Network Mapper (namp)

Guestbook

Scan a single IP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# nmap 192.168.0.90
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-12-19 08:58 HKT
Nmap scan report for 192.168.0.90
Host is up (0.016s latency).
Not shown: 995 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
8080/tcp open  http-proxy
8081/tcp open  blackice-icecap

Nmap done: 1 IP address (1 host up) scanned in 0.43 seconds

Scan with built-in script

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# nmap -sC 192.168.0.90
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-12-19 08:59 HKT
Nmap scan report for 192.168.0.90
Host is up (0.020s latency).
Not shown: 995 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
|_http-title: IBM HTTP Server
111/tcp  open  rpcbind
| rpcinfo:
|   program version    port/proto  service
|   100000  2,3,4        111/tcp   rpcbind
|   100000  2,3,4        111/udp   rpcbind
|   100000  3,4          111/tcp6  rpcbind
|_  100000  3,4          111/udp6  rpcbind
8080/tcp open  http-proxy
|_http-favicon: Apache Tomcat
|_http-title: Apache Tomcat/10.1.48
8081/tcp open  blackice-icecap

Nmap done: 1 IP address (1 host up) scanned in 1.44 seconds

Scan for vulnerability

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# nmap --script vuln 192.168.0.90
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-12-19 08:56 HKT
Nmap scan report for 192.168.0.90
Host is up (0.023s latency).
Not shown: 995 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
| http-internal-ip-disclosure:
|_  Internal IP Leaked: 127.0.0.1
|_http-dombased-xss: Couldn't find any DOM based XSS.
111/tcp  open  rpcbind
8080/tcp open  http-proxy
| http-slowloris-check:
|   VULNERABLE:
|   Slowloris DOS attack
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2007-6750
|       Slowloris tries to keep many connections to the target web server open and hold
|       them open as long as possible.  It accomplishes this by opening connections to
|       the target web server and sending a partial request. By doing so, it starves
|       the http server's resources causing Denial Of Service.
|
|     Disclosure date: 2009-09-17
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
|_      http://ha.ckers.org/slowloris/
8081/tcp open  blackice-icecap

Nmap done: 1 IP address (1 host up) scanned in 67.76 seconds

nmap scripts

1
# ls -l /usr/share/nmap/scripts

nmap

Guestbook

Scan all opened port

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
C:\> nmap -p- 192.168.22.152
Starting Nmap 7.98 ( https://nmap.org ) at 2025-12-03 02:05 +0800
Nmap scan report for 192.168.22.152
Host is up (0.0025s latency).
Not shown: 65512 closed tcp ports (reset)
PORT      STATE    SERVICE
22/tcp    open     ssh
25/tcp    open     smtp
80/tcp    open     http
110/tcp   open     pop3
111/tcp   open     rpcbind
143/tcp   open     imap
443/tcp   open     https
517/tcp   filtered talk
518/tcp   filtered ntalk
993/tcp   open     imaps
995/tcp   open     pop3s
2000/tcp  open     cisco-sccp
2222/tcp  open     EtherNetIP-1
5060/tcp  open     sip
6008/tcp  open     X11:8
6014/tcp  open     x11
6080/tcp  open     gue
6443/tcp  open     sun-sr-https
7080/tcp  open     empowerid
8008/tcp  open     http
8080/tcp  open     http-proxy
10000/tcp open     snet-sensor-mgmt
20000/tcp open     dnp

Nmap done: 1 IP address (1 host up) scanned in 12.53 seconds

Apache Tomcat 10.1.48 Installation

Guestbook

Create Tomcat user account (Linux)

1
2
# useradd tomcat
# passwd tomcat

Java 11

1
2
3
4
5
6
7
8
9
# tar xzvf openjdk-11.0.2_linux-x64_bin.tar.gz
# mv jdk-11.0.2 /opt/
# chown -fR tomcat:tomcat /opt/jdk-11.0.2

Verify Java
# /opt/jdk-11.0.2/bin/java -version
openjdk version "11.0.2" 2019-01-15
OpenJDK Runtime Environment 18.9 (build 11.0.2+9)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.2+9, mixed mode)

Apache Tomcat 10.1.48

1
2
3
4
# unzip apache-tomcat-10.1.48.zip
# mv /tmp/apache-tomcat-10.1.48 /opt
# chown -fR tomcat:tomcat /opt/apache-tomcat-10.1.48
# chmod -fR u+x /opt/apache-tomcat-10.1.48/bin

