tag:blogger.com,1999:blog-324692192024-03-12T23:19:10.524-05:00My MCPWorking as a Systems Administrator for Small and Medium CompaniesSteve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.comBlogger195125tag:blogger.com,1999:blog-32469219.post-7016736842556784592014-02-12T11:40:00.000-06:002014-02-12T11:40:12.021-06:00MySQL 5.6 GTIDs replication and HAProxyI've been thinking about this for a few weeks now. We currently run a <a href="http://www.percona.com/software/percona-xtradb-cluster" target="_blank">Percona XtraDB</a> cluster with <a href="http://www.percona.com/doc/percona-xtradb-cluster/5.5/howtos/haproxy.html" target="_blank">HAProxy</a> installed on each of our application servers. While this provides some good redundancies, the HAProxies don't know how busy the DB nodes are and it won't continue to scale well.<br />
<br />
To that end, we're looking to break up the <a href="http://www.percona.com/software/percona-xtradb-cluster" target="_blank">Percona XtraDB cluster</a> into a more traditional <a href="http://www.alexwilliams.ca/blog/2009/08/10/using-haproxy-for-mysql-failover-and-redundancy/" target="_blank">Master - Master setup with multiple slaves under each master and HAProxy</a> installed on a pair of servers with a VIP handled by <a href="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/carp.html" target="_blank">CARP</a> (technically <a href="http://manpages.ubuntu.com/manpages/saucy/man8/ucarp.8.html" target="_blank">ucarp</a>).<br />
<br />
But I'm looking towards the future of MySQL 5.6, the new GTIDs replication, and how to setup HAProxy for that configuration. To that end, in the next week or so I'm going to setup some virtual machines to test this all out with.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0Milwaukee, WI, USA43.0389025 -87.90647360000002742.6676395 -88.551920600000031 43.4101655 -87.261026600000022tag:blogger.com,1999:blog-32469219.post-21382603107349063292013-09-20T00:00:00.000-05:002013-09-20T00:00:07.676-05:00Copying one file to multiple directoriesJust a simple post to remind me how to do this in the future.<br />
<br />
I needed to copy a new image to sixty (60) client directories, and symlinking like we would normally do was not an option. Thankfully xargs came to the rescue once again. I found my answer <a href="http://stackoverflow.com/a/195972/391597">here</a>, but I wasn't going to type out the full paths for each of the sixty directories.<br />
<br />
# echo /somedir/*/pub/product/images/ | xargs -n 1 cp -va preview_unavailable.png<br />
<br />
<br />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-77209065506434039542012-05-11T12:00:00.000-05:002012-05-11T12:00:02.608-05:00FreeBSD Crontabs locationThis is a quick blog post, mainly for my notes. In FreeBSD the users crontabs are stored in /var/cron/tabs by default. This is different than I'm used to coming from RHEL and CentOS world where crontabs where stored in /var/spool/cron/<br />
<br />
FreeBSD Cron documentation: <a href="http://www.freebsd.org/doc/handbook/configtuning-cron.html">http://www.freebsd.org/doc/handbook/configtuning-cron.html</a>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0Milwaukee, WI, USA43.0389025 -87.906473642.853215999999996 -88.222330599999992 43.224589 -87.5906166tag:blogger.com,1999:blog-32469219.post-26179185512035464152012-05-10T12:23:00.001-05:002012-05-10T12:23:19.032-05:00How I learn a programming languageToday I'm going to talk about how I learn a new programming language. Let me start by saying that I've never fully mastered a programming language, or even come close. My roles are that of sysadmin and not of an actual programmer. What generally happens is I'm given some task to accomplish, such as modify an already written report in our home brewed application. I will dive into the report and figure out where I need to start modifying things. Or I need to come up with a new process, but since the rest of the home brewed application is written in PHP, I'll write the new process in PHP as well, just to keep everything consistent. <br />
<br />
I learn programming by looking at running code and modifying it to do something else or do the same thing but better or more accurately. I have trouble reading through a book and doing the simple examples and building upon that knowledge. It comes from already knowing a bit about programming and feeling dumb for re-reading what a variable is and how to assign it (pretty much the same in all programming languages).<br />
<br />
At my last position I was able to learn a lot of PHP and I became very comfortable with it. I had worked with PHP a bit prior to this, but honestly, I had forgotten most of what I had learned. In this case, that is probably for the best, it was all spaghetti code and crap for the most part. The one thing that helped me the most was a good editor (<a href="http://netbeans.org/features/php/">Netbeans for PHP</a>) and of course documentation.<br />
<br />
My new position is with a firm that runs perl for nearly 100% of their code base. I've always had a hard time reading perl code in the past (Mostly nagios plugins). Perl uses a lot of syntax that doesn't explain what its doing just by reading it in english. So my typical take something that works and modify it has been a slower process. I'm able to get the end result that I'm looking for, but I wouldn't say "I UNDERSTAND HOW" this code works or what it honestly does. <br />
<br />
This had led me to reading the first few chapters of a book (<a href="http://www.perl.org/books/beginning-perl/">http://www.perl.org/books/beginning-perl/</a>) so that I may understand the HOW something works and WHY it works, not just that it does. This might be the first programming book I actually read all the way through! So far some of the wizardry of perl is going away because I know or at least know where to look up what "=~" does and not have to guess. Some other resources I've used is of course <a href="http://stackoverflow.com/">Stackoverflow.com</a>. Some of the users there leave answers that don't just give an answer, but explain how and why it works and examples of other ways to do the same thing.<br />
<br />
How do you guys learn a programming language? What tools do you find are the best for learning a new programming language?<br />
<br />
<br />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0Wisconsin & Milwaukee, Milwaukee, WI 53202, USA43.0389025 -87.906473642.853058 -88.222330599999992 43.224747 -87.5906166tag:blogger.com,1999:blog-32469219.post-87137230971393096662012-04-23T09:00:00.000-05:002012-05-10T12:24:51.838-05:00FreeBSD sed -i Error "sed: 1: "FILE": bad flag in substitute command: '.' "On FreeBSD if you use the "-i" flag with sed you must specify a backup file. The simple fix, if you don't want a backup file is to use "" (two quotes, no space between them). You could also use any other filename you wished.<br />
<br />
Examples:<br />
BAD: sed -i s/192.168.1.1/192.168.1.44/g file.txt<br />
GOOD: sed -i "" s/192.168.1.1/192.168.1.44/g file.txtSteve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-60418430370084000022012-04-18T10:20:00.001-05:002012-04-18T10:20:11.836-05:00Updating the Locate database in FreeBSD (updatedb)<span style="font-family: inherit;">When I was running CentOS boxes if I needed to find a recently installed program or new file I would just run updatedb. That however doesn't work as expected on FreeBSD (9.0 in my case).</span><br />
<span style="font-family: inherit;"><br /></span><br />
<span style="font-family: inherit;">When I first installed the machine I tried to run locate SOMETHING and got the error message locate: "database too small: /var/db/locate.database"</span><br />
<span style="font-family: inherit;"><br /></span><br />
<span style="font-family: inherit;">My first instinct was to run updatedb, which of course returns "updatedb: Command not found.". It turns out there is a weekly cron job that will update the locate database, but if your server isn't on then (as is the case for me, since its a virtual machine on my local PC to toy around with) then you need to run the command manually. </span><br />
<span style="font-family: inherit;"><br /></span><br />
