📕 SYS 265 - tconklin-champlain/Tech-Journal GitHub Wiki
Server | IP | OS |
---|---|---|
ad01-timothy | 10.0.5.5 | Windows Server 2019 Core |
fw01-timothy | WAN:10.0.17.111 LAN: 10.0.5.2 (Default Gateway) | pfSense 2.5.2 |
mgmt01-timothy | 10.0.5.10 | Windows Server 2019 |
web01-timothy | 10.0.5.200 | CentOS7 |
wks01-timothy | 10.0.5.100 | Windows 10 |
nmon01-timothy | 10.0.5.11 | CentOS7 |
- Enter lusrmgr.msc into the searchbar
- Add new user be sure to check off Password never expires
- Add user to local admin's group
- Invoke
powershell
- Install AD
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
- Create a new Forest
Intall-ADDSForest -DomainName yourname.local
- Run
powershell
- Enter
add-computer –domainname yourname.local -restart
Command | Description |
---|---|
Get-ADComputer -Filter * |
Query AD for computers |
Get-ADUser -filter 'Name -like "name here*"' -Properties MemberOf |
Enumerate Domain Users |
Get-DnsClientServerAddress |
Print DNS Server Address |
Get-DnsServerResourceRecord -ZoneName timothy.local -ComputerName ad01-timothy -RRType A |
Get DNS A Records |
Get-DnsServerResourceRecord -ZoneName 5.0.10.in-addr.arpa -ComputerName ad01-timothy -RRType PTR |
Get DNS PTR Records |
- Enabling
- Restarting
💡 SCROLLING IN TERMINAL To scroll up and down in CentOS/Linux in general you use Ctrl+A && Esc then use the UP/DOWN keys or PgUP/PgDOWN. OR Shift+the UP/DOWN keys or PgUP/PgDOWN.
Command | Description |
---|---|
yum install net-snmp-utils | installl the snmp utility |
snmpwalk -Os -c 'community string' -v2c host system | lookup the snmp MIB file of a server? |
Install-WindowsFeature DHCP -IncludeManagementTools
Add-DhcpServerv4Scope -Name "Internal" -StartRange 10.0.5.150 -EndRange 10.0.5.175 -SubnetMask 255.255.255.0 -Description "Internal Network"
Set-DhcpServerv4OptionValue -DNSServer 10.0.5.5 -DNSDomain timothy.local -Router 10.0.5.2
Add-DhcpServerInDC -DNSName timothy.local
- nagios(Core only) Video Playlist
- cacti Video Playlist
- sensu Video Playlist
- zenoss Video Playlist
- zabbix Video
- opennms Video Playlist
- pandora fms Video
- Install Prereqs.
yum install httpd php php-cli gcc glibc glibc-common gd gd-devel net-snmp openssl-devel wget unzip -y
- Create User and Add to Group
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
- Download and Install Nagios
cd /tmp
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz
wget http://www.nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
tar zxf nagios-4.1.1.tar.gz
tar zxf nagios-plugins-2.1.1.tar.gz
cd nagios-4.1.1
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
- Make Password for Admin Login
Login | nagiosadmin |
---|---|
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin |
- Install Plugins
cd /tmp/nagios-plugins-2.1.1
./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
make all
make install
💡 Make sure to allow tcp/80 in firewall!
Troubleshoot
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
💡 THIS TOOK FUCKING 12 HOURS FUCK EVERY 2009 TUTORIAL THAT FORGOT TO INCLUDE CRUCIAL PARTS
💣 Whenever you copy a new server to the nagios server files make sure on everyone after the first to delete the host groups so they dont replicate the command.