Create systemd service for tomcat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
[/etc/systemd/system/tomcat.service]
[Unit]
Description=Tomcat
After=network.target

[Service]
Type=forking

User=tomcat
Group=tomcat

Environment="JAVA_HOME=/opt/jdk-11.0.2"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat"
Environment="CATALINA_HOME=/opt/tomcat"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/shutdown.sh

RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

Create tomcat user

1
2
3
4
5
6
7
8
9
10
/opt/apache-tomcat-10.1.48/conf/tomcat-users.xml
...
<!-- user manager can access only manager section -->
<role rolename="manager-gui" />
<user username="manager" password="password" roles="manager-gui" />

<!-- user admin can access manager and admin section both -->
<role rolename="admin-gui" />
<user username="admin" password="password" roles="manager-gui,admin-gui" />
...

Enable remote access tomcat

1
2
3
4
5
6
7
8
9
10
11
[/opt/apache-tomcat-10.1.48/webapps/manager/META-INF/context.xml]
..
<!--  <Valve className="org.apache.catalina.valves.RemoteCIDRValve"
         allow="127.0.0.0/8,::1/128" /> -->
..

[/opt/apache-tomcat-10.1.48/webapps/host-manager/META-INF/context.xml]
..
<!--  <Valve className="org.apache.catalina.valves.RemoteCIDRValve"
         allow="127.0.0.0/8,::1/128" />  -->
..

Change default port 8080 to 8081

1
2
3
4
5
6
7
8
[/opt/apache-tomcat-10.1.48/conf/server.xml]
...
    <Connector port="8081" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443"
               maxParameterCount="1000"
               />
...

Stop / Start tomcat service, using systemctl

1
2
# systemctl daemon-reload
# systemctl enable tomcat --now

ITM Agent Commands

Guestbook

Check ITM agent status (Windows)

1
2
3
4
5
6
7
8
9
10
C:\IBM\ITM\InstallITM>KinCInfo.exe -r
*********** Monday, October 06, 2025 02:03:10 PM ************
User       : adadm                 Group     : NA
Host Name  : PPWSVADB01            Installer : Ver: 063007190
CandleHome : C:\IBM\ITM
Installitm : C:\IBM\ITM\InstallITM
*************************************************************
Host       Prod PID     Owner               Start       Status     Task
PPWSVADB01 NT   0011148 NT AUTHORITY\SYSTEM 13:45:13 PM ...Running Primary
PPWSVADB01 IN   0012004 CRDOMAIN\adadm      13:55:55 PM ...Running Manage_Tivoli_Enterprise_Monitoring_Services

show initiators - MSA2060

Guestbook
Show Initiators
1
2
3
4
5
6
7
8
9
10
11
12
13
# show initiators

Waiting for system to finish computing health...
Nickname         Discovered Mapped Profile  Host Type  ID
-------------------------------------------------------------------------
quvmesxi02_s2p0  Yes        Yes    Standard FC         100008f1eac08821
quvmesxi02_s3p0  Yes        Yes    Standard FC         100008f1eac078c3
quvmesxi04_s2p0  Yes        Yes    Standard FC         100008f1eac0887b
quvmesxi04_s3p0  Yes        Yes    Standard FC         100008f1eac07818
quvmesxi06_s2p0  Yes        Yes    Standard FC         100008f1eac0883c
quvmesxi06_s3p0  Yes        Yes    Standard FC         100008f1eac088de
-------------------------------------------------------------------------
Success: Command completed successfully. (2025-05-19 15:28:31)

Log Gathering (snap) - AIX

Guestbook

Clear previous snap content

1
2
3
# snap -r

# snap -r /somewhere/snap

Generate snap

1
2
3
# snap -ac  # default directory: /tmp/ibmsupt/

# snap -ac -d /somewhere/snap

Activate Windows with KMS - Windows

Guestbook

Activate Windows 10

Install KMS client key
1
slmgr /ipk W269N-WFGWX-YVC9B-4J6C9-T83GX
Set KMS machine address
1
2
slmgr /skms kms8.msguides.com
slmgr /skms 172.16.0.99
Activate your Windows
1
slmgr /ato