All public logs
From Notes_Wiki
Combined display of all available logs of Notes_Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)- 12:39, 4 December 2023 Saurabh talk contribs created page Securing organizations IT infrastructure from modern threats (Created page with "Home > Security tips > Securing organizations IT infrastructure from modern threats To secure an organization against modern threats consider following: ; User VLANs gateway at firewall : All VLANs should be only L2 at core / distribution / access level. Gateway for all users should be at perimeter firewall. All traffic between two user VLANs should go via firewall. : In this case have separate VLANs for printers, Biometric devices, CCTV, etc....")
- 05:47, 12 November 2023 Saurabh talk contribs created page Rocky 9.x Network Configuration (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Network Configuration *Rocky 9.x Look at network interface statistics Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Network Configuration")
- 05:47, 12 November 2023 Saurabh talk contribs created page Rocky 9.x Look at network interface statistics (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Network Configuration > Look at network interface statistics =Look at per interface statistics= Per-interface statistics can be seen at: <pre> /sys/class/net/<interface-name>/statistics </pre> Refer: * https://stackoverflow.com/questions/349576/linux-re...")
- 05:17, 12 November 2023 Saurabh talk contribs created page Unable to login into ESXi host web UI or SSH (Created page with "Home > VMWare platform > VMWare vSphere or ESXi > Unable to login into ESXi host web UI or SSH If you are unable to login to ESXi Web UI and even SSH while the same password is working on ESXi DCUI console ( https://kb.vmware.com/s/article/2148363 ) then it is possible that ESXi is locked. Through DCUI console disable ESXi lockdown mode and after that the Web UI and SSH login should work. Refer: * https://communities.vmware.com/t5/ESXi-Discus...")
- 05:13, 12 November 2023 Saurabh talk contribs created page Convert image to base64 (Created page with "Home > Online tools and utilities > Convert image to base64 While writing HTML code, it is possible to embed image directly in the HTML page instead of referring it from some other location as explained at https://www.w3docs.com/snippets/html/how-to-display-base64-images-in-html.html For this to convert image to base64 we can use online tool at: * https://www.base64encoder.io/image-to-base64-converter/ Home > Online tools and...")
- 05:04, 12 November 2023 Saurabh talk contribs created page Rocky 9.x decompress xz files (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Desktop tools and applications > Rocky 9.x decompress xz files To decompress .xz files on rocky linux we can use: # Install xz utilities #:<pre> #:: dnf -y install xz #:</pre> # Then decompress xz file using: #:<pre> #:: xz --decompress <filename> #:</pre> Refer: * https://computingforgeeks.com/how-to-extract-xz-files-on-linux/ Home...")
- 04:59, 12 November 2023 Saurabh talk contribs created page Rocky 9.x Reopening closed tabs in firefox (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Desktop tools and applications > Firefox browser > Reopening closed tabs in firefox Sometimes before closing the browser we may want to save all tabs to reopen them again later. Also a few times instead of closing another window we may close firefox browser along with all tabs....")
- 04:53, 12 November 2023 Saurabh talk contribs created page Rocky 9.x Firefox browser (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Desktop tools and applications > Firefox browser *Rocky 9.x Reopening closed tabs in firefox Home > Rocky Linux or CentOS > Rocky Linux 9.x > Desktop tools and applications > Firefox browser")
- 04:30, 15 October 2023 Saurabh talk contribs created page Windows 11 Enable clipboard history to allow pasting from multiple different clipboards (Created page with "Home > Windows > Windows 11 > Enable clipboard history to allow pasting from multiple different clipboards =Enable clipboard history in settings= It is possible to have more than one clipboard in Windows by enabling: # Go to Settings -> System -> Clipboard # Enable toggle buttom for clipboard history. Refer: * https://www.howtogeek.com/671222/how-to-enable-...")
- 05:53, 8 October 2023 Saurabh talk contribs created page Rocky 9.x Force rescan or check of xfs filesystem on reboot (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > File system management > Force rescan or check of xfs filesystem on reboot To force rescan or check of xfs filesystem on reboot use: # Edit /etc/fstab file and change values in last two columns to non-zero # Create a file using: #:<pre> #:: t...")
