📕 SYS 265 - tconklin-champlain/Tech-Journal GitHub Wiki

🚩💡💣 MAKE SURE TO CONFIGURE LAN ON VSPHERE!

hell

🚩Server Locations

Server IP OS
ad01-timothy 10.0.5.5 Windows Server 2019 Core
fw01-timothy WAN:10.0.17.111 LAN: 10.0.5.2 (Default Gateway) pfSense 2.5.2
mgmt01-timothy 10.0.5.10 Windows Server 2019
web01-timothy 10.0.5.200 CentOS7
wks01-timothy 10.0.5.100 Windows 10
nmon01-timothy 10.0.5.11 CentOS7

Routing and Windows

🚩Creating a new Super User on Windows:

  1. Enter lusrmgr.msc into the searchbar
  2. Add new user be sure to check off Password never expires
  3. Add user to local admin's group

Installing Active Directory without a GUI and making a new domain on Server Core:

  1. Invoke powershell
  2. Install AD Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
  3. Create a new Forest Intall-ADDSForest -DomainName yourname.local

Joining a Windows PC to a new Domain through Powershell:

  1. Run powershell
  2. Enter add-computer –domainname yourname.local -restart

Powershell Commands to review Domain/DNS records:

Command Description
Get-ADComputer -Filter * Query AD for computers
Get-ADUser -filter 'Name -like "name here*"' -Properties MemberOf Enumerate Domain Users
Get-DnsClientServerAddress Print DNS Server Address
Get-DnsServerResourceRecord -ZoneName timothy.local -ComputerName ad01-timothy -RRType A Get DNS A Records
Get-DnsServerResourceRecord -ZoneName 5.0.10.in-addr.arpa -ComputerName ad01-timothy -RRType PTR Get DNS PTR Records

Network Management

🚩Setting up Linux Network:

linux_network

SNMP on pfSense:

  1. Enabling
    snmp_enable
  2. Restarting
    snmp_restart

💡 SCROLLING IN TERMINAL To scroll up and down in CentOS/Linux in general you use Ctrl+A && Esc then use the UP/DOWN keys or PgUP/PgDOWN. OR Shift+the UP/DOWN keys or PgUP/PgDOWN.

Setting up SNMP utilities:

Command Description
yum install net-snmp-utils installl the snmp utility
snmpwalk -Os -c 'community string' -v2c host system lookup the snmp MIB file of a server?

DHCP

Installing DHCP on Windows Server Core

  1. Install-WindowsFeature DHCP -IncludeManagementTools

Configuring DHCP Scopes

  1. Add-DhcpServerv4Scope -Name "Internal" -StartRange 10.0.5.150 -EndRange 10.0.5.175 -SubnetMask 255.255.255.0 -Description "Internal Network"
  2. Set-DhcpServerv4OptionValue -DNSServer 10.0.5.5 -DNSDomain timothy.local -Router 10.0.5.2
  3. Add-DhcpServerInDC -DNSName timothy.local

Network Managment

Researching Best Pick

Configuring Nagios-Core:

Nagios Tutorial for CentOS 7

  1. Install Prereqs. yum install httpd php php-cli gcc glibc glibc-common gd gd-devel net-snmp openssl-devel wget unzip -y
  2. Create User and Add to Group
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
  1. Download and Install Nagios
cd /tmp
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz
wget http://www.nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
tar zxf nagios-4.1.1.tar.gz
tar zxf nagios-plugins-2.1.1.tar.gz
cd nagios-4.1.1
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
  1. Make Password for Admin Login
Login nagiosadmin
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
  1. Install Plugins
cd /tmp/nagios-plugins-2.1.1
./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
make all
make install

💡 Make sure to allow tcp/80 in firewall!

Installing Nagios on Clients

Troubleshoot

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

💡 THIS TOOK FUCKING 12 HOURS FUCK EVERY 2009 TUTORIAL THAT FORGOT TO INCLUDE CRUCIAL PARTS

NRPE Tutorial for Linux Client

Linux

💣 Whenever you copy a new server to the nagios server files make sure on everyone after the first to delete the host groups so they dont replicate the command.