- Do Quick Install
sudo -i
yum wget -y
cd /tmp
wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz
tar xzf linux-nrpe-agent.tar.gz
cd linux-nrpe-agent
./fullinstall
- Edit the nrpe.cfg in
/usr/local/nagios/etc/nrpe.cfg
- Go to Nagios Server copy the localuser.cfg in
/usr/local/nagios/etc/objects/
then move it to/usr/local/nagios/etc/servers
name it whatever you want - Edit the nagios.cfg in
/usr/local/nagios/etc/nagios.cfg
make sure to uncomment the #servers in the config to allow it to find your new server - Restart the xinetd service
- Download/Install NSCP for Windows
- Follow typical Install
- Add a firewall exception for port 12489 so NSCP can communicate with nagios server
- Change the firewall rule File/Printer IPv4 Echo Request and enable it
- Switch to Nagios Server
- Edit the
/usr/local/nagios/etc/objects/windows.cfg
- Use
:1,$ s/winserver/hostname/g
to change all entries - Add a firewall exception for port 12489 on nagios server
VyOS | Default Credentials |
---|---|
Username: | vyos |
Password: | vyos |
-
install image
to begin a permanent install instead of live - Configure the Server
configure
set system login user vyos authentication plaintext-password YOURPASSWORD
set system host-name fw1-yourname
set system name-server 10.0.17.2
delete interfaces ethernet eth0 address dhcp
set interfaces ethernet eth0 address YOUR.WAN.IP/24
delete interfaces ethernet eth1 address dhcp
set interfaces ethernet eth1 address 10.0.5.2/24
delete service ssh listen-address 0.0.0.0
set service ssh listen-address 10.0.5.2
set nat source rule 10 description 'NAT to SYS265-WAN'
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 10.0.5.0/24
set nat source rule 10 translation address masquerade
set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
set service dns forwarding allow-from 10.0.5.0/24
set service dns forwarding listen-address 10.0.5.2
set service dns forwarding system
commit
save
💡 YOUR GATEWAY and WAN are different
- Installing using a repository
sudo apt-get remove docker docker-engine docker.io containerd runc
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
- Installing Docker Engine
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io
sudo docker run hello-world
- Auto Install
curl -fsSL https://get.docker.com -o get-docker.sh
DRY_RUN=1 sh ./get-docker.sh
docker pull plexinc/pms-docker
docker run \
-d \
--name plex \
--network=host \
-e TZ="<timezone>" \
-e PLEX_CLAIM="<claimToken>" \
-v <path/to/plex/database>:/config \
-v <path/to/transcode/temp>:/transcode \
-v <path/to/media>:/data \
plexinc/pms-docker
Command | Description |
---|---|
ip a | Show Network Interfaces |
ethtool (interface) | Show ethernet settings |
hostnamectl set-hostname new-hostname | Change hostname no reboot |
ufw allow port/protocol | Allow port in firewall |
vi /etc/netplan/00-installer-config.yaml
- If you want you can do this manually instead using 99_config.yaml STATIC IP
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses:
- 10.10.10.2/24
routes:
- to: default
via: 192.168.1.1
nameservers:
search: [mydomain, otherdomain]
addresses: [10.10.10.1, 1.1.1.1]
sudo netplan apply
Command | Description |
---|---|
docker run -d --detach | Run container in background and print container ID |
docker run -P --publish-all | Publish all exposed ports to random ports |
docker ps | Show current running containers |
docker port 'container' | Show ports used by container |
Command | Description |
---|---|
git clone | clone a repository |
git add | add file contents to index |
git status | show working tree status |
git config --global --edit | configure the git global options |
git commit | record changes to repository |
git push | push changes to repository |
git pull | pull changes from git repository |
git checkout | compare local repository to git repository and will re-add any deleted files |
- Download here Git on windows
- Follow all steps default install
Resource: Resource
Creation
- Server Manager -> Local Server
- Active Directory Users & Computers
- Select Domain -> New OU
Deletion
- View -> Advanced Features
- Go into properties change accidental deletion
- Delete the OU
Moving
- Drag and Drop
Event Viewer
- Self explanatory
# OU Creation
New-ADOrganizationalUnit "NAME OF OU"
# OU Deletion
$ou = "TARGET"
Set-ADOrganizationalUnit -Identity $ou -ProtectedFromAccidentalDeletion $false Remove-ADOrganizationalUnit -Identity $ou -Confirm:$false -Verbose
# Moving Items
MoveADObject -Identity "OBJECT TO MOVE" -TargetPath "PATH TO TARGET" -Verbose (For good measure)
- Downlaod
- VMware Settings:
- Root Password: toor
- Boot via BIOS