's recently <a href="http://www.oracle.com/us/corporate/press/1708069" target="_blank">announced</a> 11g R2 version of the Oracle Identity and Access Management platform. I was very impressed by the innovation that Oracle invested into this release.<br />
<br />
Oracle's access management layered on top of Oracle's directory services is a powerful combination that enables high performance single sign-on authentication and authorization for mobile applications (e.g. iOS and Android apps), web services, applications and even desktop applications. <br />
<br />
Customer's concerned with protecting their digital assets such as identity data, intellectual property, and core data will be very interested in this new version. For example, one of the most recent emerging threats to companies is the <a href="http://en.wikipedia.org/wiki/BYOD" target="_blank">BYOD</a> revolution (or epidemic depending on your point of view). With the 11g R2 release, they will now for the first time have a comprehensive access management solution for protecting these assets regardless of the source of the end point device. <br />
<br />
For example, with 11g R2, an employee can securely login via single-signon (SSO) from his iPhone, iPad or Android device to the companies various web sites and apps (e.g. CRM, phone book, expense reporting, ...) and flip between them without having to login to each one individually. But then, imagine that just a few minutes later, the same iPhone attempts to access one of these apps from an entirely different location because the iPhone was stolen. <a href="http://www.oracle.com/us/products/middleware/identity-management/index-096126.html" target="_blank">Adaptive Access</a> detects the contextual change through it's context based risk scoring analysis and issues a challenge question before permitting the end user to use the App. If the thief cannot correctly answer the security question(s), then access to all of the corporate apps and web services could be suspended from that device. That is powerful!<br />
<br />
This example can be extended further by looking at it from the perspective of someone attempting to login to one of the company's web services using valid (but stolen) privileged credentials via Web, REST, SOAP or other web service oriented protocols with nafarious intent. Contextual elements such as location, browser type and version, time of day, network address and many others would be used by Adaptive Access to determine if this really is who the user says they are. If any of these contextual elements are outside of the norm for the user then the risk scoring engine would challenge the user to answer security question(s) or perhaps just block access altogether.<br />
<br />
As the mobile market momentum continues to build, I expect that interaction with identity data through ever expanding protocols such as Web, REST, SOAP, and LDAP is going to grow exponentially over time. This implies that you need to ensure that your access management and identity infrastructure will need to scale to meet the challenge but also to do it as securely as possible. Leveraging Oracle's 11g R2 access and identity management enables you not only to leverage identity data through these and other emerging protocols but it enables you to do so very securely.<br />
<br />
Lastly, I have only mentioned a few of the features that 11g R2 represents. There are many other great things like unified coarse and fine grain policy management for all of your web service, app and desktop interactions. Read the <a href="http://www.oracle.com/us/corporate/press/1708069" target="_blank">announcement</a> and then reach out to your local Oracle sales representative to learn more.<br />
<br />
Brad<br />
p.s. Disclaimer: I am an Oracle employee but one that is pumped about this new opportunity to help customers grow their business in a secure and scalable manner.Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-35821634836053405142012-01-23T11:46:00.000-08:002017-03-14T05:07:58.236-07:00Installing VM Tools in OELI recently setup an Oracle Enterprise Linux 5 virtual machine in a VMware. Unfortunately, the VMware tools wouldn't install cleanly. While researching this issue, I found that some people encountered the issue with both OEL5 and OEL6. However, I haven't tested it with OEL6 yet.<br />
<div>
<br /></div>
<div>
Below is what I had to do to resolve the issue.<br />
<div>
<br /></div>
<div>
1. Install the latest update of Oracle Enterprise Linux 5.</div>
<div>
2. Download and enable Oracle's public yum service.</div>
<div>
wget -qO - http://public-yum.oracle.com/public-yum-el5.repo|sed \</div>
<div>
-e "s/enabled=0/enabled=1/g" > /etc/yum.repos.d/public-yum-el5.repo</div>
<div>
<br /></div>
<div>
3. Install the requisite packages to compile the VMware tools</div>
<div>
yum install -y kernel-uek-headers-`uname -r` gcc kernel-uek-devel</div>
<div>
4. Extract the VMWare tools</div>
<div>
tar --gunzip -xf /media/VMware\ Tools/VMwareTools-*.tar.gz</div>
<div>
5. Attempt to compile the VMware tools</div>
<div>
cd vmware-tools-distrib/bin</div>
<div>
<div>
./vmware-install.pl</div>
<div>
<div>
Agree to all of the default settings except the display settings. </div>
<div>
For that, I selected the number that corresponds to 1024x768. </div>
<div>
This was just my preference.</div>
</div>
<div>
<br /></div>
<div>
If you happen to get an error similar to "No module ehci-hcd found for kernel", then you will need to append the $content variable to build the had modules by editing the bin/vmware-config-tools.pl and add the red line in the following excerpt.</div>
<div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> foreach my $key (@gRamdiskModules) {</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> if ($style eq 'redhat') {</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> $content .= " --with=" . get_module_name($key) . " ";</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> <span class="Apple-style-span" style="color: red;">$content .= " --builtin=ehci-hcd --builtin=ohci-hcd \</span></span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"><span class="Apple-style-span" style="color: red;"> --builtin=uhci-hcd ";</span></span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> } else {</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> $content .= get_module_name($key) . ' ';</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> }</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> }</span></div>
</div>
<div>
<br /></div>
<div>
Once that fix is applied, re-run ./vmware-install.pl and then restart the VM to enable copy/paste.</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-26564368885533865662012-01-07T20:11:00.000-08:002017-03-14T05:08:53.192-07:00Family & Friends Backup PlanHello,<br />
<br />
This is a reminder to all of my friends and family to stop what you are doing and backup your computer NOW! Seriously! Go! NOW!!!!<br />
<br />
O.K., I'm done with that soap box.<br />
<br />
I have done several full Microsoft Windows PC/Laptop recoveries over the past few weeks. So far I have been able to backup everyone's data, reinstall Windows, Scan and Smash the Viri/Malware and safely restore the data to the repaired system. However, there was one close call that I wasn't sure recovery would be possible because of a failing disk drive. Fortunately it worked out for the data that mattered most... family pictures, iTunes data, and misc docs. In each of these cases, NONE had a current full backup of their data.<br />
<br />
Nearly all of these recoveries were necessitated as the result of one wrong click of an infected e-mail, text message, or browser link that unleashed some terrible virus or malware. Normally at this point I would gently bash Microsoft Windows for its ease with which it is infected with all sorts of malware but I will not digress this time. Instead I will return to the topic of this post, ... backups.<br />
<br />
If you don't have a current backup of all your important data or don't know how to backup your data, this blog is for you. I am going to share with you a simple 10 step program to backup your data and ensure that it stays backed up.<br />