<span style="font-family: inherit;">Just run the following script: "/etc/periodic/weekly/310.locate". It may take a few minutes to run so just let it do its thing, or run it in a screen session.</span><br />
<span style="font-family: inherit;"><br /></span><br />
<span style="font-family: inherit;">By the way, I will most likely be posting a lot of FreeBSD tips and tricks in the coming months, as my new company runs mostly FreeBSD and Perl. </span>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com2tag:blogger.com,1999:blog-32469219.post-64915770501106751992011-10-26T06:00:00.000-05:002011-10-26T06:00:19.012-05:00Using DBAN for Data SanitationIf you're getting rid of your PC at home or retiring PCs in the office it is recommended that you first wipe the drive of any remaining bit of information. I'm not going to debate the merits of method or the other, or if this is even worth while. I'm a firm believer that 99% of the time this tool will wipe your drive and the data will be unrecoverable to most people or attacks. Personally, I run the PRNG method with 8 passes to overwrite the drives I'm getting rid of. This is on top of using secure delete methods to overwrite individual files as I delete them on my PC in day to day operations.<br />
<div>
<br /></div>
<div>
If you're very paranoid anyhow, you should be using something like Truecrypt to encrypt everything at rest on your hard drive, and possibly even a hidden encrypted volume inside of that. Even here, I would wipe a drive when I was done with it.</div>
<div>
<br /></div>
<div>
The first thing to do is to download the ISO image from <a href="http://www.dban.org/download">dban.org/download</a>. Then you will need to burn the ISO image to a CD. (<a href="http://lmgtfy.com/?q=How+to+burn+an+ISO">A quick Google search should get you some results.</a>)</div>
<div>
<br /></div>
<div>
Once you boot your PC with the burned image you should come to this screen.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119273"><img border="0" height="231" src="http://3.bp.blogspot.com/-6G_3q5ghO-c/TqB_PJff6aI/AAAAAAAAAME/cmX_5e6gr0s/s400/DBAN01.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-1.dropbox.com/i/o/OBEby-o4dn1ZtIrOyAAq21vGik76WfCLUIzIEJpBIlk/9183129/1319230800/df2d93d/DBAN01.PNG">Initial Boot Screen</a></td></tr>
</tbody></table>
If you hit the F2 key you will see this screen.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119278"><img border="0" height="235" src="http://4.bp.blogspot.com/-Pj4IAGCEKiE/TqB_PSXI8QI/AAAAAAAAAMM/YscnBpMC-qE/s400/DBAN02.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-2.dropbox.com/i/o/6-E55AXwKO8CWcScsZM9XX1T1IeLZCLcZsXMJULXQoM/9183129/1319230800/bc3663d/DBAN02.PNG">DBAN About Page</a></td></tr>
</tbody></table>
Hitting F3 will get you this screen.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119283"><img border="0" height="222" src="http://2.bp.blogspot.com/-6q-BffVJWZo/TqB_PxGziVI/AAAAAAAAAMU/o6bGAMk0Ht4/s400/DBAN03.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-3.dropbox.com/i/o/HJ2Ikhxdf8bow0h2PHb2_aMeessE-7pXATPOVpbFRL0/9183129/1319230800/7fc4f56/DBAN03.PNG">Quick Commands</a></td></tr>
</tbody></table>
F4 will get you to this note about RAID devices. Remember always dismantle your RAID volumes before wiping them!<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119288"><img border="0" height="221" src="http://3.bp.blogspot.com/-7zo2-JCdld8/TqB_QM5R3RI/AAAAAAAAAMc/bnEYUIki2YU/s400/DBAN04.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-4.dropbox.com/i/o/pLuNydv_i7lx5g1XZWpo63BIEBDj1_y46tIHZ3qXpWI/9183129/1319230800/7bb268e/DBAN04.PNG">A message about RAID devices</a></td></tr>
</tbody></table>
If you hit enter on the Initial Boot screen you'll end up here in Interactive Mode.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119296"><img border="0" height="222" src="http://4.bp.blogspot.com/-xZhANo6EcFg/TqB_QpBMJFI/AAAAAAAAAMk/8zKBOaoboPY/s400/DBAN05.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-5.dropbox.com/i/o/9Y6N0Ix2WE3MiQHVigx1TIz0p5ucR8Fwd3SddeXwPgo/9183129/1319230800/945c5ce/DBAN05.PNG">Interactive Mode</a></td></tr>
</tbody></table>
In Interactive Mode you can choose which Pseudo Random Number Generator to use. You have two choices (<a href="http://en.wikipedia.org/wiki/Mersenne_twister">Mersenne Twister</a> and <a href="http://en.wikipedia.org/wiki/ISAAC_(cipher)">ISAAC</a>, but I go with Mersenne Twister, but apparently ISAAC is more secure.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119301"><img border="0" height="221" src="http://2.bp.blogspot.com/-9fyi92fFQew/TqB_RDUhu7I/AAAAAAAAAMs/T8uLblmJC_o/s400/DBAN06.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-6.dropbox.com/i/o/oZQfepLPMw6f4tnnDwK8taHz8UhY9GkbQqs6C2895eo/9183129/1319230800/8bc51af/DBAN06.PNG">Pseudo Random Number Generator (Mersenne Twister) explanation</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119306"><img border="0" height="222" src="http://3.bp.blogspot.com/-k3jlNmPrqLY/TqB_ReRH5vI/AAAAAAAAAM0/yWV_4oUB_x8/s400/DBAN07.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-1.dropbox.com/i/o/6DAZ0XR6QLNckKF1zgZrRyW4YLKoUNg3pJ0UtvAh6Hc/9183129/1319230800/24a7d16/DBAN07.PNG">Pseudo Random Number Generator (ISAAC) explanation</a></td></tr>
</tbody></table>
If you need to quickly zero out a drive, such as before re-installing Microsoft Windows or for some other reason this option is for you.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119311"><img border="0" height="221" src="http://4.bp.blogspot.com/-C7u0m616XO8/TqB_RpPvPTI/AAAAAAAAAM8/0NxEeVkdBxQ/s400/DBAN08.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-2.dropbox.com/i/o/-SovSmX6G5o_npoTsdwpcoCZAyT6CSZdiGpC2QrFQ6w/9183129/1319230800/b7a4aed/DBAN08.PNG">Wipe Method (Quick Erase explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_514119316"><img border="0" height="221" src="http://2.bp.blogspot.com/-eU0eBG2o1rE/TqB_SWehrXI/AAAAAAAAANE/2uJunGzNoF4/s400/DBAN09.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-3.dropbox.com/i/o/R_HOuv1srTUgg4oIcDj5jevhLdfbLWX5G-ruMPiGGKE/9183129/1319230800/483ee7c/DBAN09.PNG">Wipe Method (RCMP TSSIT OPS-II explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012110"><img border="0" height="222" src="http://3.bp.blogspot.com/-ahAkyXpwNkc/TqB_S6SqigI/AAAAAAAAANM/7SPFFYB4iUM/s400/DBAN10.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-4.dropbox.com/i/o/aJuNorRXZOYG_rFkh-OrxxfIlOisV7zup8RILNb97b0/9183129/1319230800/03360e4/DBAN10.PNG">Wipe Method (DoD Short explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012115"><img border="0" height="222" src="http://4.bp.blogspot.com/-LjPC0yl8IPE/TqB_TdbQZNI/AAAAAAAAANU/4qIKPel3o38/s400/DBAN11.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-5.dropbox.com/i/o/6eLNi0nl3jdcEnTGMjaPleEXIVSSA5cqRLl01jSMaAE/9183129/1319230800/64eaf53/DBAN11.PNG">Wipe Method (DoD 5220.22-M explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012120"><img border="0" height="220" src="http://4.bp.blogspot.com/-iozZWW3zVvE/TqB_TuKWjVI/AAAAAAAAANc/6fyXiwhIJhA/s400/DBAN12.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-6.dropbox.com/i/o/CMkJbQeml2B8m4FIZuzagcOlKt-MOaUqfqkjyVsVV10/9183129/1319230800/027e4ef/DBAN12.PNG">Wipe Method (Gutmann Wipe explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012125"><img border="0" height="223" src="http://3.bp.blogspot.com/-8MXNrWxsLk0/TqB_T0UJMrI/AAAAAAAAANk/tTiJUX1U2iY/s400/DBAN13.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-1.dropbox.com/i/o/JYF91W5TJ8UhirLgbQ_jcFXNjTpjrkBM9amBZ5dvZOI/9183129/1319230800/5510492/DBAN13.PNG">Wipe Method (PRNG Stream explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012130"><img border="0" height="221" src="http://2.bp.blogspot.com/-Mw4VCX5RAJQ/TqB_UQSY-kI/AAAAAAAAANs/PMMTM1f4Y9Y/s400/DBAN14.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-2.dropbox.com/i/o/k8ymkLEkngVjzEucucivby7ULZgWChc_W_Co_hWexG4/9183129/1319230800/6c38156/DBAN14.PNG">Verification Mode (Verification Off Explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012135"><img border="0" height="221" src="http://4.bp.blogspot.com/-JUutQ3te4Ok/TqB_Ux5dv8I/AAAAAAAAAN0/qdPVclMJoLw/s400/DBAN15.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-3.dropbox.com/i/o/b3T0L6j1xQmof-bXWsRH0imTiLH0C9Mz82XSIw_OvY8/9183129/1319230800/6165161/DBAN15.PNG">Verification Mode (Verification Last Pass Explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012140"><img border="0" height="221" src="http://2.bp.blogspot.com/-Pzd4-vb3e6s/TqB_VMVM8LI/AAAAAAAAAN8/QtOmveFN51M/s400/DBAN16.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-4.dropbox.com/i/o/6115vcfUHDmlCH2GdbsB2wOnPJfccnCjsyNBvGWTdek/9183129/1319230800/98c40d4/DBAN16.PNG">Verification Mode (Verification All Passes Explanation)</a></td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012146"><img border="0" height="220" src="http://2.bp.blogspot.com/-WVAc0iqNRCU/TqB_VrAD5bI/AAAAAAAAAOE/5N6fZL06aKE/s400/DBAN17.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-5.dropbox.com/i/o/iBaogBiK0eRou7ALehq33jk0KaZe1HZCBjIj6A3PT1Q/9183129/1319230800/e9e4e3e/DBAN17.PNG">Changing the number of rounds</a></td></tr>
