lparstat - AIX

Guestbook

LPAR statistics

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
$ lparstat -i
Node Name                                  : spuxifdb01
Partition Name                             : spuxifdb01
Partition Number                           : 3
Type                                       : Shared-SMT-8
Mode                                       : Capped
Entitled Capacity                          : 6.40
Partition Group-ID                         : 32771
Shared Pool ID                             : 0
Online Virtual CPUs                        : 7
Maximum Virtual CPUs                       : 12
Minimum Virtual CPUs                       : 1
Online Memory                              : 196608 MB
Maximum Memory                             : 393216 MB
Minimum Memory                             : 16384 MB
Variable Capacity Weight                   : 0
Minimum Capacity                           : 1.00
Maximum Capacity                           : 12.00
Capacity Increment                         : 0.01
Maximum Physical CPUs in system            : 16
Active Physical CPUs in system             : 12
Active CPUs in Pool                        : 12
Shared Physical CPUs in system             : 12
Maximum Capacity of Pool                   : 1200
Entitled Capacity of Pool                  : 890
Unallocated Capacity                       : 0.00
Physical CPU Percentage                    : 91.43%
Unallocated Weight                         : 0
Memory Mode                                : Dedicated
Total I/O Memory Entitlement               : -
Variable Memory Capacity Weight            : -
Memory Pool ID                             : -
Physical Memory in the Pool                : -
Hypervisor Page Size                       : -
Unallocated Variable Memory Capacity Weight: -
Unallocated I/O Memory entitlement         : -
Memory Group ID of LPAR                    : -
Desired Virtual CPUs                       : 7
Desired Memory                             : 196608 MB
Desired Variable Capacity Weight           : 0
Desired Capacity                           : 6.40
Target Memory Expansion Factor             : -
Target Memory Expansion Size               : -
Power Saving Mode                          : Dynamic Power Savings (Favor Performance)
Sub Processor Mode                         : -

BitLocker - Linux

Guestbook

Install dislocker (Linux Mint 22)

1
sudo apt -y install dislocker

Identify BitLocker USB

1
2
3
4
5
6
7
8
9
$ lsblk
NAME              MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda                 8:0    0 476.9G  0 disk 
├─sda1              8:1    0   512M  0 part /boot/efi
└─sda2              8:2    0 476.4G  0 part 
  ├─vgmint-root   252:0    0 472.8G  0 lvm  /
  └─vgmint-swap_1 252:1    0   3.6G  0 lvm  [SWAP]
sdb                 8:16   1 953.7G  0 disk 
└─sdb1              8:17   1 953.6G  0 part     <<<---- BitLocker USB Thumb Drive

Prepare 2 folder

1
$ sudo mkdir /media/bitlocker /media/bitlocker-loop

Mount BitLocker Drive

1
2
$ sudo dislocker -V /dev/sdb1 /media/bitlocker-loop/ -uBITLOCKERPASSWD
$ sudo mount /media/bitlocker-loop/dislocker-file /media/bitlocker

Un-Mount BitLocker Drive

1
2
$ sudo umount /media/bitlocker
$ sudo umount /media/bitlocker-loop

TFTP - Linux

Guestbook

Install TFTP server (AlmaLinux 8.10)

1
2
3
mount /dev/sr0 /media/
rpm -ivh /media/AppStream/Packages/tftp-server-5.2-27.el8.x86_64.rpm
rpm -Uivh /media/AppStream/Packages/tftp-5.2-27.el8.x86_64.rpm

Configure TFTP server

1
2
cp /usr/lib/systemd/system/tftp.service /etc/systemd/system/tftp-server.service
cp /usr/lib/systemd/system/tftp.socket /etc/systemd/system/tftp-server.socket

Configure TFTP Server Service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
vi /etc/systemd/system/tftp-server.service

[Unit]
Description=TFTP Server
Requires=tftp-server.socket
Documentation=man:in.tftpd

[Service]
ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
StandardInput=socket

[Install]
WantedBy=multi-user.target
Also=tftp-server.socket

Set correct tftp permission

1
chmod 777 /var/lib/tftpboot/

Enable TFTP Server

1
2
3
systemctl daemon-reload
systemctl enable --now tftp-server
systemctl status tftp-server

Basic Administration - Symantec DCS:SA

Guestbook

Show current configuration

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# su - sisips -c "/opt/Symantec/sdcssagent/IPS/bin/sisipsconfigtool -v"
---------------------------------------------------------------------------
Agent Configuration Tool version 6.8.2.756
---------------------------------------------------------------------------

Server Host List - 192.168.233.105,192.168.233.106
Current Management Server - 192.168.233.105
Port - 443
Protocol - https
Failback Interval - 60 minutes
Utilities Service Port - 2323
CertFile - /opt/Symantec/sdcssagent/IPS/certs/keystore
Tracing - false
Force Retranslation - false
Prevention Feature - enabled

Update a new server agent-ssl certification

1
2
3
4
5
# su - sisips -c "/opt/Symantec/sdcssagent/IPS/bin/sisipsconfigtool -certfile /tmp/agent-cert.ssl"
---------------------------------------------------------------------------
Agent Configuration Tool version 6.8.2.756
---------------------------------------------------------------------------
The cert file has been modified

Self-register

1
2
3
4
5
# su - sisips -c "/opt/Symantec/sdcssagent/IPS/bin/sisipsconfigtool -forcereg"
---------------------------------------------------------------------------
Agent Configuration Tool version 6.8.2.756
---------------------------------------------------------------------------
The agent will be forced to reregister