<br />
<b>Step 1.</b> Determine the sum of all data from all computers that need to be backed up. Lets say you have a MacBook Pro with 200GB of data and a Windows Desktop PC with 400GB of data. The total data for these two computers is 600GB. The following steps can help you determine how much storage a given computer is using.<br />
<br />
<ul>
<li>For a Microsoft Windows computer, right click on the start button, click on Explorer, then left click on each hard drive (C:, E:, ...) and click on properties. This should show the size of the disk drive and how much is use by data.</li>
<li>For a Mac, click on Finder, then left click (or Ctrl-Click) and select Get Info on each of the disk drives starting with Macintosh HD. Sum the Capacities of all the disk drives to back up.</li>
</ul>
<br />
<b>Step 2.</b> Buy an external hard disk drive or storage array that is large enough to hold two or three times the capacity determined from Step 1 above. There are several 1TB, 2TB, and even 3TB disk drives available for under $200. I usually get the best deals on storage either through <a href="http://newegg.com/" target="_blank">NewEgg.com</a> or some really good deal at Fry's. The advantage of <a href="http://newegg.com/" target="_blank">NewEgg.com</a> is that they usually offer a really good price plus free shipping and no tax.<br />
<b>Step 3.</b> Attach the storage to a desktop computer that you can leave on all the time for network backups. If you don't have a computer for this purpose, go buy an inexpensive desktop from Dell, Best Buy, Fry's, ... etc. You should be able to find a sufficient desktop system for under $500. The primary purpose of this system is to provide a safe destination for your computer backups.<br />
<b>Step 4.</b> Download and Install the appropriate version of CrashPlan from <a href="http://crashplan.com/" target="_blank">CrashPlan.com</a> for your desktop computer that has the storage attached to it. <b><span class="Apple-style-span" style="color: red;">CrashPlan is FREE</span></b> when you are backing up to your own local storage or local computers.<br />
<b>Step 5.</b> Sign up for a CrashPlan account making note of the e-mail address and password used for the CrashPlan account.<br />
<b>Step 6.</b> Select what to backup with the following steps<br />
<br />
<ol>
<li>Click on "Backup" from the left hand menu</li>
<li>Click on "Change..." under Files to select what is to be backed up.</li>
<li>By default, CrashPlan selects the home directory of the user installing CrashPlan. If there are other users on that computer, you will want to check their home directories as well. Be sure to browse around and select all drives that may contain important data. When in doubt, back it all up.</li>
<li>Click on Save to save your backup selections.</li>
</ol>
<br />
<b>Step 7.</b> Make sure that the attached storage is formatted and rename the drive to "CPBackups".<br />
<b>Step 8.</b> Setup CrashPlan to use the attached storage with the following steps.<br />
<br />
<ol>
<li>Start the CrashPlan app</li>
<li>Click on Destinations</li>
<li>Click on Folders</li>
<li>Click on "Select..." </li>
<li>Select the "CPBackups" drive</li>
<li>Click on "Start Backup" </li>
</ol>
<br />
<b>Step 9.</b> Now its time to install the rest of the computers and configure them to backup their data over the network to the desktop computer with the external storage attached. Do the following steps on each computer.<br />
<br />
<ol>
<li>Download CrashPlan, install it, and login with your credentials from Step 5.</li>
<li>Click on Destinations</li>
<li>Click on Computers</li>
<li>Select the desktop computer that is running CrashPlan</li>
<li>Click on "Start Backup"</li>
</ol>
<br />
<b>Step 10.</b> Periodically check the health of your desktop computer to ensure that the external storage has not started giving any errors.<br />
<br />
Lastly, consider switching to an Apple computer the next time that you are ready to make a computer purchasing decision. I don't want to belabor this point but about 6 months after you've made the switch you will wonder why you hadn't made the switch much sooner. I'm not saying that Apple's aren't any less susceptible to viri or vulnerabilities. Their track record though has been 10,000 times better than Microsoft Windows. Of all the computers that I have recoverd from malware infection over the past 10 years, <b><span class="Apple-style-span" style="color: red;">NONE of them have been Apple computers</span></b>.<br />
<br />
Blessings to you and yours!<br />
<br />
BradBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-34509383913052507182012-01-06T10:51:00.000-08:002017-03-14T05:09:08.792-07:00Simple VNC control with vncctl<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMZVsD1jBrchcUKHhBjRUXfLMR76X0-D9lf9SlbgBJzkS9_YGlWdCjgSXLc_W5dDl-bG30Uoewt3lTStynDiHu6OZ4nYZPJlxIiXH2mXqWklTNXy5GS3O85hRjhqgqEGSJNQHmMGzZS3FP/s1600/VNC.gif" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="137" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMZVsD1jBrchcUKHhBjRUXfLMR76X0-D9lf9SlbgBJzkS9_YGlWdCjgSXLc_W5dDl-bG30Uoewt3lTStynDiHu6OZ4nYZPJlxIiXH2mXqWklTNXy5GS3O85hRjhqgqEGSJNQHmMGzZS3FP/s200/VNC.gif" width="200" /></a></div>
Hello,<br />
<br />
This week I had the opportunity to add Virtual Network Computing (VNC) support to some of my lab servers. The VNC server bits were already installed by default but I wanted to simplify how to enable non-privileged users to setup and tear down their own VNC sessions. <br />
<br />
Before going into my solution, I should explain that I try to ensure that my servers are as secure as possible. VNC doesn't offer native encryption support and therefore is not natively that secure. Any information transmitted over the network related to the VNC session could be snooped off the network. The best way to add encryption to a VNC session is to tunnel the VNC session through an encrypted secure shell (ssh) connection. I lock down my firewall to only allow ssh connections so that VNC is forced through ssh. Further, just in case the firewall was compromised I don't want VNC to listen on any IP address other than localhost (127.0.0.1). This is actually pretty standard stuff. The interesting part comes in what I wrote to simplify setup and tear down of the VNC sessions.<br />
<br />
I wrote a script called vncctl to start, stop, or restart VNC sessions. When you run "vncctl start" to start a new VNC session, it finds the next available VNC port on the server and uses that port. It also provides sample ssh commands that you can use from your client to connect to the VNC session via tunneling X11 or by tunneling the VNC port to your client. You can even run it multiple times to start up multiple VNC sessions. Lastly, if you run "vncctl stop", it will stop all of your existing VNC sessions. Way Cool!<br />
<br />
Lets look at some sample outputs. Here is the output from running "vncctl start".<br />
<br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">$ vncctl start</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">New 'lab01:3 (brad)' desktop is </span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">lab01</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">:3</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">Starting applications specified in /home/brad/.vnc/xstartup</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">Log file is /home/brad/.vnc/</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">lab01</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">:3.log</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">You have two options for connecting to this VNC server: through port tunneling (fast) or over X11 (slow).</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">If you prefer through port tunneling over ssh, use the following command:</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> ssh -L 5903:127.0.0.1:5903 brad@</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">lab01</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">Then connect to 127.0.0.1:5903 via your local VNC client application</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">If you prefer over X11, use the following command from your server:</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> ssh -X brad@</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">lab01</span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"> vncviewer 127.0.0.1:5903</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">Note that you may need to add -p <sshport> to specify a non-standard ssh port number</sshport></span><br />
