Lab 1: Terms Topics - adaley0518/Tech_Journal GitHub Wiki

Remote PowerShell Session

Since I did research to find out how to run a PowerShell session this seemed like a good topic to include and how to run a PowerShell Command. A PowerShell session is very similar to SSH as it lets you run commands or access full PowerShell sessions on a remote Windows system.

Configuration:

  1. Open PowerShell as admin
  2. must be in the directory C:\Windows\system32>
  3. command: Enter-PSRemoting -Force (force allows you to do this without continues prompts for each step)
  4. command: Set-Item wsman:\localhost\client\trustedhosts * (the * is for all PC but you can replace with ad01 for specific PCs)(y for yes)
  5. command: Restart-Service WinRM
  6. It is important to test the connection with the command: Test-WsMan ad01-amber
  7. Should see information if successful
  8. command: Enter-PSSession -ComputerName ad01-amber

SNMP/SNMP Query

This topic was mentioned in the lab and I wanted to understand more about it. SNMP is an application layer protocol. It is one of the most commonly used communications protocols online. SNMP is used to talk to the network to find out information related to the network device activity. SNMP Query shows how much snmp information is available on a given system. The command used to find out this information at least for the lab I did is: snmpwalk -Os -c SYS265 -v2c ad01-amber | wc -l.

TCPDump

This is a term I have heard a lot but do not know anything about. I was able to find out that a tcpdump is a data-network packet that allows the user to display TCP/IP, or other packets, being transmitted or received over a network the computer is attached too. Overall, this a fancy way of capturing network traffic kinda like Wireshark just command based. In the lab, we were able to use a tcpdump to do a query nmon01 from web01.