</tbody></table>
Something to note, if you have multiple drives installed and selected for wipe (from Interactive Mode) they will wipe in parallel. This can speed things up significantly if you have a lot of drives to wipe<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012151"><img border="0" height="222" src="http://4.bp.blogspot.com/-zxK08WVYrGY/TqB_V_IvcwI/AAAAAAAAAOM/YZMM0s6wPHc/s400/DBAN18.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-6.dropbox.com/i/o/UUJUE8uuV7ZQnE2n0Irp8NmraWfnDMJhOwZqBWvciSk/9183129/1319230800/e69e813/DBAN18.PNG">Running in parallel</a></td></tr>
</tbody></table>
When DBAN has finished you'll come to this screen. If you don't have a Green pass next to each disk you wiped it may be a failed disk. <br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span class="Apple-style-span" style="margin-left: auto; margin-right: auto;"><a href="http://www.blogger.com/goog_821012156"><img border="0" height="218" src="http://1.bp.blogspot.com/-X2kQINl2bC4/TqB_ZKjR7SI/AAAAAAAAAOU/doqZcKgReDU/s400/DBAN19.PNG" width="400" /></a></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="https://photos-1.dropbox.com/i/o/5h_q1ee7ARo-j8meAxflELpDOdiMmbWDX2PV74E7cn4/9183129/1319230800/bad6285/DBAN19.PNG">All Done!</a></td></tr>
</tbody></table>
<br />
After running DBAN a few times you should become comfortable with the different options and what they do. I started out running in interactive mode all of the time, but now when I get to the Initial Boot Screen I simply type prng (Which used the prng method with 8 passes and verification on the last pass) and let it go to town. I only do this however on machines where I want to wipe everything. For safeties sake I always physically disconnect drives I do not want to wipe.</div>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com2tag:blogger.com,1999:blog-32469219.post-70048916004441371582011-10-21T06:00:00.000-05:002011-10-25T13:17:23.554-05:00Installing and Configuring ZendServer Community Edition (CE) on CentOS 5 / 6The quick and the dirty:<br />
<div>
Download the Zend Server (DEB/RPM Installer Script) from zend.com. (An account is required).</div>
<div>
un-pack the the tarball (tar -xzfv ZendServer-5.5.0-RepositoryInstaller-linux.tar.gz)</div>
<div>
Run ./install_zs.sh 5.3 ce or ./install_zs.sh 5.2 ce depending on which version of PHP you want to run.</div>
<div>
Edit your iptables (you are running iptables right?) vi /etc/sysconfig/iptables</div>
<div>
Add in a line for the ZendServer lighthttpd server (-A INPUT -m state --state NEW -m tcp -p tcp --dport 10081 -j ACCEPT)</div>
<div>
Restart iptables (/sbin/service iptables restart)</div>
<div>
Visit (http://YOURSERVERHERE.com:10081/ZendServer/) in a web browser to accept the EULA and set a password.</div>
<div>
<br /></div>
<div>
Alternatively run (/usr/local/zend/bin/zs-setup accept-eula) and (/usr/local/zend/bin/zs-setup set-password YOURSECUREPASSWORD <yourpassword>)</yourpassword></div>
<div>
<br /></div>
<div>
If you need to restart Zend Server run /sbin/service zend-server restart. This will restart both apache (httpd) and the LightHTTPD Zend Server gui. <br />
<br />
Some important notes before heading off into the wonderful world of Zend Server:<br />
Be sure that your distribution's PHP isn't installed as well as the Zend Server, including the CLI, as it will mess with running php from the command line and who knows what else.<br />
<br />
The php binary is located at /usr/local/zend/bin/php, which can be verified by running which php. As such if you need to run php from cron be sure to add this to your path. (I have PATH=$PATH:$HOME/bin:/usr/local/zend/bin in my ~/.bash_profile). <br />
<br />
If you need to modify a setting in php.ini you will find it at /usr/local/zend/etc/php.ini. Remember to restart zend server for any changes to take effect.<br />
<br />
Beyond those things there isn't too much difference between running zend server and running php from your distribution.</div>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com1tag:blogger.com,1999:blog-32469219.post-47520750391185759022011-10-20T13:29:00.001-05:002011-10-20T13:29:45.135-05:00uCertify 117-101 Junior Level Linux Professional-I review<br />
Recently, the folks at uCertify requested I review one of their certification test suites.<br />
In my past experiences with certifications I've used a variety of study material, including instructor led classes, books, as well as electronic tools similar to those offered by uCertify.<br />
<br />
I prefer instructor led classes, but a mix of books and electronic tools are also a viable option for me.<br />
<br />
The uCertify catalog includes a wide variety of test preparation kits for a number of popular certifications, including: LPIC, Cisco, Zend, Linux, Microsoft, etc. Given I am currently in the process of studying for my LPIC-1, I selected the Junior Level Linux Professional (LPIC-1) track, which provided me access to the 117-101 Junior Level Linux Professional-I preparation kit.<br />
<br />
I was able to install the software quickly and easily without any problems. The activation was also painless, which I expected.<br />
<br />
To start out, the tool offers a variety of teaching tools including study notes and practice quizzes, which is what I was really looking forward to. Each of the components is easy to use and follow, although the navigation confused me a bit at first.<br />
<br />
The content itself seems accurate. Much of it appears to be snippets of relevant text from the official Linux man pages, with some text with a degree less of technical jargon to it to further explain the topic at hand. There where some areas where the content was a little lacking, but it didn't happen too often.<br />
<br />
The practice tests themselves are pretty good. They relate directly to the study material and are worded such that they are easy to comprehend. They also have the same cadence and tone that are on the actual tests.<br />
<br />
A couple of nice features that stood out from other tools I have used in the past include the ability to select different test modes and creating custom tests. In addition, within the test itself, the ability to add notes, print items and even provide feedback are all quite helpful. Of course, it also contains other expected features such as bookmarking of questions and a summary of answers for final review prior to submitting for results. The test experience itself was quite good and provided simple methods for reviewing the results and furthering one's understanding of the subject.<br />
<br />
Without the benefit of having taken the official exam, it is also a bit difficult to gauge the usefulness of other features such as the Test Readiness Report and Objective Readiness Report, both of which are aimed at providing insight as to how well one might perform on the official test.<br />
<br />
Overall, the uCertify tool is a comprehensive and flexible learning tool that is definitely worth considering, specially at the $80 - $100 price point (depends on selected test). Those looking for self-paced preparation kits will find it easy to use, thorough and extremely helpful.<br />
<br />
TL;DR<br />
Simple installation<br />
Good Price point<br />
Relevant study material<br />
Comprehensive set of tools<br />