<div>
<br /></div>
Here is the sample output when running "vncctl stop".<br />
<br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">$ vncctl stop</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">Killing Xvnc process ID 9507</span><br />
<br />
You can download vncctl from <a href="http://dl.thezonemanager.com/vncctl-v1.1.cgi">dl.thezonemanager.com</a>.<br />
<br />
From an operating system support perspective, I wrote this for Oracle Enterprise Linux version 6 and have not tested it on any other operating system. Therefore, it should also work on RedHat Enterprise Linux version 6 as well. If you have difficulties running it on some other operating system and figure out how to fix it, send the fix to me and I will gladly incorporate it.<br />
<br />
Enjoy and have a great day!<br />
<br />
<br />
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
PS: As always, the sample scripts provided in this post are for reference are not supported by me or my employer in any way.</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-42230227731426029312012-01-03T05:06:00.000-08:002017-03-14T05:09:26.351-07:00RIP SLAMD - You will be missed<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis7bbIKnuU3AUYWabgh9gGwBcy3hGGp0QRJ5KdpWSz2zKwbwfGluGVUUQ59RJNYw1rQqT_7tIGAPsghdnV2us_VE_-y3-OAtXsGq7yHRa3cYPHrZ371TxPMaOb14YH1AgMSrJV_dV35IPz/s1600/RIP_SLAMD.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEis7bbIKnuU3AUYWabgh9gGwBcy3hGGp0QRJ5KdpWSz2zKwbwfGluGVUUQ59RJNYw1rQqT_7tIGAPsghdnV2us_VE_-y3-OAtXsGq7yHRa3cYPHrZ371TxPMaOb14YH1AgMSrJV_dV35IPz/s200/RIP_SLAMD.jpg" width="158" /></a></div>
One casualty of 2011 was the death of the SLAMD open source project. This was a project initiated by and written almost entirely by Neil Wilson. It was a significant contribution to the directory services community and will be greatly missed.<br />
<br />
For those that don't know what I'm talking about, SLAMD was a distributed load generation engine used for stress testing and doing performance analysis on various network-based services such as Directory Services (a.k.a. LDAP). <br />
<br />
The open source project began in 2003 while Neil was working at Sun Microsystems, Inc. Neil wrote SLAMD for the purpose of doing performance analysis of Sun's directory services products. Neil continued his work on SLAMD through through the years even while at UnboundID until around March, 2010. However, Neil's interest in this project has waned and the project eventually ceased in 2011. I'm not exactly sure when <a href="http://web.archive.org/web/20100819005255/http://www.slamd.com/index.shtml" target="_blank">slamd.com</a> went off line but the last date captured by archive.org was August 19, 2010. <br />
<br />
I asked Neil if I could host the most recent release of the SLAMD bits and he graciously agreed. Further<br />
as Neil usually does, he went above and beyond and also setup a page on his company's web site as well.<br />
Here is Neil's SLAMD page:<br />
<a href="http://files.unboundid.com/slamd/">http://files.unboundid.com/slamd/</a><br />
And here is my mirror page so that page so that the bits will remain available for some time to come.<br />
<a href="http://dl.thezonemanager.com/slamd/">http://dl.thezonemanager.com/slamd/</a><br />
<br />
For those of you that still want or need to benchmark directory services, the OpenDS SDK offers a set of command line tools that can be used to generate load and capture result sets from the command line. The bits are available at the following web page link.<br />
<br />
<a href="https://www.opends.org/wiki/page/LDAPSDK">https://www.opends.org/wiki/page/LDAPSDK</a><br />
<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
I will write another blog post that walks you through the basics of how to use the OpenDS LDAP SDK to do basic performance analysis.</div>
<div>
<br /></div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
SLAMD, you will be missed! Neil, thanks for SLAMD! You made a real dent in the world of directory services through that project.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br /></div>
</div>
<div>
Brad</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
PS: As always, the sample scripts provided in this post are for reference are not supported by me or my employer in any way.</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-65312729983179378872011-12-01T13:33:00.000-08:002017-03-14T05:09:41.557-07:00Use cntcores to count CPUs and processor coresIn one of my <a href="http://www.thezonemanager.com/2010/05/how-many-cpus-does-server-x-have.html">previous posts on how to determine the number CPUs in a server</a>, I listed several methods by Operating System (OS) type that can be used to determine the number of processors (or CPUs) and cores in a server. <br />
<br />
Since then I have continued to get requests for assistance on determining the number of cores that a server has. In order to simplify my life, I wrote a script called <a href="http://dl.thezonemanager.com/cntcores-1.7.cgi">cntcores</a> that will succinctly tell you the number of processors, cores, threads the OS, OS version, and processor type. Below are a few sample outputs.<br />
<br />
<b>Oracle SPARC T4-2 running Solaris</b><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">CPUs Cores Threads Operating System ProcType</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">2 16 128 SunOS 5.11 ORCL,SPARC-T4-2 2848 MHz</span><br />
<div>
<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<b>Oracle X4800-M2 running Solaris</b></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">CPUs Cores Threads Operating System ProcType</span></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">8 160 160 SunOS 5.10 i86pc 2400 MHz</span></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;"><br />
</span></div>
<div>
</div>
<br />
<br />
<b>Sun X4150 running Oralce Enterprise Linux</b></div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">CPUs Cores Threads Operating System ProcType</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">2 8 8 Oracle Linux Server release 6.1 Xeon(R) CPU E5345 @ 2.33GHz</span><br />
<div>
<br /></div>
<div>
<b>Dell E250 running Ubuntu</b></div>
<div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">CPUs Cores Threads Operating System ProcType</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">1 2 2 Ubuntu 10.10 Athlon(tm) 64 X2 Dual Core Processor 4200+</span></div>
</div>
<div>
<br />
<b>Apple MacBook Pro running OSX Lion</b><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">CPUs Cores Threads Operating System ProcType</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace; font-size: x-small;">1 4 8 Darwin 11.2.0 Intel Core i7 </span><br />
<br />
The usage of the command is very straight forward. Just run the script. ;-) Below is the actual usage.</div>
<div>
<br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">$ cntcores [-h] [-v] [-l]</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;"> -h Show Usage</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;"> -v Show Version</span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;"> -l Show License</span><br />
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;"> -q Don't show disclaimer</span><br />
<div>
</div>
</div>
</div>
<div>
<br />
The script works for several Linux distributions, Solaris, OSX, HP-UX and AIX.<br />
<br />
Unfortunately, I don't have any HP-UX or IBM AIX servers to test the script on. If you run it on an HP-UX or IBM AIX server, be sure to share the results.<br />
<br />