- 05:49, 8 October 2023 Saurabh talk contribs created page Rocky 9.x file system management (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > File system management *Rocky 9.x Force rescan or fsck of ext filesystem on reboot *Rocky 9.x Force rescan or check of xfs filesystem on reboot Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Rocky 9.x file syst...")
- 05:42, 8 October 2023 Saurabh talk contribs created page Rocky 9.x Force rescan or fsck of ext filesystem on reboot (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > File system management > Force rescan or fsck of ext filesystem on reboot We may want to enforce fsck or checking of ext partition on reboot. For that use: <pre> tune2fs -c 1 /dev/sdXY </pre> The above will cause filesystem to get scanned on...")
- 05:16, 8 October 2023 Saurabh talk contribs created page CentOS 8.x migrate to CentOS 8.x Stream (Created page with "Home > CentOS > CentOS 8.x > System Administration > Package management > CentOS 8.x migrate to CentOS 8.x Stream If you have older CentOS 8 machines they wont work now as repositories have been discontinued. To make them usable, we can migrate from CentOS to CentOS 8.x stream using: # Change all repository configuration as follows ##...")
- 05:08, 8 October 2023 Saurabh talk contribs created page CentOS 8.x Control Web panel miscellaneous issues (Created page with "Home > CentOS > CentOS 8.x > Email servers > Control Web panel > Miscellaneous issues =Disable Excessive resource usage alerts for processes= Control web panel will send periodic alerts for processes using too much resources. For example for zabbix-agent2. To disable such alerts use: # SSH to server as root # Edit file '<tt>/etc/csf...")
- 06:27, 8 September 2023 Saurabh talk contribs created page Planning for migrating a firewall (Created page with "Home > Enterprise security devices or applications > Planning for migrating a firewall While coordinating on downtime / planning for migrating to a new firewall, it makes sense to have following information : # From when to when is the downtime? # Who is the contact person available during downtime to help with: #* Cable identification (ISP1 cable, LAN cable, etc.) locally on site #* Coordiante with local users on the site if and when services are...")
- 06:14, 8 September 2023 Saurabh talk contribs created page Paloalto URL filtering (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto URL filtering =Creating desired URL filtering policy= Clone the default URL filtering policy default and configure a URL filtering policy as per organization (Eg block violence sites). The meaning of category eg business is not explained anywhere on the interface and is left up to interpretation. However there is a check URL link. https://urlfiltering.paloalt...")
- 06:10, 8 September 2023 Saurabh talk contribs created page Paloalto troubleshooting options (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options *Paloalto firewall packet capturing *Paltalto firewall Monitor Session Browser *Paltalto firewall Monitor allowed/denied traffic Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options")
- 06:10, 8 September 2023 Saurabh talk contribs created page Paltalto firewall Monitor allowed/denied traffic (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options > Paltalto firewall Monitor allowed/denied traffic Go to Monitor -> Logs -> Traffic. Here we filter for source/destination. Here unlike session monitoring we can see historic (Based on log storage capacity of firewall) sessions and whether they were allowed or denied. Example filter ( addr.dst in 192.168.0.0/24 ) Same as monitor ->...")
- 06:09, 8 September 2023 Saurabh talk contribs created page Paltalto firewall Monitor Session Browser (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto troubleshooting options > Paltalto firewall Monitor Session Browser We can monitor for sessions from specific source or to specific destinations to see whether they are even going through firewall. Once we go to Monitor -> Session Browser and configure filters. For filter click on any source / destination etc. listed and change the value. Example filter to s...")
- 06:06, 8 September 2023 Saurabh talk contribs created page Paloalto Policy based forwarding (PBF) (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto Policy based forwarding (PBF) On PBF note that: * We dont need PBF for incoming NAT reply packets. Using ECMP with symmetric return on router is enough. * Dont do PBF with a specific ISP when the same source machine LAN machine is NAT with public IP of other ISP. In that case reply packets try to use a different ISP (As per PBF) and configuration does not works...")