Different learning techniques for varying preferences<br />
Flexible practice tests<br />
<br />
uCertify test preparation kits are available at: www.ucertify.com<br />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com2tag:blogger.com,1999:blog-32469219.post-18231007405319221372011-10-11T10:27:00.000-05:002011-10-11T10:27:28.948-05:00Logmein Hamachi - Hub and Spoke NetworkThis is going to be another quick one, mainly so I remember how to change which computer is a hub and which computer is a spoke.<br />
In "My Networks", click on "Edit" in the desired network. Then click the link "Add/Remove members" and there you can set the Hub/Spoke radio button.<br />
<br />
That's it!Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-9822595336253496322011-09-27T06:00:00.000-05:002011-09-27T06:00:15.673-05:00System Activity Report (sar) and Yousar is an acronym for System Activity Report. It takes a snapshot of the system periodically. On most distributions it comes with the sysstat package. On Redhat and derived distributions the package will install a set of cron jobs in /etc/cron.d/sysstat. There are two cron jobs to take note of. The first one runs every ten minutes as root. It runs the script /usr/lib/sa/sa1 -S Disk 1 1. This script saves its output in report files. The files are written to /var/log/sa/sar[dd], where [dd] is the two digit date for today's date. (e.g. Today is 8/26/2011. The log file is /var/log/sa/sar26)<br />
<br />
The second cron job runs at 23:53. This cron job summarizes the days activity. Both of the reports are saved as binary data, so normal tools are useless here.<br />
<br />
There are many flags to use with sar when running it interactivly. Some of the flags have additional atguments that are required when used. One example of thses flags is -n which al requires an additional argement suach as DEV or NFS ro IP. This specific example has eightteen (18) potential arguments, not including ALL.<br />
<br />
With sar liberal use of the man pages are highly suggested. Not only are the flags and any arguments documented, but the headers for each one and what they represent are explained as well. This comes in handy if you get overzealous with flags and aren't quite sure what you're looking at.<br />
<br />
I'm only going to cover some of the most notable flags, what they show and their headers. Be careful however as some flags exist in both upper and lower case and report vastly different metrics. One example of the is -b which reports on I/O transfer but -B reports on paging stats.<br />
<br />
First off the plate is -b which as I've already stated reports on I/O transfer stats and has the following headers:<br />
tps: Transfers per second to a physical device.<br />
rtps: Read transfers per second to a physical device.<br />
wtps: Write transfers per second to a physical device.<br />
bread/s: Blocks (since kernel 2.4 = sectors = 512 bytes) read from devices per second.<br />
bwrtn/s: Blocks written to devices per second.<br />
Example output from a production server running: sar -b 1 1<br />
Linux 2.6.18-274 el5PAE (server.domain.com) 8/26/2011<br />
09:23:57 PM tps rtps wtps bread/s bwrtn/s<br />
09:23:58 PM 7829.00 133.00 7696.00 1528.00 76960.00<br />
Average: 7829.00 133.00 7696.00 1528.00 76960.00<br />
<br />
-B will report paging stats. Some metrics / headers are only available in kernels 2.5 and newer.<br />
pgpgin/s: Kilobytes paged in from disk per second.<br />
pgpgout/s: Kilobytes paged out from disk per second.<br />
magflt/s: Major faults per second (hits to disk, this is a bad thing...)<br />
<br />
-c Process creation stats.<br />
proc/s: Processes created per second.<br />
<br />
-d Activity for each block device.<br />
tps: Transfers per second<br />
rd_sec/s: Sectors (512 bytes) read from block device per second.<br />
wr_sec/s: Sectors (512 bytes) written to block device per second.<br />
avgrq-sz: Average # of sectors<br />
avgqu-sz: Average queue length<br />
await: Average time in milliseconds for queue + servicing request.<br />
svctm: Average servicing time.<br />
%util: CPU percentage while I/O requests where issued. Close to 100% = device saturation.<br />
<br />
-n DEV Network interface stats.<br />
IFACE: Interface Name<br />
rxpck/s: Packets received per second.<br />
tcpck/s: Packets sent per second.<br />
rxbyt/s: Bytes received per second.<br />
txbyt/s: Bytes sent per second.<br />
rxcmp/s: Compressed packets received per second.<br />
txcmp/s: Compressed packets sent per second.<br />
rxmcst/s: Multicast packets received per second.<br />
<br />
-P ALL Per processor (or core) stats<br />
<br />
-p Print pretty device names<br />
Shows block devices as sda instead of dev8-0. Has no effect on Network device names.<br />
-A same as: -bBcdqrRuvwWy -I SUM -I XALL -n ALL -P ALL<br />
<br />
After you install the sysstat package you really need to let it run for a while and gather stats to see the real beauty of it all. However you can run it interactively if required. When running sar interactively the syntax is sar -FLAGS Interval Duration. (e.g. sar -b 2 60) runs I/O stats every two seconds for a minute. This is very hand to run if you're troubleshooting a slow system or watching it under load.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0Brookfield, WI, USA43.0605671 -88.106478743.0141256 -88.1854427 43.1070086 -88.0275147tag:blogger.com,1999:blog-32469219.post-72216969198394354292011-09-26T12:58:00.000-05:002011-09-26T12:58:48.113-05:00Changing the from e-mail address in NagiosThis is going to be another short one. I recently had a need to change the FROM address for e-mail from our Nagios installation. E-mail was coming from nagios@host.domain.com, which is non-route-able from outside our network.<br />
<br />
The change is very simple. Change the two command lines in your Nagios commands.cfg dealing with notify by e-mail. The command names are "notify-host-by-email" and "notify-service-by-email". <br />
<br />
By default these lines read:<br />
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/ Time: $LONGDATETIME$\n" | /bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$<br />
<br />
and<br />
<br />
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE $\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$<br />
<br />
To change the from address you append " -- -f nagios@domain.com", that is without the quotes of course. So the new lines look like:<br />
<br />
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/ Time: $LONGDATETIME$\n" | /bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$ -- -f nagios@domain.com<br />
<br />
and<br />
<br />
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE $\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ -- -f nagios@domain.com<br />
<br />
To explain it a little what we appended was a space followed by two dashes, which forces mail to pass those along to sendmail. Send mails sees the addition of a dash followed by the letter f and then another space and the e-mail address you want to send from.<br />
<br />
On my system this is an alias for myself so that all replies come to my inbox.<br />
<br />
All of this works on CentOS which is what I'm currently running. It should work on other distributions as well, but I haven't the time to verify that.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com5Brookfield, WI, USA43.0605671 -88.106478743.0141611 -88.1854427 43.1069731 -88.0275147tag:blogger.com,1999:blog-32469219.post-16920354000504663142011-09-20T08:35:00.000-05:002011-11-28T07:55:47.130-06:00Powershell Get-ChildItem Count 1 resultThis is going to be a quick one. I'm working on a new Powershell script (my second) and I'm doing some sanity checks before I actually try to continue the workflow.<br />
<br />
If you run the command below and it returns only one item and then either try to print out $fileCount or run an if statement or something against it like if ($fileCount -gt 0){do some stuff} the "do some stuff" won't happen.<br />
#$fileCount = $(get-childitem C:\ -filter *.zip).count<br />
<br />
This is because the count method returns an array, which if only one item is in it doesn't get created and thus is 0. To get around this you must create the array first. You can do this in the same line of code as shown below.<br />