Note that although the <a href="http://dl.thezonemanager.com/cntcores-1.7.cgi">cntcores</a> script could be very useful for determining core counts for licensing purposes, it should not be relied upon exclusively for that purpose. It may not always accurately represent the actual number of cores in a given server. Therefore, ALWAYS verify all server core counts by at least two methods to assure an accurate accounting.<br />
<br />
Thanks in advance and Enjoy!</div>
<div>
<br /></div>
<div>
Brad<br />
PS: As always, the sample scripts provided in this post are for reference are not supported by me or my employer in any way.<br />
<div class="MsoNormal" style="font-family: Times;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-54298981576634915872011-08-24T12:30:00.000-07:002017-03-14T05:09:57.394-07:00HowTo: Setup VirtualBox 4.1 Server on OEL6<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV7d85H4WfBmOoQi-5J1UKNEuTFuztrbuvAVioDrTdkEaDXWf0f1KEs7z3FUX5d55FLlNtn4XVimoTgAIO_V_GNnehpVbFdk1DqOta5w5eOKRw5JQeeNNJeggO-mM2HPgawlL4NY1fXA8f/s1600/oeltux.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV7d85H4WfBmOoQi-5J1UKNEuTFuztrbuvAVioDrTdkEaDXWf0f1KEs7z3FUX5d55FLlNtn4XVimoTgAIO_V_GNnehpVbFdk1DqOta5w5eOKRw5JQeeNNJeggO-mM2HPgawlL4NY1fXA8f/s1600/oeltux.jpg" /></a></div>
Back in 2010, I wrote about <a href="http://www.thezonemanager.com/2010/08/howto-setup-oracle-enterprise-linux.html">how to setup an Oracle Enterprise Linux (v5.x) server for hosting VirtualBox</a> virtual machines. This post looks at the same goal but for Oracle Enterprise Linux 6 update 1 (OEL 6u1) with VirtualBox 4.1. There are only a few subtle changes that reflect simplifications from the previous methods as well as updating for particulars for OEL 6u1 and VirtualBox 4.1.<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
1. <a href="http://edelivery.oracle.com/linux">Download Oracle Enterprise Linux 6u1</a> (OEL 6u1) ISO image from <a href="http://edelivery.oracle.com/linux">E-Delivery</a> and burn it to a DVD.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
2. Install OEL using the desktop template and configure for your network.</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
3. Subscribe to <a href="http://public-yum.oracle.com/">public-yum.oracle.com</a> by running the following:</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
wget -qO - http://public-yum.oracle.com/public-yum-ol6.repo \</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
| sed -e "s/enabled=0/enabled=1/g" > public-yum-ol6.repo</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
4. Determine the kind of kernel that you have in order to know which kernel code and headers to download by running uname -r. In my case, the resulting kernel is 2.6.32-100.34.1.el6uek.x86_64.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
5. Install the pre-requisite software for compiling the VirtualBox drivers: SDL, gcc and the correct kernel source and headers. In my case, the following works.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
yum install -y SDL gcc kernel-uek-headers kernel-uek-devel</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
6. Download VirtualBox install image for OEL 6 and the VirtualBox Extension Pack from <a href="http://www.virtualbox.org/wiki/Linux_Downloads">VirtualBox.org</a>.</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
7. Install the downloaded VirtualBox image with the following.</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
rpm -i VirtualBox*.rpm<br />
8. Install the VirtualBox Extension Pack with the following.<br />
VBoxManage extpack install *extpack</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
9. [Optional] Remove gcc and requisite packages with the following.</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
yum remove -y SDL gcc kernel-uek-headers kernel-uek-devel</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
10. [Optional] Disable SELinux by setting SELINUX=disabled in /etc/selinux/config.</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
11. [Optional] Disable the un-necessary services.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 abrtd off</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 avahi-daemon off</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 bluetooth off</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 cups off</div>
</div>
</div>
</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 nfslock off</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 rhnsd off</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 rpcgssd off</div>
</div>
</div>
</div>
<div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 rpcidmapd off</div>
</div>
</div>
</div>
<div>
<div>
</div>
</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 postfix off</div>
</div>
</div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
</div>
<div>
</div>
</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
chkconfig --level 0123456 xfs off</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
12. [Optional] Install VNC server and client for remote desktop management.<br />
yum -y install tigervnc-server tigervnc<br />
useradd user1; useradd user2; useradd user3<br />
Set passwords for user1, user2, and user3 with passwd.<br />
Setup VNC desktops for user1, user2, and user3 on the OEL server.<br />
echo >> /etc/sysconfig/vncservers <<eof p=""></eof><br />
VNCSERVERS="1:user1 2:user2 3:user3"<br />
VNCSERVERARGS[1]="-geometry 1024x768"<br />
VNCSERVERARGS[2]="-geometry 1024x768"<br />
VNCSERVERARGS[3]="-geometry 1024x768"<br />
<div>
EOF<br />
chkconfig --level 23456 vncserver on</div>
<div>
14. Reboot with "init 6"</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br /></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
At this point the server is ready host VirtualBox virtual machines. You can use the graphical display (e.g. VirtualBox) or the command line interface to add and manage your VirtualBox virtual machines.<br />
<br />
With VNC setup, you can securely connect to the VNC desktops via ssh. For example, you can connect via ssh and send the vncviewer back to your X11 display.<br />
ssh -X username@remoteserver /usr/bin/vncviewer 127.0.0.1:5901<br />
<br />
Or you can just forward the VNC port back to your desktop with ssh / putty and use a local VNC client to connect to the desktop.<br />
ssh -L 5901:127.0.0.1:5901 username@remoteserver<br />
vncviewer 127.0.0.1:5901</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br /></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Enjoy!</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br /></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad<br />
PS: As always, the sample scripts provided are for reference and are not supported in any way.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-68510561058657088152011-08-23T18:54:00.000-07:002017-03-14T05:10:27.438-07:00Pavlov's passwords<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRYojLGV0oTsIYQCoA0Ms2dNITWyBHVa8vXycN1h9vJgFV3hTT-aKJG3H0c0-CX5XEu3-_FoLXur6cZyLn4GDtqs8gm1NSrRMsF2h7I2VcSmocwdgP_ATWBwPp_VzCZDUwt0BKp4z2feUR/s1600/dog.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRYojLGV0oTsIYQCoA0Ms2dNITWyBHVa8vXycN1h9vJgFV3hTT-aKJG3H0c0-CX5XEu3-_FoLXur6cZyLn4GDtqs8gm1NSrRMsF2h7I2VcSmocwdgP_ATWBwPp_VzCZDUwt0BKp4z2feUR/s200/dog.jpg" width="185" /></a></div>
Perhaps you have heard of <a href="http://youtu.be/hhqumfpxuzI" target="_blank">Pavlov's Dog</a>. If Pavlov were alive today, what sorts of conditioning might he apply to help humans memorize their passwords? <a href="http://www.oracle.com/go/?&Src=7319991&Act=331&pcode=WWMK11053701MPP023" target="_blank">This video</a> may shed some light on the subject.<br />
<br />
Thank goodness there are better ways for managing passwords. ;-)<br />
<br />
Have a great day!<br />
<br />
Brad<br />
<br />Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-15897699915218894672011-07-20T18:00:00.000-07:002017-03-14T05:10:48.593-07:00My New OSX Lion Login ScreenI wasted no time getting my demo laptop upgraded to OSX Lion. Below is my new and improved login screen. Way cool!<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh92TSGgMX5IDDWgjyXc6TpvurlkfCIhyphenhyphenYhNNUmZT3HQLWolHzNmJWglyfHKaTCuBdonVmf9xG6itvP1_y8b9APH0UfGjxDLXWhIMO-i-FzaMh1PfWpfCNeXYVTr5k2Swk4wa0VleOpVw3e/s1600/login.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh92TSGgMX5IDDWgjyXc6TpvurlkfCIhyphenhyphenYhNNUmZT3HQLWolHzNmJWglyfHKaTCuBdonVmf9xG6itvP1_y8b9APH0UfGjxDLXWhIMO-i-FzaMh1PfWpfCNeXYVTr5k2Swk4wa0VleOpVw3e/s400/login.png" width="400" /></a></div>