  1. Do Quick Install
sudo -i
yum wget -y
cd /tmp
wget http://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz
tar xzf linux-nrpe-agent.tar.gz
cd linux-nrpe-agent
./fullinstall
  1. Edit the nrpe.cfg in /usr/local/nagios/etc/nrpe.cfg
  2. Go to Nagios Server copy the localuser.cfg in /usr/local/nagios/etc/objects/ then move it to /usr/local/nagios/etc/servers name it whatever you want
  3. Edit the nagios.cfg in /usr/local/nagios/etc/nagios.cfg make sure to uncomment the #servers in the config to allow it to find your new server
  4. Restart the xinetd service

Windows

  1. Download/Install NSCP for Windows
  2. Follow typical Install
  3. Add a firewall exception for port 12489 so NSCP can communicate with nagios server
  4. Change the firewall rule File/Printer IPv4 Echo Request and enable it
  5. Switch to Nagios Server
  6. Edit the /usr/local/nagios/etc/objects/windows.cfg
  7. Use :1,$ s/winserver/hostname/g to change all entries
  8. Add a firewall exception for port 12489 on nagios server

VyOS

Default Credentials

VyOS Default Credentials
Username: vyos
Password: vyos
  1. install image to begin a permanent install instead of live
  2. Configure the Server
configure
set system login user vyos authentication plaintext-password YOURPASSWORD
set system host-name fw1-yourname
set system name-server 10.0.17.2

delete interfaces ethernet eth0 address dhcp
set interfaces ethernet eth0 address YOUR.WAN.IP/24


delete interfaces ethernet eth1 address dhcp
set interfaces ethernet eth1 address 10.0.5.2/24

delete service ssh listen-address 0.0.0.0
set service ssh listen-address 10.0.5.2

set nat source rule 10 description 'NAT to SYS265-WAN'
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 10.0.5.0/24
set nat source rule 10 translation address masquerade


set protocols static route 0.0.0.0/0 next-hop 10.0.17.2


set service dns forwarding allow-from 10.0.5.0/24
set service dns forwarding listen-address 10.0.5.2
set service dns forwarding system
commit
save

💡 YOUR GATEWAY and WAN are different

Docker

Downloading Docker

  1. Installing using a repository
 sudo apt-get remove docker docker-engine docker.io containerd runc
 sudo apt-get update
 sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
 
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
 
 echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  1. Installing Docker Engine
 sudo apt-get update
 sudo apt-get install docker-ce docker-ce-cli containerd.io

 sudo apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io

 sudo docker run hello-world
  1. Auto Install
 curl -fsSL https://get.docker.com -o get-docker.sh
 DRY_RUN=1 sh ./get-docker.sh

Creating a Dockerized PLEX Server

docker pull plexinc/pms-docker

docker run \
-d \
--name plex \
--network=host \
-e TZ="<timezone>" \
-e PLEX_CLAIM="<claimToken>" \
-v <path/to/plex/database>:/config \
-v <path/to/transcode/temp>:/transcode \
-v <path/to/media>:/data \
plexinc/pms-docker

Setting Up Ubuntu Server

Command Description
ip a Show Network Interfaces
ethtool (interface) Show ethernet settings
hostnamectl set-hostname new-hostname Change hostname no reboot
ufw allow port/protocol Allow port in firewall

Create a Netplan config file

vi /etc/netplan/00-installer-config.yaml

  1. If you want you can do this manually instead using 99_config.yaml STATIC IP
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      addresses:
        - 10.10.10.2/24
      routes:
        - to: default
          via: 192.168.1.1
      nameservers:
          search: [mydomain, otherdomain]
          addresses: [10.10.10.1, 1.1.1.1]

sudo netplan apply

Docker Commands

Command Description
docker run -d --detach Run container in background and print container ID
docker run -P --publish-all Publish all exposed ports to random ports
docker ps Show current running containers
docker port 'container' Show ports used by container

Git and Linux SSH Script

Git Commands

Command Description
git clone clone a repository
git add add file contents to index
git status show working tree status
git config --global --edit configure the git global options
git commit record changes to repository
git push push changes to repository
git pull pull changes from git repository
git checkout compare local repository to git repository and will re-add any deleted files

Git on Windows

  1. Download here Git on windows
  2. Follow all steps default install

Shell Scripting

Resource: Resource

AD GPO

OU GUI

Creation

  1. Server Manager -> Local Server
  2. Active Directory Users & Computers
  3. Select Domain -> New OU

Deletion

  1. View -> Advanced Features
  2. Go into properties change accidental deletion
  3. Delete the OU

Moving

  1. Drag and Drop

Event Viewer

  1. Self explanatory

OU Powershell

# OU Creation
New-ADOrganizationalUnit "NAME OF OU"

# OU Deletion
$ou = "TARGET" 
Set-ADOrganizationalUnit -Identity $ou -ProtectedFromAccidentalDeletion $false Remove-ADOrganizationalUnit -Identity $ou -Confirm:$false -Verbose

# Moving Items
MoveADObject -Identity "OBJECT TO MOVE" -TargetPath "PATH TO TARGET" -Verbose (For good measure)

Network Project

TrueNAS

Setup:

  1. Downlaod
  2. VMware Settings:
  3. Root Password: toor
  4. Boot via BIOS
⚠️ **GitHub.com Fallback** ⚠️