GiGl first alpha version available

GiGl (Glycemic index/Glycemic load) is an app that I developed for personal usage. It is a fast way to check the expected response of your body to most of the commonly available foods. Key points:

  • No tracking. No adds. The app doesn’t require network permissions.
  • Insulin index (II where scientific study available).
  • Open-source.

Continue reading “GiGl first alpha version available”

Fighting SPAM with postfix and fail2ban

After detecting spammers with an RBL list you can block them for a predefined period of time with the help of fail2ban. How does it work:
– fail2ban parses mail.log
– when a spammer IP is found it is added to a temporary list
– future requests from the spammer’s IP is blocked Continue reading “Fighting SPAM with postfix and fail2ban”

Copy data from bloomberg sft with winscp cmd

It is a little bit tricky to run winscp command. Here is a working example:

  1. connect and authenticate with pre shared key
  2. synchronize all except bin,etc
  3. exit with correct exit code
  4. eventually run powershell script
@echo off
"C:\Path\WinSCP.com" ^
  /log="C:\Path\WinSCP.log" /ini=nul ^
  /command ^
    "open sftp://username@sftp.bloomberg.com/ -hostkey=""ssh-rsa 2048 AA:BB:CC:DD:EE:FF:AA:BB:CC:DD:EE:FF:00:00:00:00"" -privatekey=""C:\Path\bloomberg.ppk""" ^
    "synchronize -filemask=""|/bin/;/etc/""  local ""SFTP"""^
    "exit"

set WINSCP_RESULT=%ERRORLEVEL%
if %WINSCP_RESULT% equ 0 (
  echo Success
) else (
  echo Error
)

powershell -file sync2r.ps1
exit /b %WINSCP_RESULT%

 

Change local admin password with PowerShell

Change local admin password on multiple machines with PowerShell.

$computers = "srv1","srv2","srv3"
$adminPassword = "PAssW00rrrDdd123"
$logfile = "log.txt"
$ErrorActionPreference = 'stop'
ForEach ($computerName in $computers){
        Try { 
            
             $adminUser = [ADSI] "WinNT://$computerName/Administrator,User"
             $adminUser.SetPassword($adminPassword)

        } 
        Catch { 
            "$(get-date) :: Server:$($computerName) :: $($error[0].exception)" | Out-File -append $logfile                                          
        } 
}

 

NextCloud 12 Active Directory nested groups

Insert following query in editor:

(&(objectClass=organizationalPerson)(|(memberof:1.2.840.113556.1.4.1941:=CN=NextCloudUsers,OU=Groups,DC=domain,DC=com)(memberof:1.2.840.113556.1.4.1941:=CN=NextCloudAdmins,OU=Groups,DC=domain,DC=com)))

 

Test it:

 

root@nc:/home/user# ldapsearch     -x -h 10.40.aa.bbb     -D "user@domain.com"     -W     -b "dc=domain,dc=com"     -s sub "(&(objectClass=organizationalPerson)(|(memberof:1.2.840.113556.1.4.1941:=CN=NextCloudUsers,OU=Groups,DC=domain,DC=com)(memberof:1.2.840.113556.1.4.1941:=CN=NextCloudAdmins,OU=Groups,DC=domain,DC=com)))" cn mail sn

 

FC Adapter HBA Attributes

Get-WmiObject -class MSFC_FCAdapterHBAAttributes -computername localhost -namespace "root\WMI" | Select-Object DriverVersion, FirmwareVersion, Manufacturer, Model, SerialNumber, ModelDesc
ription, @{expression ={(($_.NodeWWN) | ForEach-Object {"{0:x}" -f $_}) -join ":"};label="WWN"} |Format-Table -AutoSize
Model SerialNumber ModelDescription WWN
----- ------------ ---------------- ---
AJ763B/AH403A 5CF644034W HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:f7:96:54
AJ763B/AH403A 5CF644034W HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:f7:96:55

All cluster’s WWN

Invoke-Command -ComputerName  cl2n1,cl2n2,cl2n3,cl2n4,cl2n5 -ScriptBlock {$env:computername;Get-WmiObject -class MSFC_FCAdapterHBAAttributes -computername localhost -namespace "root\WMI"
| Select-Object DriverVersion, FirmwareVersion, Manufacturer, Model, SerialNumber, ModelDescription, @{expression ={(($_.NodeWWN) | ForEach-Object {"{0:x}" -f $_}) -join ":"};label="WWN"} |Format-Table -AutoSize}
CL2N1

DriverVersion FirmwareVersion Manufacturer       Model         SerialNumber ModelDescription                     WWN
------------- --------------- ------------       -----         ------------ ----------------                     ---
11.0.247.8000 2.02X13         Emulex Corporation AJ763B/AH403A 5CF33602NS   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ
11.0.247.8000 2.02X13         Emulex Corporation AJ763B/AH403A 5CF33602NS   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ


CL2N5

DriverVersion FirmwareVersion Manufacturer       Model         SerialNumber ModelDescription                     WWN
------------- --------------- ------------       -----         ------------ ----------------                     ---
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF644034W   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF644034W   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ


CL2N4

DriverVersion FirmwareVersion Manufacturer       Model         SerialNumber ModelDescription                     WWN
------------- --------------- ------------       -----         ------------ ----------------                     ---
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF644024S   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF644024S   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ


CL2N3

DriverVersion FirmwareVersion Manufacturer       Model         SerialNumber ModelDescription                       WWN
------------- --------------- ------------       -----         ------------ ----------------                       ---
11.1.145.16   2.03X6          Emulex Corporation AJ762A/AH402A 5CF2120587   HP 8Gb Single Channel PCI-e 2.0 FC HBA 20:0:0:0:c9:XX:YY:ZZ
11.1.145.16   2.03X6          Emulex Corporation AJ762A/AH402A 5CF2120583   HP 8Gb Single Channel PCI-e 2.0 FC HBA 20:0:0:0:c9:XX:YY:ZZ


CL2N2

DriverVersion FirmwareVersion Manufacturer       Model         SerialNumber ModelDescription                     WWN
------------- --------------- ------------       -----         ------------ ----------------                     ---
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF33602P9   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ
11.1.145.16   2.03X6          Emulex Corporation AJ763B/AH403A 5CF33602P9   HP 8Gb Dual Channel PCI-e 2.0 FC HBA 20:0:0:90:fa:XX:YY:ZZ

 

Adaptive DDOS IDS firewall

We had a task to build a simple solution for DDOS protection on the learning phase of attack. Main goals were:

  1. To build it fast: We chose Ubuntu … as everything needed is compiled and build in.
  2. Minimum network intervention: We opted for L2/L3 bridge with iptables integration which we plugged between our autonomous system (AS) and internet.
  3. Auto learning offenders: Using honeypot service to distinguish non-legitimate connections. Log source IP address and drop packet with iptables. Using suricata ids to additionally analyze client requests.
  4. Auto block offenders: Using fail2ban to pars logs generated by iptables and suricata and temporary disable all connections from offending sources.
  5. Have some connection limit capabilities: Again we used iptables with connlimit and conntrack modules activated.

Continue reading “Adaptive DDOS IDS firewall”