<br />
To change the boot login background, do the following:<br />
1. cd /System/Library/Framewoorks/ApKit.framework/Versions/C/Resources<br />
2. cp NSTexturedFullScreenBackgroundColor.png NSTexturedFullScreenBackgroundColor.png.lion.orig<br />
3. cp your_new_background.png NSTexturedFullScreenBackgroundColor.png<br />
<br />
To screen capture the login page, do the following:<br />
1. sudo screen -m -d bash -c "sleep 60; screencapture /Users/USER/Desktop/login.png"<br />
2. Logout and move your mouse cursor out of the way.<br />
3. Wait until you hear the sound of the camera shutter.<br />
<br />
Voila!<br />
<br />
Have a great day!<br />
<br />
BradBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-12974939620702240372011-06-28T09:34:00.000-07:002017-03-14T05:11:06.207-07:00Stuxnet: Anatomy of a Computer VirusI discovered this video on the <a href="http://en.wikipedia.org/wiki/Stuxnet">Stuxnet virus</a> which although quite scary is the present reality that the computing world faces. One of the key components of the success of this attack was that the use of a <a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2772">hard-coded password in the database</a> of <a href="http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/Pages/Default.aspx">Siemen's visualization software (WinCC/SCADA)</a>. I wonder if the underlying database supported privileged user controls (like in <a href="http://www.oracle.com/database/database-vault.html">Oracle Database Vault</a>) to prevent privilege escalation if the attack could have been prevented.<br />
<br />
Here is the video.<br />
<br />
<iframe frameborder="0" height="225" src="http://player.vimeo.com/video/25118844?title=0&byline=0&portrait=0" width="400"></iframe><br />
<a href="http://vimeo.com/25118844">Stuxnet: Anatomy of a Computer Virus</a> from <a href="http://vimeo.com/patrickclair">Patrick Clair</a> on <a href="http://vimeo.com/">Vimeo</a>.Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-48160545778437358012011-03-24T04:35:00.000-07:002017-03-14T05:12:19.818-07:003rd Gen Intel SSD Performance ResultsI am an avid SSD enthusiast. Glad to promote <a href="http://en.expreview.com/2011/03/23/world-exclusive-review-intel-g3-ssd-80gb/15569.html">EXPreview's</a> performance report on Intel's 3rd generation of SSD devices. Check it out <a href="http://en.expreview.com/2011/03/23/world-exclusive-review-intel-g3-ssd-80gb/15569.html">here</a>.<br />
<br />
Have a great day!<br />
<br />
BradBrad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-3452719828633444872011-03-01T13:30:00.000-08:002017-03-14T05:11:54.030-07:00OSX Processor Details From The CLI<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHdu-a9LkaMW5MevXJUxXLCSoK_RnvBb8A55h02iVx2GBEJYT2iETiq_zMv4Q3uFciJ7FdI3zS9NGNj6g0kbMlT84VIk_wxFImW590goZlYw64AnkYuyldSGOSrhYvKu-NkxftoyinjFlD/s1600/i7.jpeg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="171" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHdu-a9LkaMW5MevXJUxXLCSoK_RnvBb8A55h02iVx2GBEJYT2iETiq_zMv4Q3uFciJ7FdI3zS9NGNj6g0kbMlT84VIk_wxFImW590goZlYw64AnkYuyldSGOSrhYvKu-NkxftoyinjFlD/s200/i7.jpeg" width="200" /></a></div>
Being the geek that I am, I wanted to know how to see the processor details from the command line of Apple's OSX operating system. The easiest way to report this is by running the sysctl command returning the properties of interest. In my case, I want to see the processor type, speed, core count and thread count.<br />
<br />
<br />
<br />
<br />
<br />
<br />
Here is the output from a 2008 MacBook Pro (MacBookPro4,1):<br />
<br />
$ sysctl machdep.cpu.brand_string machdep.cpu.core_count machdep.cpu.thread_count<br />
machdep.cpu.brand_string: Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz<br />
machdep.cpu.core_count: 2<br />
machdep.cpu.thread_count: 2<br />
<br />
Here is the output from a 2011 MacBook Pro (MacBookPro8,2):<br />
<div>
<div>
$ sysctl machdep.cpu.brand_string machdep.cpu.core_count machdep.cpu.thread_count</div>
<div>
machdep.cpu.brand_string: Intel(R) Core(TM) i7-2635QM CPU @ 2.00GHz</div>
<div>
machdep.cpu.core_count: 4</div>
<div>
machdep.cpu.thread_count: 8</div>
</div>
<div>
<br /></div>
<div>
Way cool!</div>
<div>
<br /></div>
<div>
Have a very blessed day!</div>
<div>
<br />
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-41639270187285325222011-01-21T08:13:00.000-08:002017-03-14T05:12:56.360-07:00docs.sun.com --> OTN DocsOracle completed the transition of all of Sun's documentation (formerly <a href="http://www.oracle.com/technetwork/indexes/documentation/index.html" target="_blank">docs.sun.com</a>) to the <a href="http://www.oracle.com/technetwork/indexes/documentation/index.html" target="_blank">Oracle Technology Network Documentation</a>. Here is a list of links to help you find product documentation for legacy Sun products.<br />
<ul style="color: white; font-family: Geneva, Arial, Helvetica, san-serif; font-size: 12px; line-height: 16px;">
<li><span class="Apple-style-span" style="color: black;"><a href="http://www.oracle.com/technetwork/documentation/legacy-sun-identity-mgmt-193462.html" target="_blank"><b>Directory Services, Identity and Access Management</b></a></span></li>
<li><span class="Apple-style-span" style="color: black;"><a href="http://www.oracle.com/technetwork/documentation/mockup-index-239125.html#java" style="font-weight: bold; text-decoration: underline;" target="_blank">Java Documentation</a></span></li>
<li><a href="http://www.oracle.com/technetwork/documentation/oracle-sparc-ent-servers-189996.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">SPARC Enterprise Server Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/oracle-x86-servers-190077.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">x86 Enterprise Server Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/oracle-blade-sys-190001.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Blade Systems Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/sys-mgmt-networking-190072.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Systems Management Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/tape-storage-187555.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Tape Storage Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/oracle-unified-ss-193371.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Disk Storage and Unified Storage Systems Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/storage-software-245737.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Storage Software Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/switches-directors-193441.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Storage Networking: Switches and Directors Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/solaris-11-192991.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle Solaris 11 Express Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/solaris-10-192992.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle Solaris 10 and Containers Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/solaris-cluster-33-192999.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle Solaris Cluster 3.3 Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/solaris-studio-12-192994.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle Solaris Studio 12 Documentation</span></a></li>
<li><a href="http://download.oracle.com/docs/cd/E11857_01/nav/management.htm" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle Enterprise Manager Ops Center Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/vm-sparc-194287.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Oracle VM Server for SPARC (LDOMS) Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/sgd-193668.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Secure Global Desktop Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/server-storage/sunrayproducts/docs/index.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">SunRay Products Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/vdi-193670.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">Virtual Desktop Infrastructure Documentation</span></a></li>