<br />
#$fileCount = @(get-childitem C:\ -filter *.zip).count<br />
<br />
The at sign there will create the array and you will have one item in it.<br />
<br />
<br />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0Brookfield, WI, USA43.0605671 -88.106478743.0141611 -88.1854427 43.1069731 -88.0275147tag:blogger.com,1999:blog-32469219.post-42609378421606623662011-09-19T13:12:00.000-05:002011-09-19T13:12:08.254-05:00Yum 5.x Local repository and the new Continuous Release RepoA few months back, possibly a year ago I started running my own local mirror of the CentOS YUM repository. The main benefit is speed in updating all of my servers. I also was able to setup a local repo of just tools that we use but aren't available in the Base CentOS repos. (I've since started adding the EPEL repository to servers that needed it.) For those curious I mirror the os, updates, and now the cr repos.<br />
<div>
<br /></div>
<div>
A few weeks ago the CentOS announce list and twitter feed introduced yet another repo the <a href="http://lists.centos.org/pipermail/centos-announce/2011-August/017689.html">Continuous Release</a> repo or cr for short. This new repo contains security and bug fixes from the upstream 5.7 release and I imagine will continue with further releases (5.8 & 5.9). CentOS has also promised a 6.0 Continuous Release repo, but have yet to deliver on that.<br />
<br />
<br />
First off create the directories that will become the repositories.<br />
mkdir -pv /Storage/yumRepo/{5,5.4,5.5/{os,updates,cr}/i386<br />
mkdir -pv /Storage/yumRepo/local/el5/i386<br />
<br />
<br />
So with out further ado, lets get into the guts of actually getting everything pulled down, synced and a repository created.<br />
<br />
Below is the script I use to keep my mirror in sync with the closest mirror that offers rsync:<br />
<br />
1 #!/bin/sh<br />
2<br />
3 rsync="rsync -avrt --bwlimit=796"<br />
4<br />
5 mirror=rsync://centos.mirrors.tds.net/CentOS<br />
6<br />
7 verlist="5 5.5 5.6 5.7"<br />
8 archlist="i386"<br />
9 baselist="os updates cr"<br />
10 local=/Storage/yumRepo/centos<br />
11<br />
12 for ver in $verlist<br />
13 do<br />
14 for arch in $archlist<br />
15 do<br />
16 for base in $baselist<br />
17 do<br />
18 remote=$mirror/$ver/$base/$arch/<br />
19 $rsync $remote $local/$ver/$base/$arch/<br />
20 createrepo -v --update $local/$ver/$base/$arch<br />
21 done<br />
22 done<br />
23 done<br />
24 hardlink /Storage/yumRepo/centos<br />
<br />
Now, lets break this script down line by line. Line one is obvious, it tells the program loader what interpreter to use when running this file. Line three sets up the rsync command I'll be using. In my case I need to limit the bandwidth usage to something sane, even though I run it off peak hours. Line five sets the mirror I'm running against. Line seven sets the versions of CentOS I'm interested in. I really could trim this back to just 5 and 5.7 now, but I'm going to leave it in there for now. Line eight tells me I'm only going to sync i386 architect and not the x64 architect. I'm doing this because as of right now we only run x86. Line nine gives me which repositories in the i386 architect I'm going to mirror. Line ten sets up where on the local server I'm going to store everything.<br />
<br />
Lines twelve through twenty three run rsync against all of the variations of repository and architect type for each version. In my case it would be twelve different syncs. If I where also running x64 architect it would double to twenty four. Line nineteen is the actual rsync command while line twenty creates the necessary repository files for yum to use.<br />
<br />
Line twenty four is rather new to this script and requires you have the hardlink command installed (yum install hardlink). The hardlink command will run through everyfile in the directory specified and compare it to every other file in the directory. It is looking for the same contents with the same permissions, but it can have a different filename. If it finds a match it will hardlink one of them to the other, thus reducing the space required to store two copies. My only wish is that I had some hard stats for how much disk space this is saving me on the repository alone.<br />
<br />
<br />
Now create the repository file for Yum.<br />
#vi /etc/yum.repos.d/MyRepo.repo<br />
This file contains:<br />
[base]<br />
name=CentOS-$releasever - Base<br />
baseurl=repo.mydomain.com/centos/$releasever/os/$basearch/<br />
gpgcheck=1<br />
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<br />
protect=1<br />
enabled=1<br />
<br />
[update]<br />
name=CentOS-$releasever - Updates<br />
baseurl=http://repo.mydomain.com/centos/$releasever/updates/$basearch/<br />
gpgcheck=1<br />
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5<br />
protect=1<br />
enabled=1<br />
<br />
[CompanyName]<br />
name=CentOS-$releasever - Local<br />
baseurl=http://repo.mydomain.com/local/el$releasever/$basearch<br />
enabled=1<br />
gpgcheck=0<br />
protect=0<br />
enabled=0<br />
<br />
<br />
We need to also tell Apache about these directories and how to serve them out over HTTP.<br />
I changed the DocumentRoot to<br />
DocumentRoot "/Storage/yumRepo"<br />
then I changed the Default directory to<br />
<directory "="" storage="" yumrepo"=""><br />Options +Indexes +FollowSymLinks<br />AllowOverride All<br />Allow from all</directory><br />
<br />
Restart apache.<br />
#service httpd restart<br />
<br />
<br />
Populate Company Local repo with custom RPMs.<br />
On every server we have installed Webmin. In the past this was installed either by hand or via our install script, but that had to be updated by hand with each update. So I will move the latest into our Company Local repo.<br />
#mv /Storage/rpmDownloads/webmin-1.510.rpm /Storage/yumRepo/local/el5/i386/<br />
<br />
You can move as many files into here as you want, including built from source RPMs that you may have made. After you move in any custom RPMs you have to update the Repository.<br />
#createrepo -v --update /Storage/yumRepo/local/el5/i386/<br />
<div>
<br /></div>
</div>
Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-15937889426402608622011-09-13T20:49:00.003-05:002011-09-19T13:01:48.697-05:00File Checksum Integrity Verifier utility or SHA1 / MD5 checksum utility for WindowsOn Linux if you need to verify the file you just downloaded is untouched you run either sha1sum or md5sum on the file to get the checksum and verify it against the published checksum. There are some utilities available for Windows, but today I'm going to point the spotlight at a Microsoft offering, File Checksum Integrity Verifier or fciv for short. You can grab the download from <a href="http://support.microsoft.com/kb/841290">Microsoft's site</a>.<br />
<br />
There are a few options available when you run the command, such as -md5 to get the md5 checksum of a file or -sha1 to get the sha1 checksum of a file. But you can also use the -both flag to get both checksums of a given file. You can even create you own database of checksums to verify the files later.<br />
<br />
To generate the checksums and store them in the database (xml file) run:<br />
>fciv -both -xml fcdatabase.xml filetocheck.txt<br />
<br />
The command above will obviously store both checksums and on a large file could take a while to run, as it needs to run twice on the file, once for the sha1 sum and once for the md5 sum. You of course can use one or the other check sum algorithm if you prefer (I prefer sha1 for the time being).<br />
<br />
To later verify a file against the database you run the command shown below:<br />
>fciv -sha1 -xml fcdatabase.xml filetocheck.txt<br />
<br />
Now if you make changes to filetocheck.txt and run the command below you will see that verifying the file against the database it has changed. If this where an executable it may either be corrupt or compromised. If it was the project you've been working on for weeks, now is a good time to restore from backup, if the change wasn't expected of course.<br />
<br />
>fciv -v -xml fcdatabase.xml filetocheck.txt<br />