- 06:00, 8 September 2023 Saurabh talk contribs created page Paloalto using ECMP for active/active ISP connectivity (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > aloalto using ECMP for active/active ISP connectivity =Enabling ECMP= If organization has multiple ISPs then: # Enable ECMP in virtual router with symmetric return. We can enable up to 4 equal cost routes via ECMP # After commit check "runtime stats" local routing table of the device (Should be done on device, cant be done via panorama) and validate that we have default r...")
- 05:44, 8 September 2023 Saurabh talk contribs created page Paloalto NAT examples (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto NAT examples =NAT of public IP to private IP on a few ports= To NAT a public IP:port to private IP:port use: # Create WAN to WAN Security rule with destination as NATed public IP with all services and all ports # Create NAT rule from WAN to LAN with source IP as any and destination IP as WAN public IP. After NAT change the destination IP to LAN IP. Here in NAT...")
- 05:41, 8 September 2023 Saurabh talk contribs created page Paloalto Configure firewall for proxy DNS (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto Configure firewall for proxy DNS Palo Alto Networks firewalls can act as DNS servers for local users. By configuring DNS Proxy on the firewall, you can intercept DNS requests from internal clients and forward them to external DNS servers or resolve them locally. =Configure DNS proxy via setup and service route configuration= To check the DNS settings on a Palo A...")
- 05:34, 8 September 2023 Saurabh talk contribs created page Paloalto general notes or best practices (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto general notes or best practices =Add /32 netmask for a single IP= Adding netmask eg /32 for a single IP is important. Without this the policy / rule may get accepted and committed but does not works unless we add /32 netmask. This should be followed for all address objects without fail. Home > Enterprise security devices or applications >...")
- 04:43, 8 September 2023 Saurabh talk contribs created page Check cluster health via nagios plugin (Created page with "Home > Suse > SAP setup and maintenance > Check cluster health via nagios plugin We can monitor cluster health using nagios plugin using: '''Not tested in production''' #Create a plugin to be called via nrpe on the cluster host '<tt>/usr/lib64/nagios/plugins/cluster_check.sh</tt>' with: <source type="bash"> #!/bin/bash # Run crm status command and capture output crm_output=$(crm status 2>&1) # Check for error or warning in output, ignoring ca...")
- 04:31, 8 September 2023 Saurabh talk contribs created page Check cluster status via systemd service (Created page with "Home > Suse > SAP setup and maintenance > Check cluster status via systemd service We can check cluster status via a systemd script using: '''Not tested in production''' # Setup outgoing email via postfix on the system so that email can be sent using mail command via CentOS 8.x postfix send email through relay or smarthost with smtp authentication # Create a systemd script '<tt>/etc/systemd/system/cluster_status_check.service</tt>' with: <s...")
- 05:56, 19 July 2023 Saurabh talk contribs created page Rocky 9.x Add UEFI boot option in BIOS (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Add UEFI boot option in BIOS If for some reason UEFI boot option from BIOS for Rocky is removed and you want to add it again use: # Disable secure boot. This may require shimx64 efi image # Add a new option for Rocky pointing to '<tt>EFI/rocky/grubx64.efi</tt>' file under EFI boot partition # Eithe...")
- 10:47, 16 June 2023 Saurabh talk contribs created page Ubuntu 20.04 Zabbix agent installation (Created page with "Home > Ubuntu > Server or Desktop administration > Ubuntu 20.04 Zabbix agent installation To install Zabbix agent in Ubuntu 20.04 machine use: # Install Zabbix repository #:<pre> #:: wget https://repo.zabbix.com/zabbix/6.4/ubuntu/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu20.04_all.deb #:: dpkg -i zabbix-release_6.4-1+ubuntu20.04_all.deb #:: apt update #:</pre> # Install Zabbix agent using: #:<...")
- 08:39, 16 June 2023 Saurabh talk contribs created page Monitor esxi resource utilization via esxtop command (Created page with "Home > VMWare platform > VMWare vSphere or ESXi > Monitor esxi resource utilization via esxtop command esxtop is a command-line tool that provides real-time information about resource usage in your ESXi environment. It can provide you with a wealth of data on CPU, memory, disk, and network usage. Here's a step-by-step guide on how to use esxtop to monitor an ESXi host: # Connect to the ESXi host via SSH #: This assumes SSH to ESXi host is ena...")