<li><a href="http://www.oracle.com/technetwork/documentation/office-prod-193030.html" style="font-weight: bold; text-decoration: underline;" target="_blank"><span class="Apple-style-span" style="color: black;">StarOffice and OpenOffice Documentation</span></a></li>
</ul>
<br />
Have a great day!<br />
<br />
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
</div>
<div class="MsoNormal" style="font-family: Times;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
</div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-80227051618582569572011-01-06T22:08:00.000-08:002017-03-14T05:18:23.593-07:00ISP Report Tool v3.0<div class="separator" style="clear: both; text-align: center;">
</div>
The first two versions of the ISP Report Tool laid a great foundation for capturing and reporting on ISP packet loss information. The one thing that I really did not like in the previous two versions was a lack of reporting granularity necessary to truly understand at a glance what the packet loss meant. I realized that I could get much more specific if I used a graphical tool like a pie chart to convey the various aspects of granularity that I wanted to show. I researched various Cascading Style Sheet (CSS) pie chart options, and the option that worked the best for my needs was <a href="http://code.google.com/apis/chart/docs/making_charts.html" target="_blank">Google Charts API</a>. The only downside to going this route is that if you don't have access to the Internet, then the web report won't work for you.<br />
<br />
<b><span class="Apple-style-span" style="font-size: large;">What's New?</span></b><br />
With ISP Report Tool version 3.0, you get the following improvements:<br />
<ul>
<li>Provides daily report per target host</li>
<li>Provides individual pie charts for each target host</li>
<li>Provides color coded severity (e.g. green, yellow, orange or red) per pie chart</li>
<li>Separates packet loss reporting by day and by target host</li>
<li>Separates packet loss percentages per target host</li>
<li>Separates packet accounting per percentage per target host</li>
<li>Increases ping frequency from 5 minutes to 2 minutes</li>
<li>Increases web report update frequency to hourly from daily</li>
<li>Fixes various bugs</li>
</ul>
<b><span class="Apple-style-span" style="font-size: large;">New Web Report</span></b><br />
The following screen shot shows what the packet loss looks like at my house for the last few days.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6lT-bswyU1W4WclcMOpHG2kgGkK4TFg5aIwFE151xFfVlfX5yNFv6H2CviMv5kLBJjgU7u4kdjuAsS2jywvL5dSNGoHadmpr6igdq2YSsF9GD31uiHPiDAkCrF9vf2bq6mmuS8kvj47xG/s1600/ispReport-v3.0-Summary.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" height="311" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6lT-bswyU1W4WclcMOpHG2kgGkK4TFg5aIwFE151xFfVlfX5yNFv6H2CviMv5kLBJjgU7u4kdjuAsS2jywvL5dSNGoHadmpr6igdq2YSsF9GD31uiHPiDAkCrF9vf2bq6mmuS8kvj47xG/s400/ispReport-v3.0-Summary.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Lets look at a couple rows from this graph to gain an understanding of what we are looking at. The second row, January 2nd, 2001 has one red pie chart in the abc.com column. This indicates that at some point during the day ping reported percentage packet loss above 20% for the target host abc.com. The orange pie chart indicates that ping reported packet loss between 11-20% for yahoo.com. Note that there was no pie chart for google.com. This means that none of the pings to google.com reported any packet loss. Given that there is no correlation across the target hosts of January 2nd, I can safely conclude that there wasn't an issue with my Internet connection.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Now lets look at the last row, January 6th, 2011. All of the pie charts for target hosts yahoo.com, abc.com, cbs.com, and google.com are red. Given that all four target hosts had 100% packet loss on January 6th, this means that there is a very high probability that my Internet connection was having problems. In other words, time to call my Cale/DSL provider to get them to fix the problem. However, in this case it was just me. I turned off the modem to show what the web report would look like with a cable/DSL modem outage.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<b><span class="Apple-style-span" style="font-size: large;">Detailed View</span></b></div>
<div class="separator" style="clear: both; text-align: left;">
Another new feature is that you can click on any of the pie charts to get a more granular view of the packet loss percentages of a specific day and target host. The following screen shot shows the packet loss for pings to abc.com on January 2nd, 2011.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmh9oiG6mQT0r2L2g6PkgjY2dbgsK16Gf3XNMghD_THDPqer-Avr8QQE6WXPB-stEFpp4-ur5p9MlSqNZv6o0Fhb8ll9yiHErWVLF-7ejPR2YwZ0dKEq_IcO0M8x9OZWarMcdrOhGChXXV/s1600/ispReport-v3.0-Chart.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" height="211" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmh9oiG6mQT0r2L2g6PkgjY2dbgsK16Gf3XNMghD_THDPqer-Avr8QQE6WXPB-stEFpp4-ur5p9MlSqNZv6o0Fhb8ll9yiHErWVLF-7ejPR2YwZ0dKEq_IcO0M8x9OZWarMcdrOhGChXXV/s400/ispReport-v3.0-Chart.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
Notice that each segment of the pie chart provides both graphically and textually the packet loss percentage as well as how many packets of all packets lost for that day. In this example, the biggest packet loss of 100% represented 200 of the total 254 packets lost for the day. Likewise, only 7 of the 254 lost packets were of the 1% packet loss variety.</div>
<br />
<b><span class="Apple-style-span" style="font-size: large;">Download and Install</span></b><br />
You can download <a href="http://dl.thezonemanager.com/ispReport-v3.0.cgi" target="_blank">ISP Report Tool v3.0</a> <a href="http://dl.thezonemanager.com/ispReport-v3.0.cgi" target="_blank">here</a>. Once downloaded, you only need to run "ispReport install" to install and start the ISP Report Tool. Once running, you can view the command line report with "ispReport report" or create a web report with "ispReport mkwww". Once the web report is created, you can view the web report by opening up your preferred web browser and oping the ${ispHome}/www/ispReport.hml file.<br />
<br />
<br />
<div>
<b><span class="Apple-style-span" style="font-size: large;">Usage</span></b></div>
<div>
The ISP Report Tool has 9 subcommands that you can run from the command line to perform various actions. Here are descriptions for each of the subcommands.</div>
<div>
<div>
start - Start the script</div>
<div>
stop - Stop the script</div>
<div>
status - Check the status to see if it is running or not</div>
<div>
report - Create a report from the log file</div>
<div>
showlog - Examine the contents of the log files</div>
<div>
install - Install the ISP Report Tool</div>
<div>
uninstall - Uninstall the ISP Report Tool</div>
<div>
mkwww - Make web report</div>
<div>
rotate - Archive the existing log file and create a new log file.</div>
<div>
usage - See the usage of the script</div>
</div>
<div>
<br /></div>
<div>
<b><span class="Apple-style-span" style="font-size: large;">Customize</span></b></div>
<br />
The great thing about the ISP Report Tool is that it is just a simple bash script. This makes configuration very straight forward. There are five configurable variables at the top of the script that you can modify with you preferred editor. The following sections outline these variables.<br />
<br />
<br />
<b>Target Hosts</b><br />
You can specify one or more target hosts for ISP Report Tool to ping. If you deploy ISP Report Tool on a private network that cannot reach the Internet, you will want to use a list of target hosts that can be reached by the tool. For most people though, the default four hosts should be sufficient.<br />