Update management server host

1
2
3
4
5
6
7
8
9
10
11
12
13
14
root@sduxapps01:/root# su - sisips -c "/opt/Symantec/sdcssagent/IPS/bin/sisipsconfigtool -h 10.114.234.105"
---------------------------------------------------------------------------
Agent Configuration Tool version 6.8.2.756
---------------------------------------------------------------------------
The Management Server host list has been modified

root@sduxapps01:/root# su - sisips -c "/opt/Symantec/sdcssagent/IPS/bin/sisipsconfigtool -t 1"
---------------------------------------------------------------------------
Agent Configuration Tool version 6.8.2.756
---------------------------------------------------------------------------

Testing connection to server 10.114.234.105

Connection to server successful

Stop and start UNIX agent (AIX, Linux)

1
2
3
4
5
6
7
/opt/Symantec/sdcssagent/IDS/bin/sisidsagent stop
/opt/Symantec/sdcssagent/IPS/bin/sisipsagent stop
/opt/Symantec/sdcssagent/IPS/bin/sisipsutil stop

/opt/Symantec/sdcssagent/IDS/bin/sisidsagent start
/opt/Symantec/sdcssagent/IPS/bin/sisipsagent start
/opt/Symantec/sdcssagent/IPS/bin/sisipsutil start

Gather AIX agent log for support (Broadcom)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# rpm -ql sdcss-6.9.0-448.aix.ppc | grep -i get
/opt/Symantec/sdcssagent/IPS/tools/getagentinfo.sh

# /opt/Symantec/sdcssagent/IPS/tools/getagentinfo.sh
Collecting Install Logs...
Collecting System Info...
Collecting syslog.conf File...
Collecting syslog Files...
Collecting System Startup Info...
Collecting Agent Logs...
Collecting symantec dir...
Collecting AMD Configuration Settings...
Collecting IPS Configuration Settings...
Collecting IDS Configuration Settings...
Collecting Agent Environment Settings...
Collecting Agent Core Files...
Collecting audit information for AIX platform
Collecting /etc/security/audit
Collecting the output of running /usr/sbin/audit query
Collecting the output of audit directory
Gathering snap data (this may take a couple minutes)...
Zipping Info...
Cleaning Up...

*** Please send the Info File:
***   /tmp/20250207_103247_0001_CU_ppuxinap01.tar.gz
*** to Broadcom

Show loaded modules status

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# /usr/lib/symantec/status.sh
Symantec Agent for Linux
Symantec Data Center Security Server Agent (DCS) 6.9.3.2543

Daemon status:
  sisamdagent          running
  sisidsagent          running
  sisipsagent          running
  sisipsutil           running

Module status:
  sisips               not loaded
  sisfim               not loaded
  sisevt               not loaded
  sisap                not loaded

[root@sulxmail02 ~]# mokutil --sb-state
SecureBoot enabled

[root@sulxmail02 ~]# mokutil --sb-state
SecureBoot disabled
[root@sulxmail02 ~]# /usr/lib/symantec/status.sh
Symantec Agent for Linux
Symantec Data Center Security Server Agent (DCS) 6.9.3.2543

Daemon status:
  sisamdagent          running
  sisidsagent          running
  sisipsagent          running
  sisipsutil           running

Module status:
  sisips               loaded
  sisfim               loaded
  sisevt               loaded
  sisap                loaded

AMD

1
2
/opt/Symantec/sdcssagent/AMD/sef/Logs/lux.log
/opt/Symantec/sdcssagent/AMD/system/AntiMalware.ini

Network - VMWare ESXi

Guestbook

Show the IP address of each interface and the subnet mask.

1
2
3
4
5
[root@suvmesxi13:~] esxcli network ip interface ipv4 get
Name  IPv4 Address    IPv4 Netmask   IPv4 Broadcast   Address Type  Gateway        DHCP DNS
----  --------------  -------------  ---------------  ------------  -------------  --------
vmk1  192.168.239.90  255.255.255.0  192.168.239.255  STATIC        192.168.233.1     false
vmk0  192.168.233.69  255.255.255.0  192.168.233.255  STATIC        192.168.233.1     false

yum - Linux

Guestbook

Local DVD media repository (/etc/yum.repos.d/media.repo)

1
2
3
4
5
6
7
8
9
10
11
12
13
[DVD-BaseOS]
name=DVD for RHEL - BaseOS
baseurl=file:///media/BaseOS
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

[DVD-AppStream]
name=DVD for RHEL - AppStream
baseurl=file:///media/AppStream
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

Stops the subscription manager from interfering with package management.

1
2
3
vi /etc/yum/pluginconf.d/subscription-manager.conf
[main]
enabled=0

grep - Linux

Guestbook

Search all file from current directory

1
2
3
4
$ grep -nri error *

-r = recursive
-i = case in sensative

seq - Linux

Guestbook

List 11 days date from 2023-12-01

1
2
3
4
5
6
7
8
9
10
11
12
# for i in $(seq -w 0 10); do date -d "2023-12-01 +$i days" +%Y%m%d; done
20231201
20231202
20231203
20231204
20231205
20231206
20231207
20231208
20231209
20231210
20231211

ghostscript - Linux

Guestbook

Download ghostscript source code

1
# wget https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs10040/ghostscript-10.04.0.tar.gz

Install required software

1
# yum -y install gcc make

Compile and install (/usr)

1
2
3
4
5
# tar zvxf ghostscript-10.04.0.tar.gz
# cd ghostscript-10.04.0
# ./configure --prefix=/usr   	(11.76s)
# make -j`nproc`		(1m39s)
# make install			(2.19s)

Verify

1
2
3
4
5
6
# which gs
/usr/bin/gs

# gs -version
GPL Ghostscript 10.04.0 (2024-09-18)
Copyright (C) 2024 Artifex Software, Inc.  All rights reserved.