Monday, July 15, 2013

cisco eigrp primer from a friend and colleague, jason aquino

a friend and colleague, jason aquino, has put together a very thorough cisco eigrp overview. this is his first blog entry and i feel it is done very well, if advanced cisco routing is of interest to you then i feel that you will like the blog entry, here is the link, enjoy!

jason aquino's network engineering (cisco) blog

Monday, August 13, 2012

p2v physical to virtual migration notes

i am in the process of migrating several windows xp and windows server 2003 systems from their physical hardware to a virtual platform.

i am running the microsoft sysinternals tool, disk2vhd, on the source system as it is runing, disk2vhd makes use of shadow copy in order to create a hard drive image of the running system and its in use files, very handy for systems which you cannot take offline for too long at all!

i am porting the resultant vhd files to mac pro hardware running mac osx and virtual box virtualization software. i have run across a non boot issue, the system will try to boot but freeze upon attempting to load acpitabl.dat! the fix i am finding so far, is to restore c:\windows\system32\hal.dll and c:\windows\system32\ntoskrnl.exe, i am using the windows server 2003 r2 install cd to get the files.

here are the steps i took:

1) boot off of the windows server installation disc
2) press R to access the recovery console
3) select the system folder on the system disk, in most cases this will be 1
4) enter the local administrator's password
5) go to the disc drive, in my case it is an e:\ drive so i would type e: then press enter
6) go to the I386 folder on the disc, in my case i would type cd e:\i386 then press enter
7) restore hal.dll by typing this and pressing enter: expand hal.dl_
8) type y and press enter to tell the system it is okay to replace hal.dll
9) restore ntoskrnl.exe by typing this and pressing enter: expand ntoskrnl.ex_
10) type y and press enter to tell the system it is okay to replace ntoskrnl.exe
11) reboot!

this seems to do the trick for me, i do want to mention that i have been having the most success using virtual box's ide hard drive mode as well.


vhd format may cause issues with corruption in cases where data is being written to a vhd file and the file itself has not been able to grow itself properly. i ran across this issue with a windows 2003 server that had been running great for several months after porting it from the physical machine it once lived on. to resolve this, i converted the vhd file to a vdi format file, i used the VBoxManage tool that comes with oracle's virtual box to perform the conversion, in my case the command was:

1) open terminal up and change directories to the location you have stored your vhd file like cd /VirtualMachines/HardDisks/vhd-clonethese/
2) assuming the file you would like to convert is myvirtualharddrive.vhd you would issue the command VBoxManage clonehd --format VDI myvirtualharddrive.vhd  myvirtualharddrive.vdi
3) after waiting awhile the file will convert and you will have a nice and safe vdi format virtual hard drive file to load up into your virtual server

Tuesday, March 8, 2011

get the password from an osx 10.5 leopard user account

sometimes we have business need to log in as an ex employee, on a mac it is handy to be able to retain the user's keychain, if we use the standard password reset means we will lose access to the keychain, therefore it is handy to gain access to the user's password so as to retain keychain access

using the latest john the ripper, here is the process i used to complete this procedure on a 10.5.8 mac system

1) extract guid for user:
dscl localhost -read /Search/Users/$username | grep GeneratedUID | cut -c15-

will return the guid, similar to this:

2) extract hashes:
cat /var/db/shadow/hash/$guid | cut -c169-216

will return the sha1 hash like this:

3) create a text file with the user's username:passwordhash like:
duder: 4C7C490529E21548221182CD40EEC6EC80026D61E0901F82

4) run john the ripper on the file, that's it!

Tuesday, January 4, 2011

tabloid landscape printing issues on mac osx 10.6.5

the issue:
tabloid size printing (11x17) landscape does not work properly, the print is done in portrait mode when it should be landscape, all other paper sizes work with landscape mode without issue

the reason:
apple changed some files in the printing subsystem they are using (cups) between mac osx 10.6.4 and 10.6.5

the fix:
replace /usr/libexec/cups/filter/pstops on the 10.6.5 installation with the same file from a 10.6.4 installation. i have an archive of that file for my own purposes here:

make sure you are root or sudo to a bash shell, we are going to shut down the print server (cupsd), move the old pstops file, pop the new file in, correct permissions on the new pstops, then restart, here we go:

mkdir /tmp
cd /tmp
curl -O
unzip pstops
launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
mv /usr/libexec/cups/filter/pstops /usr/libexec/cups/filter/pstops-OLD-10.6.4
cp pstops /usr/libexec/cups/filter/pstops
chown root:wheel /usr/libexec/cups/filter/pstops
chmod 0555 /usr/libexec/cups/filter/pstops
shutdown -r now

once the system reboots, give it a try and you should be printing tabloid size in landscape mode without issues...well, at least until 10.6.6 comes out ;)