<br />
The following is the default setting for the targets variable.<br />
<br />
targets=('yahoo.com' 'abc.com' 'cbs.com' 'google.com')<br />
<br />
<b>ISP Report Home Directory</b><br />
In order to keep things simple and consistent across multiple platforms, I establish a home directory for all logs and web content. The following is the default setting for the ispHome variable.<br />
<br />
ispHome="${HOME}/.ispReport"<br />
<br />
<b>ISP </b><b>Report </b><b>Log Directory</b><br />
You can define where to place the log files generated by the ISP Report Tool. The following is default location for the logdir variable.<br />
<br />
logdir="${ispHome}/logs"<br />
<br />
<b>ISP </b><b>Report </b><b>Web Directory</b><br />
The web directory root is the hardest variable to decide on a default location because the various web servers use different default web roots for different platforms. Thus, the easiest thing to do is put the default location in the ISP Report home directory. The following is the default directory for the webdir variable.<br />
<br />
webdir="${ispHome}/www"<br />
<br />
In addition to giving you the ability to define the web directory, I also enable you to specify the web document name as well. The default name defined by the webfile variable is ispReport.html.<br />
<br />
webfile="ispReport.html"<br />
<div>
<br /></div>
<div>
<span class="Apple-style-span" style="font-size: large;"><b>Conclusion</b></span></div>
<br />
I hope that you find this tool very useful for streamlining support calls with your ISP when network problems happen.<br />
<br />
Thanks to <a href="http://code.google.com/apis/chart/docs/making_charts.html" target="_blank">Google Charts API</a> for their great web service.<br />
<br />
Enjoy and have a great day!<br />
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
<div class="MsoNormal" style="font-family: Times;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<span class="Apple-style-span" style="font-family: "helvetica";"><span class="Apple-style-span" style="font-family: "times";">PS: As always, this script is provided for reference and is not supported in any way.</span></span></div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-81192741418320248892011-01-03T12:32:00.000-08:002017-03-14T05:18:50.259-07:00Making A Fixed Size FileIf you have ever wanted to know how to make a fixed size file, here are a few methods that you can use to create a 1GB file.<br />
<br />
<b>1GB Empty (all zeros) File</b><br />
You can use mkfile or dd to create an empty file. See the following examples for creating an empty 1GB file.<br />
<br />
# mkfile 1g myfile<br />
<br />
# dd if=/dev/zero of=myfile bs=1k count=1m<br />
<span class="Apple-style-span" style="font-family: "helvetica";"><span class="Apple-style-span" style="font-family: "times";"><br />
</span></span><br />
<div style="font-family: Helvetica;">
<b>1GB Scrambled File</b></div>
<div style="font-family: Helvetica;">
You can use openssl, dd, and ksh93 to create a file that is populated with random/scrambled data. See the following examples for each method.</div>
<div style="font-family: Helvetica;">
<br /></div>
<div style="font-family: Helvetica;">
Write random bytes of base64-encoded data to stdout</div>
<div style="font-family: Helvetica;">
<div>
# openssl rand -base64 -out myfile $((1024*1024*1000)) </div>
<div>
<br /></div>
<div>
Write binary random data to a file</div>
<div>
# openssl rand -out myfile $((1024*1024*1000)) </div>
<div>
<br /></div>
<div>
# dd if=/dev/urandom of=myfile bs=1k count=1m</div>
</div>
<div style="font-family: Helvetica;">
<br /></div>
<div style="font-family: Helvetica;">
# ksh93 "head -c $((1024*1024*1000)) /dev/urandom" > myfile</div>
<div style="font-family: Helvetica;">
<br /></div>
<div style="font-family: Helvetica;">
Hope that was helpful!</div>
<div style="font-family: Helvetica;">
<br /></div>
<div style="font-family: Helvetica;">
Have a great day!</div>
<div style="font-family: Helvetica;">
<br /></div>
<div style="font-family: Helvetica;">
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.com2tag:blogger.com,1999:blog-802995254219063820.post-80520044897764331752010-12-30T15:33:00.000-08:002017-03-14T05:19:03.218-07:00ISP Report Tool v2.0<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<b><span class="Apple-style-span" style="color: red;"><span class="Apple-style-span" style="font-size: large;">Important Update:</span></span></b> <a href="http://www.thezonemanager.com/2011/01/isp-report-tool-v30.html">See new ispReport version 3.0</a> for the latest version of this tool.</div>
</div>
</div>
<div>
</div>
<br />
<br />
There was quite a bit of interest in the <a href="http://www.thezonemanager.com/2010/12/isp-report-tool.html" target="_blank">first version of my ISP report tool</a>. There was also an interest to produce a graphical report. Toward that end, I updated the tool to create and automatically update a web report. You can see a sample manufactured report below.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX3D3vrV3Ej9vRdISQc1UwG6R6SaEIzmVszAIB_vFdSk28jliUNL8_xzIs3VPAvno1watI00bBjcPIp7uQ6Q0FB9IunA9jxH5Ih4_HxA9YJChRWaQXjZbuONwt4M-hTb4ZyxQpsrOLszT6/s1600/summary.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" height="312" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX3D3vrV3Ej9vRdISQc1UwG6R6SaEIzmVszAIB_vFdSk28jliUNL8_xzIs3VPAvno1watI00bBjcPIp7uQ6Q0FB9IunA9jxH5Ih4_HxA9YJChRWaQXjZbuONwt4M-hTb4ZyxQpsrOLszT6/s400/summary.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
The ispReport daemon runs the report generator every night just after midnight to update the report.</div>
<div class="separator" style="clear: both; text-align: left;">
To manually create the report, just run "ispReport mkwww". The web report is stored in ~/.ispReport/www/index.html. You can copy this file to a web server to see it remotely. Or you can edit the script to specify where you would like the web report stored.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
I also incorporated an automated monthly log rotation in order to keep from creating a single mammoth log file.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; text-align: left;">
You can download this latest and most likely final version <a href="http://dl.thezonemanager.com/ispReport-v2.0.cgi" target="_blank">ispReport-v2.0 here</a>.</div>
<div>
<br />
<br />
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<b><span class="Apple-style-span" style="color: red;"><span class="Apple-style-span" style="font-size: large;">Important Update:</span></span></b> <a href="http://www.thezonemanager.com/2011/01/isp-report-tool-v30.html">See new ispReport version 3.0</a> for the latest version of this tool.</div>
</div>
</div>
<div>
</div>
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Have a blessed day!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad<br />
PS: As always, the sample scripts provided are for reference and are not supported in any way.</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.com0tag:blogger.com,1999:blog-802995254219063820.post-79425319872193960872010-12-29T07:46:00.000-08:002017-03-14T05:19:14.088-07:00ZM: 2010 AnalyticsIt is good to look back over the year to gain an appreciation of progress and to plan for the future. This blog post is devoted to looking over the stats of <a href="http://thezonemanager.com/" target="_blank">TheZoneManager.com</a> for 2010. Not including this post, I submitted 30 blog posts this year. Most were technical and hopefully valuable.<br />
<br />
As you can see from the map below, I had over 15,700 visitors from 131 countries around the globe.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwWCgffqgGcBC2J5_2t_Q3mt0GInHk6IouLn1Gd5NQxd8DvC9ENYujwpBbPK8c2LvamHAfIusL7TVvkRhJeSnFwy5sTk8y96Et8SFVG_8-K9nJ3jv2zeBWxzGCw1pXKoVUOfWjexav-Wkb/s1600/visitsbycountry.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwWCgffqgGcBC2J5_2t_Q3mt0GInHk6IouLn1Gd5NQxd8DvC9ENYujwpBbPK8c2LvamHAfIusL7TVvkRhJeSnFwy5sTk8y96Et8SFVG_8-K9nJ3jv2zeBWxzGCw1pXKoVUOfWjexav-Wkb/s400/visitsbycountry.png" width="400" /></a></div>
<br />