- 07:50, 16 June 2023 Saurabh talk contribs created page Cisco ASA firewall (Created page with "Home > Enterprise security devices or applications > Cisco ASA firewall *Cisco ASA firewall basic initialization Home > Enterprise security devices or applications > Cisco ASA firewall")
- 07:50, 16 June 2023 Saurabh talk contribs created page Cisco ASA firewall basic initialization (Created page with "Home > Enterprise security devices or applications > Cisco ASA firewall > Basic initialization Consider requirement as follows to initialize a ASA firewall: * DMZ IP of 192.168.11.1/24 for servers * WAN public IP 1.1.11.213/30 for Internet * LAN IP of 192.168.100.1/24 for LAN users * Additional 192.168.10.0 subnet for LAN accessible via L3 switch 192.168.100.2 * Outgoing internet access for LAN users from...")
- 07:06, 16 June 2023 Saurabh talk contribs created page VMWare Platform Miscellaneous (Created page with "Home > VMWare platform > VMWare Platform Miscellaneous *VMWare Useful Links Home > VMWare platform > VMWare Platform Miscellaneous")
- 07:06, 16 June 2023 Saurabh talk contribs created page VMWare Useful Links (Created page with "Home > VMWare platform > VMWare Platform Miscellaneous > VMWare Useful Links We can use following useful links related to VMWare platform: ; Configuration Maximums : We can find out maximum limit eg no. of datastores, no. of hosts, no. of VLANs, etc. for any particular VMWare product version using https://configmax.esp.vmware.com/home ; Product Interopibility Matrix : We can check whether products will work together or not. Eg Whether a parti...")
- 06:52, 16 June 2023 Saurabh talk contribs created page Proxmox Change disk configuration of VM with snapshots (Created page with "Home > Debian > Proxmox virtual environment > Proxmox Change disk configuration of VM with snapshots In proxmox we can take snapshots of the VM. However, if we want to change existing disks (eg remove one hard-disk) and then add another new hard-disk then there is concern on how will snapshots be effective if a disk is removed / added. Thus, for a example requirement where we need to remove a old disk from a Linux VM and add a new disk with...")
- 08:53, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Package management (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management *Rocky 9.x Erlang installation Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management")
- 08:53, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Erlang installation (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Package management > Erlang installation At the time of this writing erlang package was not available as part of Rocky 9.x repos listed below: ; appstream : Rocky Linux 9 - AppStream ; baseos : Rocky Linux 9 - BaseOS ; epel : Extra Packages for Enterprise Linux 9 - x86_64 ; e...")
- 08:13, 15 June 2023 Saurabh talk contribs created page Paloalto give static management IP to new firewall (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Paloalto give static management IP to new firewall After deploying a new virtual or physical palo-alto firewall use following on console to assign management IP: # Login with admin/admin #: Note that it may not work immediately. You may have to wait 5-10 minutes for it to work # During first login firewall will force to change default admin password # Then use below to as...")
- 07:57, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Upgrade Rocky 8.x to Rocky 9.x (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Upgrade Rocky 8.x to Rocky 9.x To upgrade from Rocky 8 to Rocky 9 use: # Ensure sufficient free space in / before proceeding # Go to URL https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/r/ # Note package names for rocky-release, rocky-repos and rocky-gpg-keys. Eg at time of t...")
- 07:55, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Upgrade from CentOS Stream to Rocky (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > Upgrade from CentOS Stream to Rocky The below steps would work both on CentOS Stream 8 and CentOS Stream 9, to convert them to Rocky 8.x or Rocky 9.x appropriately. # Ensure sufficient free space in / before proceeding # Update to latest packages in CentOS Stream using: #:<pre> #:: dnf updat...")