<br />
You'll see something like:<br />
<br />
c:\users\mymcp\fcdatabase.xml<br />
Hash is : 48a5967227b85c6805f3210832a155da<br />
It should be : 04518689efadfdf2393b533dc9c7c8b5<br />
<br />
My only real complaint is that fciv doesn't show any sort of progress while processing a large directory. It would be nice to see a file names flying by the screen or something. All in all though this is a tool worth checking out if you run Windows and don't have another tool already in your arsenal. <br />
<br />
I would like to know if any of you have a tool in your arsenal already for this purpose and what it is / where I can find it. Sadly I don't recall any of the tools I've used in the past, but this one may become my tool of choice for this job.<br />
<br />
<br />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-70003906067020382172011-04-12T15:08:00.009-05:002011-10-20T16:00:21.783-05:00Comparing ext3 to ext4 benchmarksBelow is the output from bonnie++, installed from rpmforge on CentOS 5.5, running against a RAID 0 (Linux Software RAID) of two Seagate Barracuda LP ST32000542AS, formatted with ext3.<br />
#bonnie++ -d /mnt/SOMEDRIVE -n 32:64:4:4 -q | bon_csv2html > /StorageServer/RAID0.ext3.html<br />
<div>
<br />
<div>
<a href="https://photos-1.dropbox.com/i/o/mEZgeGQkSm-hmRJvwbPJkMXX-m8ycROXOkaEapfCuw4/9183129/1319230800/19d1508/ext3.PNG"><img alt="" border="0" id="BLOGGER_PHOTO_ID_5594880509486436274" src="http://4.bp.blogspot.com/-B4k84_CX8-E/TaUCLjCyD7I/AAAAAAAAAJU/lULzh-40egs/s400/ext3.PNG" style="height: 74px; width: 400px;" /></a></div>
<div>
<br /></div>
<div>
Here is the same command but running on the same server, but this time running CentOS 5.6 with the same Linux software RAID 0 on two Seagate Barracuda LP ST32000542AS, but formatted with ext4.</div>
<div>
<br />
<div>
<div>
</div>
<div>
</div>
<div>
</div>
<div>
</div>
</div>
<a href="https://photos-2.dropbox.com/i/o/PYOYMy-chBFO3z_Oml8cV1Mn-JBrP6C-v7ahDM74KGQ/9183129/1319230800/219721a/ext4.PNG"><img alt="" border="0" id="BLOGGER_PHOTO_ID_5594880680622385474" src="http://3.bp.blogspot.com/-fSS-lJgN7wg/TaUCVgkxaUI/AAAAAAAAAJc/dDPCmbJrm9A/s400/ext4.PNG" style="height: 73px; width: 400px;" /></a><br />
<br /></div>
<div>
We can see that Sequential Output Per Character is slightly higher, Block K/Sec is higher and with significantly lower latency, but Rewrite is lower and with higher latency on ext4. (Higher is better)<br />
<br />
Sequential input on both Per Caharacter and Block K/Sec is also slightly higher and with lower latency on ext 4. Random seeks are also slightly higher on ext4. (Higher is better)<br />
<br />
Sequential creates are higher, but require more CPU, while Sequential Reads are lower using about the same CPU. Sequential Deletes are also slower on ext4 than they where on ext3.<br />
<br />
Where ext4 really seems to shine is on the Random Create section. Creating random files almost doubled per second on ext4 vs. ext3, all while using similar CPU. Random Reads where so fast on ext4 that I need to retest to get accurate results (shown by +++++ on the results). Random Deletes where about 25% faster on ext4 when compared to ext3 again while using less CPU, though not by much (1%).<br />
<br />
Now these being benchmarks they give a nice indication about what kinds of performance I may be able to have, but I need to do real world testing. Hopefully I have some meaningful results after I finish upgrading all of my servers and filesystems. I will also benchmark our RAID 5 system before and after the conversion.<br />
<br />
For our purposes it appears that ext4 is the better filesystem given our setup and procedures.</div>
</div>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com1tag:blogger.com,1999:blog-32469219.post-10610486280722749342011-04-11T16:09:00.002-05:002011-04-11T16:23:12.043-05:00Converting an ext3 filesystem to ext4 on CentOS 5.6If you recently installed <a href="http://centos.org/">CentOS</a> 5.6 or updated to <a href="http://centos.org/">CentOS</a> 5.6 you can now utilize the <a href="http://en.wikipedia.org/wiki/Ext4">ext4 filesystem</a>.<br /><br />To do the conversion or create a new ext4 filesystem you need the e4fsprogs tool kit from yum.<br /><br />#yum -y install e4fsprogs<br /><br />I did this conversion on a test system with a non-root filesystem to avoid any possible problems. I also backed up the filesystem just in case something went terribly wrong.<br /><br />First you need to un-mount the filesystem, as it cannot be in use.<br /><br />#cd /; umount /dev/VolGroup00/LogVol00<br /><br />Now you can run the tune4fs command to convert the filesystem to ext4.<br />#tune4fs -O extents,uninit_bg,dir_index /dev/VolGroup00/LogVol00<br /><br />Now that the filesystem is ext4 it is no longer able to be mounted as ext3, so change its entry in the fstab.<br /><br />#vi /etc/fstab<br /><br />Now because we used the option uninit_bg we need to run fsck on the new ext4 filesystem. This is a good idea to do anyways, but is a requirement here.<br /><br />#e4fsck -fDC0 /dev/VolGroup00/LogVol00<br /><br />e4fsck will complain about "One or more block group descriptor checksums are invalid", this is totally normal.<br /><br />Before doing these steps on the root filesystem (/) I would recommend you read over the <a href="https://ext4.wiki.kernel.org/index.php/Ext4_Howto">Ext4 Howto</a> on kernel.org. I re-wrote the steps for more accurate information pertaining specifically to CentOS 5.6 and my system.<br /><br />As always:<br /><br />THE INFORMATION IS DISTRIBUTED IN THE HOPE THAT IT WILL BE USEFUL, BUT WITHOUT ANY WARRANTY. IT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE INFORMATION PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.<br /><br />IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW THE AUTHOR WILL BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE INFORMATION TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com4tag:blogger.com,1999:blog-32469219.post-23444479534118144882011-03-03T14:57:00.005-06:002011-03-03T15:16:22.109-06:00Update to Promiscous Mode on vSphere 4A few months back I wrote about <a href="http://mymcp.blogspot.com/2010/10/enableing-promiscuous-mode-on-vsphere-4.html">Enabling Promiscuous Mode on vSphere 4</a>. Well, I have learned some more since then. There isn't much information out there about recording a VoIP stream in a virtual machine environment. I hope to change that today.<br /><br />First thing is first. If you are using VLANS on your physical network set your Virtual Machine Port Group to be a trunk. Also set the port on the physical switch to be a trunk instead of an access port.<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/-4ymO8pz9yio/TXAC6CqIeTI/AAAAAAAAAIQ/PbV90bLigdM/s1600/vNetworkConfig1.png"><img style="cursor: pointer; width: 258px; height: 320px;" src="http://3.bp.blogspot.com/-4ymO8pz9yio/TXAC6CqIeTI/AAAAAAAAAIQ/PbV90bLigdM/s320/vNetworkConfig1.png" alt="" id="BLOGGER_PHOTO_ID_5579963134481299762" border="0" /></a><br />Second thing, if you are using the E1000 NIC driver in your guest OS, turn off VLAN support. The screen shot is from Windows 2008 R2 64-bit, but it is similar in every other Windows OS.<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/-6XiVMXtN2yk/TXAEZxKxLEI/AAAAAAAAAIs/WkS5lBeh4xY/s1600/vNic_Driver_Config.PNG"><img style="cursor: pointer; width: 290px; height: 320px;" src="http://3.bp.blogspot.com/-6XiVMXtN2yk/TXAEZxKxLEI/AAAAAAAAAIs/WkS5lBeh4xY/s320/vNic_Driver_Config.PNG" alt="" id="BLOGGER_PHOTO_ID_5579964779053788226" border="0" /></a><br /><br /><br /><br /><br /><br /><br /><a href="http://www.vmware.com/pdf/Perf_Best_Practices_vSphere4.0.pdf">Performance Best Practices for vSphere 4</a>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-23535059553785699132011-03-03T14:33:00.004-06:002012-04-19T07:15:54.533-05:00NRPE: Unable to read output and sudoThank you to Andrea Leofreddi over at <a href="http://www.cyberz.org/blog/">cyberz.org</a> for the blog post <a href="http://www.cyberz.org/blog/2009/01/03/nagios-nrpe-and-sudo-nrpe-unable-to-read-output/">Nagios nrpe and sudo: “NRPE: Unable to read output”</a>. This was a tremendous help back when I first started working with my md-raid device and Nagios. I found this entry again while working on my very own plug-in for Nagios, check_supervisorctl.sh.<br />