Monday, December 13, 2010

mobile broadband 5720 evdo rev-a error 9999 when using dell mobile broadband card utility (dmbcu)

had this error on a work computer today, everything was up to date, reinstalled the latest drivers, no dice

after digging around i found the fix on the dell support forums here -

here's the fix -

So, to check for this situation, do this:
1. Launch Internet Explorer
2. Using IE's menus, Select Tools->Manage Add-ons->Enable or Disable Add-ons
3. In the 'Show' drop-down listbox, Select 'Add-ons that run without requiring permission'
4. If any of the MeadCo Zeepe Add-ons are disabled, Enable THEM!
5. Exit IE
6. Restart IE and check that the configuration stayed.


Tuesday, August 10, 2010

disable and turn off ipv6 in ubuntu linux

i am doing this on ubuntu linux 10.*

you must of course sudo or be root before proceeding

edit /etc/sysctl.conf

add the following lines to the bottom of the file:
#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

now reboot, or reinitialize sysctl by issuing this command:
sysctl -p

Friday, May 28, 2010

outbound smtp on osx leopard, enabling postfix for mail blasting

if you have a mac lying around and not being used, it can be setup fairly easily to be an smtp email server

this could come in handy for a company that doesn't have exchange, is using hosted email with relay limits such as godaddy and their 250 relays per day, and needs to regularly send a large number of emails out to clients as well as internal staff

we are going to use the built in postfix email server that is part of osx leopard, we will set it up so that the email server will look to the local osx user database, any user account setup on the osx box will be able to be used for sending email, so when you need a new email user just add a regular osx user instead of having to setup sasl lists

first thing we need to do is enable it, to do so navigate to:

let's open this file up and edit it, i prefer using the vi editor. right before the closing </dict> tag we need to add some parameters, these will enable postfix to start when the computer boots up, so add this line right before that tag:
<key>OnDemand</key> <false /> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/>

we can either use launchctl to start it up right now, or we can reboot, to use launchctl make sure you're root or sudo the command:

once in the launchctl prompt do:
start org.postfix.master

after this, let's check netstat:
netstat -a | grep smtp

we should then see localhost listening for smtp connections, like this:
tcp4 0 0 localhost.smtp *.* LISTEN

next we need to make changes to /etc/postfix/
smtpd_pw_server_security_options=plain, login
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_auth_destination, reject
mynetworks =

lastly we will want to tell postfix which networks to accept mail from, for my purposes i only want to accept mail from machines in our local subnet, there is an option called mynetworks_style that has a choice of subnet that should be acceptable for most people's uses, since the box i am setting up will be multihomed with 1 of the ips being public, i don't want to use that option for obvious reasons, instead of the mynetworks_style option i will use the mynetworks option like this:
mynetworks =

i am in a cidr network, most folks won't be, if we were in a standard class c network it'd look something like this:
mynetworks =

last thing here, the default file size is far too small for my purposes, i need to be able to send out at least 5 dvd's worth of date, 5 * 4.7gb = 23.5gb, just kidding! seriously if we can send out 20mb then i'm happy and my users will be too (keep in mind, it isn't uncommon to run across a system you are sending to that has a 10mb file size limit!), so we'll open up our and change the parameter named message_size_limit, like this:
message_size_limit = 20480000

after this, restart the server or restart postfix, as root you can do this to restart postfix:
postfix reload

that should be it!

here are some handy commands for postfix

Reload launchctl after plist edit:
sudo launchctl load /System/Library/LaunchDaemons/org.postfix.master.plist

List active plist files:
launchctl list

Start up/test updated plist:
sudo launchctl start org.postfix.master

Send a test email:

Check the mail queue:

Clear the mail queue:
sudo postsuper -d ALL

Editing the configuration file:
vi /etc/postfix/

Reloading postfix after changes:
sudo postfix reload

Starting and Stopping postfix:
sudo postfix stop
sudo postfix start

UPDATE - 01/03/2010 - i have noticed mac osx will sometimes overwrite values in /etc/postfix/

in particular the inet_interfaces value was changed on my installation. it was changed from all, to localhost, of course this made postfix only listen on localhost thus causing a connection error when clients attempted to mail through this system, changing inet_interfaces from localhost to all then rebooting is the simplest way to resolve this issue.