- 07:22, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Information tools (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools *Rocky 9.x atop '''There is older information on other tools at Information tools''' Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools")
- 07:22, 15 June 2023 Saurabh talk contribs created page Rocky 9.x atop (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Information tools > atop =About atop= Atop is a more comprehensive monitoring tool. It looks at CPU, RAM, hdd, etc. all parameters while monitoring. This can be useful if combination of various parameters need to be monitored using same tool. To start atop use: <pre> atop </pre> =Using atop for system activity recording similar to sar= Atop can...")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Syslog servers (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers *Rocky 9.x rsyslog server Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x rsyslog server (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server *Rocky 9.x Setup rsyslog server for accepting remote device logs '''There are older articles on rsyslog at:''' Rsyslog configuration Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server")
- 07:11, 15 June 2023 Saurabh talk contribs created page Rocky 9.x Setup rsyslog server for accepting remote device logs (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 9.x > Syslog servers > rsyslog server > Setup rsyslog server for accepting remote device logs To setup a new rsyslog server on Rocky 9.x use: # Install rsyslog package via: #:<pre> #:: dnf -y install rsyslog #:</pre> # Disable SELinux (setenforce 0, edit /etc/sysconfig/selinux) # Di...")
- 06:58, 15 June 2023 Saurabh talk contribs created page Sophos Connect to passive firewall when two firewall are in active/passive HA (Created page with "Home > Enterprise security devices or applications > Sophos Firewall or IPS > Sophos Connect to passive firewall when two firewall are in active/passive HA When two firewalls are in active/passive HA, if we connect to LAN/WAN IPs over https or ssh, we get connected only to active firewall. If we want to check something specific about passive firewall then we can ssh to passive firewall from active firewall. Thus, first we need to SSH to activ...")
- 11:52, 14 June 2023 Saurabh talk contribs created page Enable IPv6 and IGMP snooping on VLAN 3939 required for VxRail (Created page with "Home > VMWare platform > VxRail > Enable IPv6 and IGMP snooping on VLAN 3939 required for VxRail VxRail by default requires VLAN 3939 for nodes to discover each other. Ideally on this VLAN we should enable IGMP snooping and IPv6. The same can be done for a few switch makes as follows: =Dell switch= <pre> config t ip igmp snooping enable ipv6 mld snooping enable exit show ipv6 mld snooping interface vlan 3939 </pre> =Aruba or HP...")
- 13:39, 11 June 2023 Saurabh talk contribs created page Panorama NAT examples (Created page with "Home > Enterprise security devices or applications > Paloalto firewall > Panorama NAT examples =NAT from public IP to private IP via panorama only for a specific destination= When packets are coming from a specific WAN IP (Src-pub-IP1) and going to a specific WAN public IP (dst-pub-IP2) and need to be translated to a LANIP (dst-priv-IP3) for a specific service on port (service-port1) then we need to do following configuration in panorama: ==Pol...")
- 07:22, 11 June 2023 Saurabh talk contribs created page Managing windows services using sc command (Created page with "Home > Windows > Windows Desktop Tools or Utilities > Managing windows services using sc command Normally we can go to Services option in control panel (or under computer management) to look at status of various services and start/stop them. However there is also option to start/stop service via commandline. =Finding name of service= Look at servicename in properties of service when opened using services under control panel =Start service fr...")
- 07:14, 11 June 2023 Saurabh talk contribs created page CentOS 8.x Unattended nomachine (Created page with "Home > CentOS > CentOS 8.x > CentOS 8.x remote access > nomachine > Unattended nomachine In case of machine which is only booted but no graphical user login has been done yet, nomachine remote may not work. In such cases if nomachine is leading to blank screen then try: # Edit '<tt>/usr/NX/etc/server.cfg</tt>' and set: #:<pre> #:: CreateDisplay 1 #:: DisplayOwner "saurabh" #:</pre>...")
- 07:08, 11 June 2023 Saurabh talk contribs created page Rocky 8.x New laptop OS configuration (Created page with "Home > Rocky Linux or CentOS > Rocky Linux 8.x > System Administration > Rocky 8.x New laptop OS configuration =OS installation= # Prepare bootable Rocky Linux 8 USB using: #:<pre> #:: dd if=Rocky-8.7-x86_64-dvd1.iso of=/dev/sdd #:: sync #:</pre> #::'''Assumes umount /dev/sdd* is done and that /dev/sdd does not has any critical data''' before itself. #: This can also be done using Rufus in Windows by using dd...")