<br />
In short if you are running either CentOS or RHEL (5+ is all I have tested this with) you need to comment out the line "Defaults requiretty" in the /etc/sudoers file. In order to comment the line out simply add a hash symbol to the beginning of the line like so:<br />
#Defaults requiretty<br />
<br />
For the total noob, as I once was:<br />
My command configurations:<br />
command[check_raid]=sudo /usr/local/nagios/libexec/check_md_raid<br />
command[check_supervisorctl]=sudo /usr/local/nagios/libexec/check_supervisorctl.sh<br />
<br />
Both of the above lines are on a remote host from the nagios server. The checks are run via NRPE like so:<br />
define service{<br />
use generic-service<br />
host_name <your><br /> service_description RAID Status<br /> check_command check_nrpe!check_raid<br /> notifications_enabled 1<br /> notification_period 24x7<br /> notification_interval 15<br /> notification_options c,w,u,r<br />}<br />define service{<br /> use generic-service<br /> host_name <your><br /> service_description Supervisor Workers<br /> check_command check_nrpe!check_supervisorctl<br /> notifications_enabled 1<br /> notification_period 24x7<br /> notification_interval 30<br /> }<br /><br />Without "Defaults requiretty" commented out the output of my sudo command was simply:<br />NRPE: Unable to read output<br />But once I disabled requiretty I got the output I expected from my checks:<br /><br />[root@hostname ~]# /usr/local/nagios/libexec/check_nrpe -H raid.hostname.local -c check_raid<br />RAID OK: All arrays OK [1 array checked]<br />[root@hostname ~]# /usr/local/nagios/libexec/check_nrpe -H hostname.local -c check_supervisorctl<br />OK: All of your programs are running!</your></your>Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com2tag:blogger.com,1999:blog-32469219.post-12389945894570428402011-02-09T11:00:00.002-06:002011-02-09T11:07:36.001-06:00Adding a vCPU to a Windows 2008 R2 guestLast night I had to add an additional vCPU to a Windows 2008 R2 guest. I tried and tried to research doing this, but all I was able to find was how to Hot add a vCPU, which I didn't care to do. Also all of the VMWare documentation said to view a certain PDF to see what OSes could even take a Hot CPU addition, but I was unable to find anywhere in the PDF what OSes could handle it and which ones couldn't.<br /><br />So I installed the newest patches (being patch Tuesday and all) and I shut down the server. I then went from one vCPU to two vCPUs. I ignored the warning that adding CPUs to an already installed system may cause it to be unstable. <br /><br />So far the server has been stable and everything worked like I had hoped. I don't know if this would work on any of our Windows 2008 servers, or for that matter the CentOS 5.5 servers, but all of them already have two vCPUs.<br /><br />If you are wondering why I needed to do this, well, it is because our VoIP recording solution uses MySQL, and for some reason it has been using 100% of the CPU for weeks now. This despite a mostly empty process list in MySQL.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-7376570221095860122011-02-09T10:49:00.004-06:002011-02-09T10:58:39.608-06:00Strange Nagios Error SolvedThis morning I added some new services to a server, but they wouldn't move out of "Pending" status. The error I received was<br />"Feb 9 09:27:36 <nagiosserver> nagios: Warning: Check result queue contained results for service '<service>' on host '<server>', but the service could not be found! Perhaps you forgot to define the service in your config files?"<br /><br />I stopped the nagios service and ran ps -ef | grep nagios. To my surprise there was still a Nagios instance running. This means two things. First the init script that comes with Nagios is borked and doesn't correctly check for running nagios instances. Second, I somehow started a second Nagios instance.<br /><br />I thought something was up in the first place because every other refresh or so of the Nagios web view I would either see the three pending services or I wouldn't. This was my first clue that something was borked. I then went to tail /var/log/messages and saw the error message. Then I started investigating the issue with the help of Google. Once I saw that there where two instances of Nagios things started to make sense.<br /><br />I killed the second Nagios instance and any children processes (in my case ndo2db) and then restarted nagios via the init script.<br /><br />Once I had everything up and running (but only one instance) I was able to successfully check my new services.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com6tag:blogger.com,1999:blog-32469219.post-28197973072392792972010-12-30T13:52:00.002-06:002010-12-30T14:28:47.619-06:00ImageMagick convert -geometry weirdnessI don't know if this is really documented anywhere, but when using the ImageMagick program convert with the -geometry or -resize flags it also converts to 16bit color, at least when used against 1bit (Black and White) image.<br /><br />The reason this is important to note is that using -compress Group4 will not work on these images because they aren't 1bit color images and they need to be. To work around this limitation you need to force the color depth with -monochrome. The downside to all of this is time. <br /><br />Ripping an Image file from a PDF takes roughly .206 seconds for an 8.5x11 PDF with pdfimages (useful if a PDF has OCR embedded in it.)<br />Converting the resultant PBM file without -geometry 1700x2200! -monochrome takes roughly .194 seconds.<br />Converting the resultant PBM file with -geometry 1700x2200! -monochrome takes roughly 4.594 seconds. This is an increase of 10 - 10.5 % adding in the geometry.<br /><br />*all of the above numbers are from one file, but testing of different files showed similar results. All tests where done at 200 DPI.<br /><br />Here are some examples of the commands we are running for anyone curious.<br />convert ${outputTiffRoot}-000.p*m -density 200 -compress Group4 {outputTiffRoot}_200.tiff<br /><br />convert ${outputTiffRoot}-000.p*m -density 300 -compress Group4 {outputTiffRoot}_200.tiff<br /><br />convert ${outputTiffRoot}-000.p*m -density 200 -compress Group4 -geometry 1700x2200! -monochrome ${outputTiffRoot}_200.tiff<br /><br />convert ${outputTiffRoot}-000.p*m -density 300 -compress Group4 -geometry 2550x3300! -monochrome ${outputTiffRoot}_300.tiffSteve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-59614991311861067852010-12-16T11:06:00.005-06:002010-12-16T12:24:18.827-06:00Gawker Media Account Database hackI'm sure you have heard about the release of about 1.5 million username / password combinations (encrypted with DES). I have gotten e-mails from a few web companies saying that I should re-set my password. These companies include <a href="http://www.linkedin.com">LinkedIn</a> and Blizzard (for my World of Warcraft account).<br /><br />Since my roommate didn't get an e-mail from Blizzard (as he doesn't have an account on any Gawker Media website) and I did, I can only assume that Blizzard downloaded the hacked account database and compared it to their account database. Any matches where to get this e-mail.<br /><br />I honestly hope this is what happened and that Blizzard and <a href="http://www.linkedin.com">LinkedIn</a> didn't just randomly send out password reset e-mails. In this case the most responsible thing to do is download the file and cross reference it with your own data.<br /><br />If you are wondering where you affected by this breach visit <a href="http://www.didigetgawkered.com/">http://www.didigetgawkered.com/</a>.<br /><br />Yesterday I read both an <a href="http://www.duosecurity.com/blog/entry/brief_analysis_of_the_gawker_password_dump">Analysis</a> of the hack and an <a href="http://www.wikidsystems.com/WiKIDBlog/an-analysis-of-the-inevitable-analyses-of-the-gawker-password-breach">Analysis of the Analysis</a>. I am fairly certain that my password was unique in the database, but I do know that I used to use that password all over the place. A few months ago I started changing password and using <a href="http://keepass.info/">KeePass</a> to store them securely. I disagree with <a href="http://www.wikidsystems.com/WiKIDBlog/an-analysis-of-the-inevitable-analyses-of-the-gawker-password-breach">Wikidsystem's Analysis of the Analysis</a>.