sysRESTART

 file -bi generic.txt file generic.txt

  ### backupscript.sh export RESTIC_REPOSITORY=sftp:administrator@172.16.7.1:/e:/resticroot ##this is a windows sftp server export RESTIC_PASSWORD=passwordstring restic --verbose backup /srv if [ $? -ne 0 ] then   sed -i '1s/^/Subject: restic error\n/' /root/restic_jobs/transcript.log   cat /root/restic_jobs/transcript.log | ssmtp -vvv email@provider.com fi restic --verbose forget --keep-last 2 --prune         if [ $? -ne 0 ] then sed -i '1s/^/Subject: restic error\n/' /root/restic_jobs/transcript.log cat /root/restic_jobs/transcript.log | ssmtp -vvv email@provider.com fi #### ssmtp.conf # # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. root=postmaster # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com #mailhub=mail # Where will the mail seem to come from? #rewriteDomain= #...

Long story shorts. Old blade, non-free firmware, not working.   1. Manually download the 7.13.21.0 firmware files from https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/bnx2x 2. Put the files in /lib/firmware/bnx2x 3. Run update-initramfs -u 4. Reboot this to mirror from bug JIC:  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006500 

wbadmin start backup -backupTarget:\\10.10.1.2\BackupVM\vm-name\ -hyperv:"vm-name" -quiet

scenario:  you do no have rights (formally) to install software on your managed Windows Server:  from elevated prompt: netsh trace start capture=yes tracefile=C:\TEMP\trace1.etl persistent=yes maxsize=4096 #at the end of your network debugging operation: netsh trace stop copy your trace1.etl, open it with Microsoft Network Monitor :  Microsoft Network Monitor 3.4 go to Tools>Options>Parser Profile. Select Windows and click on Set as Active. analyze network traffic.

 ./nmap --script ssl-enum-ciphers -p 443 website.Here #carefull, NOT HTTPS://, only DNS record WARNING: Could not import all necessary Npcap functions. You may need to upgrade to the latest version from https://npcap.org. Resorting to connect() mode -- Nmap may not function completely Starting Nmap 7.92 ( https://nmap.org ) at 2022-08-11 14:35 W. Europe Daylight Time Nmap scan report for website.Here Host is up (0.14s latency). PORT    STATE SERVICE 443/tcp open  https | ssl-enum-ciphers: |   TLSv1.2: |     ciphers: |       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ecdh_x25519) - A |       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ecdh_x25519) - A |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A |       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A |       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A |       TLS_RSA_WITH_...

  https://ciphersuite.info/

 from an HP Enclosure (BladeSystem C700) to a blade: Use Internet Explorer (I know.) add Enclosure onboard administration IP and blade ILO IP to "Compatibility view" in IEXPLORE ilo2 blade ( autologin ) retype https://ILO_BLADE_IP/dvc.cab extract dvc.cab copy "dvc.dll" wherever you want (c:\dvc.dll) open elevated command prompt regsvr32 dvc.dll connect to Integrated Remote Console enjoy the old 2008 system Don't know if this will work, for now It works from WS2012R2. 

readability on config files: egrep -v "^$|^#" /etc/ssh/sshd_config_dirty  ← easy egrep -v "^:space:*$|^#" /etc/ssh/sshd_config egrep -v "^:space:*$|^#" sshd_config egrep -v "^:space:*$|^ \*|^.*/\*|^/\*|^$" 

Random sketches:  this is to solve the problem that a WS2012R2 server can't connect to an AWS server because of cipher suites mismatch. The WS2012R2 will never get that cipher suites so.. install from source (squid 5.5). on paravirtualized add  --disable-arch-native apt-get install build-essential openssl libssl-dev pkg-config ./configure --with-default-user=proxy --with-openssl --enable-ssl-crtd make make install Squid.conf: acl localnet src 0.0.0.1-0.255.255.255  # RFC 1122 "this" network (LAN) acl localnet src 10.0.0.0/8             # RFC 1918 local private network (LAN) acl localnet src 100.64.0.0/10          # RFC 6598 shared address space (CGN) acl localnet src 169.254.0.0/16         # RFC 3927 link-local (directly plugged) machines acl localnet src 172.16.0.0/12          # RFC 1918 local private network (LAN) acl localnet src 192.168.0.0/16    ...

on Powershell  New-VMSwitch -SwitchName "NAT_192-168-140-0" -SwitchType Internal get-netadapter # prendi l'interfaceIndex del vswitch per il comando dopo New-NetIPAddress -IPAddress 192.168.140.1 -PrefixLength 24 -InterfaceIndex XX # preso da prima New-NetNAT -Name "NATnetwork_192-168-140-0" -InternalIPInterfaceAddressPrefix 192.168.140.0/24  

preface: A Windows Server 2012 R2 domain joined, I'm not a Domain Admin on the customer AD, I'm a Local Server Administrator.    After enabling the SSL Cipher Suites order policy and a reboot, RDP connection getting refused, "an internal error occurred" and other error messages. I just realized that I didn't followed the instructions correctly, closing me out: 1. Open a blank notepad document. 2. Copy and paste the list of available suites into it. 3. Arrange the suites in the correct order; remove any suites you don't want to use. 4. Place a comma at the end of every suite name except the last. Make sure there are NO embedded spaces. 5. Remove all the line breaks so that the cipher suite names are on a single, long line. 6. Copy the cipher-suite line to the clipboard, then paste it into the edit box. The maximum length is 1023 characters. I completely miss the 4 and 5 points.  following a way to solve the mistake:  from another Domain joined Server, open MMC ...

 yaml file:  --- apiVersion : cert-manager.io/v1 kind : ClusterIssuer metadata :   name : deploy-production spec :   acme :     # You must replace this email address with your own.     # Let's Encrypt will use this to contact you about expiring     # certificates, and issues related to your account.     email : name.surname@email.com     server : https://acme-v02.api.letsencrypt.org/directory     privateKeySecretRef :       # Secret resource that will be used to store the account's private key.       name : deploy-production     # Add a single challenge solver, HTTP01 using nginx     solvers :     - http01 :         ingress :           class : nginx --- apiVersion : cert-manager.io/v1 kind : Certificate metadata :   name : www.website.com spec :   secretName : www.website.com.tls.prod   iss...

  // Uses Declarative syntax to run commands inside a container. def project = 'node' pipeline {         agent { label 'the_agent' }                  environment {     project = 'node'          }     stages {         stage( 'check agent hostname' ) {             steps {                 sh 'hostname'             }                      }                   stage( 'docker version' ) {             steps {                 sh 'docker -v'                             }         }         ...

 Generare un PFX per Windows da certificati separati:  .\Openssl pkcs12 -export -out final_cert.pfx -inkey private.key -in intermediate.cer -in certificate.crt

Dove trovare ottime informazioni relative alla configurazione di server e applicazioni Windows / Linux, senza troppe spiegazioni:  https://www.server-world.info/en/

come effettuare webrequest attraverso un proxy : curl -x http://proxy_ip:proxy_port https://www.website.com