One quarter of visitors came from direct traffic. Another quarter came from referring sites such as <a href="http://blogs.sun.com/" target="_blank">blogs.sun.com</a>, <a href="http://opensolaris.org/" target="_blank">opensolaris.org</a>, and <a href="http://braddiggs.com/" target="_blank">braddiggs.com</a>. And the remaining half of visitors came from search engines, primarily google. Interestingly, the highest number of searches in google were for the dsbulkloader.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO4vnoRXriJA4HvqtpuNPWTRl5N-MFRfok4fD4GF88YC02B5AQIaXM1rhahc_n79NqCj5T2li-jGXW2pKAZes4ofyJmp43o6I0-KNIN6FO36BAq0IXXnEm-AZLUnjO1C6bYasse2n_5R5m/s1600/sources.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" height="207" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO4vnoRXriJA4HvqtpuNPWTRl5N-MFRfok4fD4GF88YC02B5AQIaXM1rhahc_n79NqCj5T2li-jGXW2pKAZes4ofyJmp43o6I0-KNIN6FO36BAq0IXXnEm-AZLUnjO1C6bYasse2n_5R5m/s400/sources.png" width="400" /></a></div>
<br />
<br />
The most popular blog post by almost a 2 to 1 margin was the <a href="http://www.thezonemanager.com/2009/03/filesystem-cache-optimization.html" target="_blank">2009 blog post on Filesystem Cache Optimization Strategies</a>.<br />
<br />
The blog post with the most comments (7) was on <a href="http://www.thezonemanager.com/2009/10/solaris-10-1009-zfs-cache-improvements.html" target="_blank">ZFS Cache Improvements</a>.<br />
<br />
I also kept track of all of the script downloads to the <a href="http://dl.thezonemanager.com/" target="_blank">dl.thezonemanager.com</a>. In 2010, there were over 5,000 downloads of the 15 scripts. Unfortunately, I don't have a breakout by script. That has been added for next year's re-cap.<br />
<br />
Next year, I hope to publish much more valuable content to make 2011 better than ever.<br />
<br />
Blessings to you and yours!<br />
<br />
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.comtag:blogger.com,1999:blog-802995254219063820.post-10892827004060803352010-12-28T13:37:00.000-08:002017-03-14T05:19:36.166-07:00ISP Report Tool<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<b><span class="Apple-style-span" style="color: red;"><span class="Apple-style-span" style="font-size: large;">Important Update:</span></span></b> <a href="http://www.thezonemanager.com/2011/01/isp-report-tool-v30.html">See new ispReport version 3.0</a> for the latest version of this tool.</div>
</div>
<div>
</div>
<br />
My Internet Service Provider (ISP) is usually very reliable. However, whenever problems arise, the ISP typically takes weeks before reaching final resolution. I typically start to notice Internet speed drops due to packet loss far before my Internet access completely stops working. It would be nice if I had a summary report and detailed logs that I could send to the ISP support to show exactly when problems started, how long that the problems have been going on and what degree of degradation that I have experienced over that time. I looked for a tool that could provide this sort of information and couldn't find anything that really met my needs. So, I wrote a script called ispReport for this purpose. The rest of this blog post details the script's capabilities and usage.<br />
<br />
<b>What ispReport Does</b><br />
This ispReport script pings yahoo.com and abc.com every 5 minutes. If there is any packet loss or ping can't reach the target hosts, it stores the ping results in a log file. You can run "ispReport showlog" to view the contents of the log and "ispReport report" to show a summary report of logged data.<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<b>Download</b></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
You can download <a href="http://dl.thezonemanager.com/ispReport-v1.0.cgi">ispReport-v1.0</a> <a href="http://dl.thezonemanager.com/ispReport-v1.0.cgi">here</a>. It works on Solaris, Linux, and the OS-X.</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br /></div>
<b>Usage</b><br />
ispReport has the following 9 subcommands.<br />
start - Start the script<br />
stop - Stop the script<br />
status - Check the status to see if it is running or not<br />
report - Create a report from the log file<br />
showlog - Examine the contents of the log file<br />
install - Install the script<br />
uninstall - Uninstall the script<br />
init - Archive the existing log file and create a new log file.<br />
usage - See the usage of the script<br />
<br />
<b>Sample Log</b><br />
The following is a sample log as seen by running "ispReport report".<br />
<br />
2010/12/28 10:29:47|yahoo.com|0|ping: cannot resolve yahoo.com: Unknown host<br />
2010/12/28 10:29:47|abc.com|0|ping: cannot resolve abc.com: Unknown host<br />
2010/12/28 11:15:47|yahoo.com|12|47.776/51.426/63.937/2.684<br />
2010/12/28 11:28:09|abc.com|26|45.276/53.851/65.548/4.271<br />
<div>
<br /></div>
The pipe (|) deliminted columns when the host is reachable are as follows:<br />
Column 1: Date and time stamp<br />
Column 2: Host being pinged<br />
Column 3: ISP State in terms of percentage up<br />
Column 4: Number of packets sent<br />
Column 5: Round-Trip Time (rtt) statistics - min/avg/max/mdev<br />
<br />
The pipe (|) deliminted columns when the host is NOT reachable are as follows:<br />
<div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Column 1: Date and time stamp</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Column 2: Host being pinged</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Column 3: ISP State in terms of percentage up</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Column 4: Error message</div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
</div>
</div>
<div>
<br /></div>
<div>
<b>Sample Report</b></div>
<div>
One of the most important things that I need to provide support is a quantification of the outage incurred. The report function provides a summary of the outage data for all dates logged in the log file.</div>
<div>
Below is a sample output from running "ispReport report".</div>
<div>
<br /></div>
<div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">This report summarizes the number of times per day </span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">that packet </span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">loss was detected over each of four </span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">packet loss percentage </span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">ranges. For example, the </span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">number in the second column represents </span><span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">the number </span><br />
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">of times that a packet loss of 1-24% was detected.</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;"><br />
</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">Date 1-24% 25-49% 50-74% 75-100%</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">2010/12/27 4 0 0 8</span></div>
<div>
<span class="Apple-style-span" style="font-family: "courier new" , "courier" , monospace;">2010/12/28 2 0 0 2</span></div>
</div>
<div>
<br />
Enjoy!<br />
<br />
<b><span class="Apple-style-span" style="color: red;"><span class="Apple-style-span" style="font-size: large;">Important Update:</span></span></b> <a href="http://www.thezonemanager.com/2011/01/isp-report-tool-v30.html">See new ispReport version 3.0</a> for the latest version of this tool.</div>
<div>
<br /></div>
<div>
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<br />
<div style="font-family: Times; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
Brad</div>
</div>
</div>
</div>
<div class="MsoNormal" style="font-family: Times;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">
<span class="Apple-style-span" style="font-family: "helvetica";"><span class="Apple-style-span" style="font-family: "times";">PS: As always, the sample scripts provided are for reference and are not supported in any way.</span></span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
Brad Diggshttp://www.blogger.com/profile/17620306971847144685noreply@blogger.com