<br /><br />Yes, I was just as owned as the person using something insecure such as letmein or password. But the "owning" wasn't because of a weak password. Yes, I do have to copy and paste my passwords, but that doesn't make me a loser. I treat all of my online identities the same, as they are a representation of ME. The real losers are the ones that use any sort of username / password combinations on multiple sites. If you don't care that some sites might get hacked with the same username / password then fine, but I do. I want any potential fallout to be minimal.<br /><br />Also, for things I truly care about, if a two-factor authentication mechanism is available I use it. The other thing more developers need to account for is LONGER passwords. My pseudo-random password generator generates long passwords, sometimes too long for an account. Please make the password field huge and don't store it in plain text. I hate having to cut down a password from 30+ characters to 8 because that is the longest your application will allow.<br /><br />You see I don't care if my password is 30+ characters, because I don't need to remember it! Thats what I have <a href="http://keepass.info/">KeePass</a> for!Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0tag:blogger.com,1999:blog-32469219.post-52305305803194237382010-10-14T15:59:00.016-05:002011-03-03T14:57:37.795-06:00Enabling Promiscuous Mode on vSphere 4We are in desperate need of a testing server. The testing server needs to be able to listen to the network, through port mirroring, to record VoIP calls. In the physical world this is no problem, but we don't have the budget for another physical box, especially for something as non-critical as testing a program upgrade (even though the program it self is very critical to our business).<br /><br />A year ago the software vendor said that they don't support virtual environments and their product doesn't work in a virtual environment. During discussions this year however they told the truth that they simply don't know if it will work, and thus "don't support" it. I am calling it lazy. It doesn't take much these days to get a VM host going and configured for testing things out.<br /><br />Well we have done the leg work for them. I have confirmed that vSphere does allow for promiscuous mode, even from the physical network. To be honest I was a little shocked to see this worked.<br /><br />Here are the steps to enable promiscuous mode on your vSphere host and the guest VM.<br /><ol><li>Enable promiscuous mode on the virtual adapter.<br /></li><li>Enable promiscuous mode on the vSwitch.</li><li>Enable promiscuous mode for the guest.</li><li>Enable port mirroring on the physical switch (not covered here).</li><li>Test capturing network data.</li></ol>Now that we have the general synopsis of the procedure we can begin.<br /><br />We enable promiscuous mode on the virtual adapter by logging into the vSphere Client, going to the VM Host, clicking on the "Configuration" tab, then on "Networking" in the "Hardware" section on the left. Now click on "Properties..." for the Virtual Switch.<br /><br /><a href="http://3.bp.blogspot.com/_JtyR2ekbtvM/TLd0Yop3-gI/AAAAAAAAAFs/v_g2rnb68FA/s1600/vSwitch0.PNG"><img style="cursor: pointer; width: 320px; height: 200px;" src="http://3.bp.blogspot.com/_JtyR2ekbtvM/TLd0Yop3-gI/AAAAAAAAAFs/v_g2rnb68FA/s320/vSwitch0.PNG" alt="" id="BLOGGER_PHOTO_ID_5528015034199308802" border="0" /></a><br />Now enabling promiscuous mode on the vSwitch is pretty simple. Click on the "vSwitch" on the "Ports" tab, as shown below and then click on the "Edit..." button.<br /><br /><a href="http://1.bp.blogspot.com/_JtyR2ekbtvM/TLd09xvwxsI/AAAAAAAAAF0/RbC0Q-o1uX8/s1600/vSwitch2.PNG"><img style="cursor: pointer; width: 294px; height: 165px;" src="http://1.bp.blogspot.com/_JtyR2ekbtvM/TLd09xvwxsI/AAAAAAAAAF0/RbC0Q-o1uX8/s320/vSwitch2.PNG" alt="" id="BLOGGER_PHOTO_ID_5528015672295081666" border="0" /></a><br /><br />Now that we are editing the vSwitch properties click on the "Security" tab. Change the option for Promiscuous mode to "Accept" if it isn't already and hit "OK".<br /><a href="http://1.bp.blogspot.com/_JtyR2ekbtvM/TLd1ZY6SXPI/AAAAAAAAAF8/m99CWfD8nI0/s1600/vSwitch3.PNG"><img style="cursor: pointer; width: 320px; height: 159px;" src="http://1.bp.blogspot.com/_JtyR2ekbtvM/TLd1ZY6SXPI/AAAAAAAAAF8/m99CWfD8nI0/s320/vSwitch3.PNG" alt="" id="BLOGGER_PHOTO_ID_5528016146664676594" border="0" /></a><br /><br />To enable promiscuous mode for the guest we need to break down to the command line. I used putty to SSH into my vSphere host, which I had previously setup. Now you need to edit the .vmx file of the guest that will be listening to the network.<br /><br /># vi /vmfs/volumes/datastore1/testServer/testServer.vmx<br /><br />I did a search for ethernet, so the promiscuous mode configuration would be with the rest of the ethernet config. Add the following line to the configuration file:<br /><br />ethernet0.noPromisc = "FALSE"<br /><br /><a href="http://4.bp.blogspot.com/_JtyR2ekbtvM/TLhcnX6IEiI/AAAAAAAAAGE/CihSgFhiscY/s1600/vSwitch4.PNG"><img style="cursor: pointer; width: 320px; height: 203px;" src="http://4.bp.blogspot.com/_JtyR2ekbtvM/TLhcnX6IEiI/AAAAAAAAAGE/CihSgFhiscY/s320/vSwitch4.PNG" alt="" id="BLOGGER_PHOTO_ID_5528270374099751458" border="0" /></a><br /><br />And save when you are done. I rebooted my testServer just as a precaution, but I'm not certain it is required.<br /><br />At this point everything is configured on the VM side of things. Make sure you have port mirroring enabled on your physical switch and give it a test. In my environment I commonly use <a href="http://www.wireshark.org/">Wireshark</a>. I did my testing by pinging a server on a mirrored port.<br /><br /><br /><img src="file:///C:/Users/STEVE%7E1.LIP/AppData/Local/Temp/moz-screenshot-1.png" alt="" />Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com1tag:blogger.com,1999:blog-32469219.post-24321800333358268142010-10-14T10:48:00.003-05:002010-10-14T11:28:47.412-05:00Using PSExec to Defragment your PCsWay back in 2000 / 2001 I was an IT intern. My job was to do the really manual processes for a small department with in a much larger company. One of those was monthly defrags of all PCs and Laptops (if they where available). I had to go to each and every PC, log on, and start the defrag process manually. I believe this to be my first moment of "I should automate this". Problem was I didn't know how or really where to start. I knew script was the answer, but just couldn't get things to work. I believe I eventually created a scheduled task on each machine (by hand) to do this for us.<br /><br />Fast forward 10 years and I am still in need of the same thing, as we don't have Vista or Windows 7 deployed. But now I have a much better understanding of what needs to happen and even better I know where to start!<br /><br /><a href="http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx">PSExec</a>, which is part of the System Internals <a href="http://technet.microsoft.com/en-us/sysinternals/bb896649.aspx">PsTools suite</a> is my answer these days. A simple script, run from my PC (still manually for the time being) is able to handle defragmenting all of our PCs.<br /><br />psexec @C:\Updates\Comps\AppPCs.txt -n 10 -c -f -d JkDefragCMD.exe<br /><br />I use the files with PC names to speed up re-deployment of everything. The -n 10 flag tells psexec t0 wait 10 seconds before it times out the PC, instead of 60 (I believe this is the default). -c copies the file (jkdefragcmd.exe) to the remote system. The flag -f forces copying, even if the file exists. The flag -d doesn't wait for the process to terminate, this is as asynchronously as I can do.<br /><br />My next step is to hook this up to task scheduler and have it run the first Sunday or something.Steve Lipperthttp://www.blogger.com/profile/05594099167707263609noreply@blogger.com0